Late breaking results: Authenticated call stack

Loading...
Thumbnail Image
Journal Title
Journal ISSN
Volume Title
Conference article in proceedings
Date
2019-06-02
Major/Subject
Mcode
Degree programme
Language
en
Pages
2
Series
Proceedings of the 56th Annual Design Automation Conference 2019, DAC 2019, Proceedings - Design Automation Conference
Abstract
Shadow stacks are the go-to solution for perfect backward-edge control-flow integrity (CFI). Software shadow stacks trade off security for performance. Hardware-assisted shadow stacks are efficient and secure, but expensive to deploy. We present authenticated call stack (ACS), a novel mechanism for precise verification of return addresses using aggregated message authentication codes. We show how ACS can be realized using ARMv8.3-A pointer authentication, a new low-overhead mechanism for protecting pointer integrity. Our solution achieves security comparable to hardware-assisted shadow stacks, while incurring negligible performance overhead (< 0.5%) but requiring no additional hardware support.
Description
Keywords
Other note
Citation
Liljestrand , H , Nyman , T , Ekberg , J E & Asokan , N 2019 , Late breaking results: Authenticated call stack . in Proceedings of the 56th Annual Design Automation Conference 2019, DAC 2019 . , 223 , Proceedings - Design Automation Conference , ACM , Annual Design Automation Conference , Las Vegas , Nevada , United States , 02/06/2019 . https://doi.org/10.1145/3316781.3322469