CryptSan: Leveraging ARM Pointer Authentication for Memory Safety in
C/C++
- URL: http://arxiv.org/abs/2202.08669v2
- Date: Thu, 11 May 2023 12:42:11 GMT
- Title: CryptSan: Leveraging ARM Pointer Authentication for Memory Safety in
C/C++
- Authors: Konrad Hohentanner, Philipp Zieris, Julian Horsch
- Abstract summary: CryptSan is a memory safety approach based on ARM Pointer Authentication.
We present a full LLVM-based prototype implementation, running on an M1 MacBook Pro.
This, together with its interoperability with uninstrumented libraries and cryptographic protection against attacks on metadata, makes CryptSan a viable solution for retrofitting memory safety to C/C++ programs.
- Score: 0.9208007322096532
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: Memory safety bugs remain in the top ranks of security vulnerabilities, even
after decades of research on their detection and prevention. Various
mitigations have been proposed for C/C++, ranging from language dialects to
instrumentation. Among these, compiler-based instrumentation is particularly
promising, not requiring manual code modifications and being able to achieve
precise memory safety. Unfortunately, existing compiler-based solutions
compromise in many areas, including performance but also usability and memory
safety guarantees. New developments in hardware can help improve performance
and security of compiler-based memory safety. ARM Pointer Authentication, added
in the ARMv8.3 architecture, is intended to enable hardware-assisted Control
Flow Integrity (CFI). But since its operations are generic, it also enables
other, more comprehensive hardware-supported runtime integrity approaches. As
such, we propose CryptSan, a memory safety approach based on ARM Pointer
Authentication. CryptSan uses pointer signatures to retrofit memory safety to
C/C++ programs, protecting heap, stack, and globals against temporal and
spatial vulnerabilities. We present a full LLVM-based prototype implementation,
running on an M1 MacBook Pro, i.e., on actual ARMv8.3 hardware. Our prototype
evaluation shows that the system outperforms similar approaches under
real-world conditions. This, together with its interoperability with
uninstrumented libraries and cryptographic protection against attacks on
metadata, makes CryptSan a viable solution for retrofitting memory safety to
C/C++ programs.
Related papers
- Mon CHÈRI <3 Adapting Capability Hardware Enhanced RISC with Conditional Capabilities [1.9042151977387252]
Up to 10% of memory-safety vulnerabilities in languages like C and C++ stem from und variables.
This work addresses the prevalence and lack of adequate software mitigations for und memory issues.
We extend the CHERI capability model to include "conditional capabilities", enabling memory-access policies based on prior operations.
arXiv Detail & Related papers (2024-07-11T16:51:36Z) - Secure Rewind and Discard on ARM Morello [0.0]
Memory-unsafe programming languages such as C and C++ are the preferred languages for systems programming, embedded systems, and performance-critical applications.
An earlier approach proposes the Secure Domain Rewind and Discard (SDRaD) of isolated domains as a method to enhance the resilience of software targeted by runtime attacks on x86 architecture.
SDRaD has been adapted to work with the Capability Hardware Enhanced RISC Instructions (CHERI) architecture to be more lightweight and performant.
arXiv Detail & Related papers (2024-07-05T13:41:59Z) - CAMP: Compiler and Allocator-based Heap Memory Protection [23.84729234219481]
We present CAMP, a new sanitizer for detecting and capturing heap memory corruption.
CAMP enables various compiler optimization strategies and thus eliminates redundant and unnecessary check instrumentation.
Our evaluation and comparison of CAMP with existing tools, using both real-world applications and SPEC CPU benchmarks, show that it provides even better heap corruption detection capability with lower runtime overhead.
arXiv Detail & Related papers (2024-06-04T19:37:41Z) - Towards Comprehensive and Efficient Post Safety Alignment of Large Language Models via Safety Patching [77.36097118561057]
textscSafePatching is a novel framework for comprehensive and efficient PSA.
textscSafePatching achieves a more comprehensive and efficient PSA than baseline methods.
arXiv Detail & Related papers (2024-05-22T16:51:07Z) - Fully Randomized Pointers [7.1754940591892735]
We propose Fully Randomized Pointers (FRP) as a stronger memory error defense that is resistant to even brute force attacks.
The key idea is to fully randomize pointer bits -- as much as possible -- while also preserving binary compatibility.
We show that FRP is secure, practical, and compatible at the binary level, while a hardware implementation can achieve low performance overheads.
arXiv Detail & Related papers (2024-05-21T05:54:27Z) - FoC: Figure out the Cryptographic Functions in Stripped Binaries with LLMs [54.27040631527217]
We propose a novel framework called FoC to Figure out the Cryptographic functions in stripped binaries.
FoC-BinLLM outperforms ChatGPT by 14.61% on the ROUGE-L score.
FoC-Sim outperforms the previous best methods with a 52% higher Recall@1.
arXiv Detail & Related papers (2024-03-27T09:45:33Z) - HasTEE+ : Confidential Cloud Computing and Analytics with Haskell [50.994023665559496]
Confidential computing enables the protection of confidential code and data in a co-tenanted cloud deployment using specialized hardware isolation units called Trusted Execution Environments (TEEs)
TEEs offer low-level C/C++-based toolchains that are susceptible to inherent memory safety vulnerabilities and lack language constructs to monitor explicit and implicit information-flow leaks.
We address the above with HasTEE+, a domain-specific language (cla) embedded in Haskell that enables programming TEEs in a high-level language with strong type-safety.
arXiv Detail & Related papers (2024-01-17T00:56:23Z) - Top of the Heap: Efficient Memory Error Protection of Safe Heap Objects [37.992322891101374]
Existing memory safety defenses aim at protecting all objects, resulting in high performance cost and incomplete protection.
We propose an approach that accurately identifies objects that are inexpensive to protect, and design a method to protect such objects comprehensively from all classes of memory errors.
arXiv Detail & Related papers (2023-10-10T08:04:08Z) - SOCI^+: An Enhanced Toolkit for Secure OutsourcedComputation on Integers [50.608828039206365]
We propose SOCI+ which significantly improves the performance of SOCI.
SOCI+ employs a novel (2, 2)-threshold Paillier cryptosystem with fast encryption and decryption as its cryptographic primitive.
Compared with SOCI, our experimental evaluation shows that SOCI+ is up to 5.4 times more efficient in computation and 40% less in communication overhead.
arXiv Detail & Related papers (2023-09-27T05:19:32Z) - Certifying LLM Safety against Adversarial Prompting [75.19953634352258]
Large language models (LLMs) are vulnerable to adversarial attacks that add malicious tokens to an input prompt.
We introduce erase-and-check, the first framework for defending against adversarial prompts with certifiable safety guarantees.
arXiv Detail & Related papers (2023-09-06T04:37:20Z) - Online Shielding for Reinforcement Learning [59.86192283565134]
We propose an approach for online safety shielding of RL agents.
During runtime, the shield analyses the safety of each available action.
Based on this probability and a given threshold, the shield decides whether to block an action from the agent.
arXiv Detail & Related papers (2022-12-04T16:00:29Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.