aalto1 untyped-item.component.html
Late breaking results: Authenticated call stack
Loading...
Access rights
openAccess
acceptedVersion
URL
Journal Title
Journal ISSN
Volume Title
A4 Artikkeli konferenssijulkaisussa
This publication is imported from Aalto University research portal.
View publication in the Research portal (opens in new window)
View/Open full text file from the Research portal (opens in new window)
View publication in the Research portal (opens in new window)
View/Open full text file from the Research portal (opens in new window)
Authors
Liljestrand, Hans
Nyman, Thomas
Ekberg, Jan Erik
Asokan, N.
Date
Department
Major/Subject
Mcode
Degree programme
Language
en
Pages
2
Series
Proceedings of the 56th Annual Design Automation Conference 2019, DAC 2019, Proceedings - Design Automation Conference
Abstract
Shadow stacks are the go-to solution for perfect backward-edge control-flow integrity (CFI). Software shadow stacks trade off security for performance. Hardware-assisted shadow stacks are efficient and secure, but expensive to deploy. We present authenticated call stack (ACS), a novel mechanism for precise verification of return addresses using aggregated message authentication codes. We show how ACS can be realized using ARMv8.3-A pointer authentication, a new low-overhead mechanism for protecting pointer integrity. Our solution achieves security comparable to hardware-assisted shadow stacks, while incurring negligible performance overhead (< 0.5%) but requiring no additional hardware support.
Description
Keywords
Other note
Citation
Liljestrand, H, Nyman, T, Ekberg, J E & Asokan, N 2019, Late breaking results: Authenticated call stack. in Proceedings of the 56th Annual Design Automation Conference 2019, DAC 2019., 223, Proceedings - Design Automation Conference, ACM, Annual Design Automation Conference, Las Vegas, Nevada, United States, 02/06/2019. https://doi.org/10.1145/3316781.3322469