Tightly Seal Your Sensitive Pointers with PACTight
release_wnnpvhwiljezvclr2g2uwv5grq
by
Mohannad Ismail, Andrew Quach, Christopher Jelesnianski, Yeongjin Jang, Changwoo Min
2022
Abstract
ARM is becoming more popular in desktops and data centers, opening a new
realm in terms of security attacks against ARM. ARM has released Pointer
Authentication, a new hardware security feature that is intended to ensure
pointer integrity with cryptographic primitives. In this paper, we utilize
Pointer Authentication (PA) to build a novel scheme to completely prevent any
misuse of security-sensitive pointers. We propose PACTight to tightly seal
these pointers. PACTight utilizes a strong and unique modifier that addresses
the current issues with the state-of-the-art PA defense mechanisms. We
implement four defenses based on the PACTight mechanism. Our security and
performance evaluation results show that PACTight defenses are more efficient
and secure. Using real PA instructions, we evaluated PACTight on 30 different
applications, including NGINX web server, with an average performance overhead
of 4.07% even when enforcing our strongest defense. PACTight demonstrates its
effectiveness and efficiency with real PA instructions on real hardware.
In text/plain
format
Archived Files and Locations
application/pdf 727.0 kB
file_6sixd4apfbbfxboj7uspztupjq
|
arxiv.org (repository) web.archive.org (webarchive) |
2203.15121v1
access all versions, variants, and formats of this works (eg, pre-prints)