This work exposes a fundamental vulnerability in trusted execution environments (TEEs), such as Intel SGX: time sources reside outside the trusted computing base (TCB), rendering them susceptible to manipulation by malicious operating systems—e.g., via clock rate skewing or abrupt time jumps—which can propagate anomalous time values to honest nodes through the Triad trusted time protocol, causing global time discontinuities. The authors present the first open-source implementation of Triad, systematically model its behavior, and empirically demonstrate its fragility under scheduler-level attacks. To address this, they propose an enhanced protocol resilient to cross-node time-jump propagation, significantly improving robustness against adversarial clock manipulation. Experimental evaluation confirms that the solution effectively contains time contamination while preserving protocol efficiency and lightweight design, thereby substantially strengthening the security of TEE-based time services.

The logic of many protocols relies on time measurements. However, in Trusted Execution Environments (TEEs) like Intel SGX, the time source is outside the Trusted Computing Base: a malicious system hosting the TEE can manipulate that TEE's notion of time, e.g., jumping in time or affecting the perceived time speed. Previous work like Triad propose protocols for TEEs to maintain a trustworthy time source. However, in this paper, based on a public implementation of Triad that we contribute, we empirically showcase vulnerabilities to this protocol. For example, an attacker controlling the operating system, and consequently the scheduling algorithm, may arbitrarily manipulate their local TEE's clock speed. What is worse, in case of faster malicious clock speeds, an attacker on a single compromised machine may propagate the attack to honest machines participating in Triad's Trusted Time protocol, causing them to skip to timestamps arbitrarily far in the future. Then, infected honest machines propagate time-skips themselves to other honest machines interacting with them. We discuss protocol changes to Triad for higher resilience against such attacks.