research-article

Authenticated Call Stack

Authors:

Hans Liljestrand,

Thomas Nyman,

Jan-Erik Ekberg,

N. AsokanAuthors Info & Claims

DAC '19: Proceedings of the 56th Annual Design Automation Conference 2019

Article No.: 223, Pages 1 - 2

https://doi.org/10.1145/3316781.3322469

Published: 02 June 2019 Publication History

Get Access

Abstract

Shadow stacks are the go-to solution for perfect backward-edge control-flow integrity (CFI). Software shadow stacks trade off security for performance. Hardware-assisted shadow stacks are efficient and secure, but expensive to deploy. We present authenticated call stack (ACS), a novel mechanism for precise verification of return addresses using aggregated message authentication codes. We show how ACS can be realized using ARMv8.3-A pointer authentication, a new low-overhead mechanism for protecting pointer integrity. Our solution achieves security comparable to hardware-assisted shadow stacks, while incurring negligible performance overhead (< 0.5%) but requiring no additional hardware support.

References

[1]

Martín Abadi et al. 2009. Control-flow Integrity Principles, Implementations, and Applications. ACM Trans. Inf. Syst. Secur. 13, 1 (Nov. 2009), 4:1--4:40.

Digital Library

Google Scholar

[2]

ARM Ltd. 2017. ARMv8 Architecture Reference Manual, for ARMv8-A architecture profile (ARM DDI 0487C.a). https://static.docs.arm.com/ddi0487/ca/DDI0487C_a_armv8_arm.pdf.

Google Scholar

[3]

Roberto Avanzi. 2017. The QARMA Block Cipher Family. Almost MDS Matrices Over Rings With Zero Divisors, Nearly Symmetric Even-Mansour Constructions With Non-Involutory Central Rounds, and Search Heuristics for Low-Latency S-Boxes. IACR Trans. Symmetric Cryptol. 2017, 1 (2017), 4--44.

Crossref

Google Scholar

[4]

Nathan Burow et al. 2019. SoK: Shining Light on Shadow Stacks. arXiv:1811.03165v2 {cs.CR}. https://arxiv.org/abs/1811.03165v2

Google Scholar

[5]

Intel. 2016. Control-flow Enforcement Technology Preview. https://software.intel.com/sites/default/files/managed/4d/2a/control-flow-enforcement-technology-preview.pdf.

Google Scholar

[6]

Tim Kornau. 2009. Return Oriented Programming for the ARM Architecture. Ph.D. Dissertation. Ruhr-Universität Bochum.

Google Scholar

[7]

Hans Liljestrand et al. 2019. PAC it up: Towards Pointer Integrity using ARM Pointer Authentication. (to appear) Usenix SEC 2019, arXiv:1811.09189 {cs.CR}. https://arxiv.org/abs/1811.09189

Google Scholar

[8]

Qualcomm. 2017. Pointer Authentication on ARMv8.3. https://www.qualcomm.com/media/documents/files/whitepaper-pointer-authentication-on-armv8-3.pdf.

Google Scholar

Cited By

View all

Li NGuo JHuang BLi YZhang YLi CHuang W(2024)TCSA: Efficient Localization of Busy-Wait Synchronization Bugs for Latency-Critical ApplicationsIEEE Transactions on Parallel and Distributed Systems10.1109/TPDS.2023.334257335:2(297-309)Online publication date: Feb-2024
https://doi.org/10.1109/TPDS.2023.3342573
Wang CDeng YNing ZLeach KLi JYan SHe ZCao JZhang F(2024)Building a Lightweight Trusted Execution Environment for Arm GPUsIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2023.3334277(1-16)Online publication date: 2024
https://doi.org/10.1109/TDSC.2023.3334277
Yang YTu JShen WZhu SChang RZhou Y(2024)kCPA: Towards Sensitive Pointer Full Life Cycle Authentication for OS KernelsIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2023.333426821:4(3768-3784)Online publication date: Jul-2024
https://doi.org/10.1109/TDSC.2023.3334268
Show More Cited By

Authenticated Call Stack
1. Security and privacy
  1. Systems security

Recommendations

Convertible multi-authenticated encryption scheme

A convertible authenticated encryption (CAE) scheme allows the signer to generate a valid authenticated ciphertext on his chosen message such that only the designated recipient can retrieve the message. Further, the recipient has the ability to convert ...
Improved convertible authenticated encryption scheme with provable security

Convertible authenticated encryption (CAE) schemes allow a signer to produce an authenticated ciphertext such that only a designated recipient can decrypt it and verify the recovered signature. The conversion property further enables the designated ...
Practical convertible authenticated encryption schemes using self-certified public keys

A convertible authenticated encryption scheme allows a designated receiver to recover and verify a message simultaneously, during which the recipient can prove the dishonesty of the sender to any third party if the sender repudiates her signature later. ...

