TEE Time at P4—Performance Analysis of Trusted Execution Environments for Packet Processing

Modern computer networks, such as 5G/6G networks, require high-performance, low-latency, and secure packet processing while ensuring data confidentiality in cloud environments. Trusted Execution Environments (TEEs) address these security requirements and provide encrypted memory areas that protect sensitive data from untrusted cloud providers. This paper presents a performance analysis of TEE technologies, specifically Intel SGX and AMD SEV-SNP, in the context of software-based user-space packet processing with DPDK and the P4 language. We evaluate two architectural approaches: (1) integrating TEEs as external processing modules implemented with SGX and (2) executing the entire P4 pipeline inside a TEE using AMD-SEV. Our analysis examines computational and I/O overhead across different CPU architectures. The results show the trade-offs between TEE designs, implementations, and performance, demonstrating that AMD SEV-SNP offers better scalability with lower performance penalties compared to Intel SGX.