Comments

Information & Contributors

Information

Published In

DAC '19: Proceedings of the 56th Annual Design Automation Conference 2019

June 2019

1378 pages

ISBN:9781450367257

DOI:10.1145/3316781

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

In-Cooperation

SIGBED: ACM Special Interest Group on Embedded Systems

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 02 June 2019

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Research-article
Research
Refereed limited

Conference

DAC '19

Sponsor:

SIGDA

DAC '19: The 56th Annual Design Automation Conference 2019

June 2 - 6, 2019

NV, Las Vegas, USA

Acceptance Rates

Overall Acceptance Rate 1,770 of 5,499 submissions, 32%

Upcoming Conference

DAC '25

Sponsor:
sigda

62nd ACM/IEEE Design Automation Conference

June 22 - 26, 2025

San Francisco , CA , USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

16
Total Citations
View Citations
356
Total Downloads

Downloads (Last 12 months)35
Downloads (Last 6 weeks)4

Reflects downloads up to 28 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Li NGuo JHuang BLi YZhang YLi CHuang W(2024)TCSA: Efficient Localization of Busy-Wait Synchronization Bugs for Latency-Critical ApplicationsIEEE Transactions on Parallel and Distributed Systems10.1109/TPDS.2023.334257335:2(297-309)Online publication date: Feb-2024
https://doi.org/10.1109/TPDS.2023.3342573
Wang CDeng YNing ZLeach KLi JYan SHe ZCao JZhang F(2024)Building a Lightweight Trusted Execution Environment for Arm GPUsIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2023.3334277(1-16)Online publication date: 2024
https://doi.org/10.1109/TDSC.2023.3334277
Yang YTu JShen WZhu SChang RZhou Y(2024)kCPA: Towards Sensitive Pointer Full Life Cycle Authentication for OS KernelsIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2023.333426821:4(3768-3784)Online publication date: Jul-2024
https://doi.org/10.1109/TDSC.2023.3334268
Lehniger KRaghunathan SLangendörfer P(2024)WindowGuardian: Return Address Integrity for ESP32 Microcontrollers with Xtensa Processors using AES and Register Windows2024 13th Mediterranean Conference on Embedded Computing (MECO)10.1109/MECO62516.2024.10577840(1-8)Online publication date: 11-Jun-2024
https://doi.org/10.1109/MECO62516.2024.10577840
Lehniger KLangendörfer P(2023)Window Canaries: Re-Thinking Stack Canaries for Architectures With Register WindowsIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2022.323074820:6(4637-4647)Online publication date: Nov-2023
https://doi.org/10.1109/TDSC.2022.3230748
Tauner S(2022)RIPEMB: A framework for assessing hardware-assisted software security schemes in embedded systemsProceedings of the 17th International Conference on Availability, Reliability and Security10.1145/3538969.3539013(1-6)Online publication date: 23-Aug-2022
https://dl.acm.org/doi/10.1145/3538969.3539013
Mishra TChantem TGerdes R(2022)Survey of Control-flow Integrity Techniques for Real-time Embedded SystemsACM Transactions on Embedded Computing Systems10.1145/353827521:4(1-32)Online publication date: 4-Oct-2022
https://dl.acm.org/doi/10.1145/3538275
Moreira JChatterjee DEkanadham KFlores ASterpone LBartolini AButko A(2022)Return-oriented programming protection in the IBM POWER10Proceedings of the 19th ACM International Conference on Computing Frontiers10.1145/3528416.3530245(173-176)Online publication date: 17-May-2022
https://dl.acm.org/doi/10.1145/3528416.3530245
Wang WHu GXu XZhang J(2022)CRAlert: Hardware-Assisted Code Reuse Attack DetectionIEEE Transactions on Circuits and Systems II: Express Briefs10.1109/TCSII.2021.311844369:3(1607-1611)Online publication date: Mar-2022
https://doi.org/10.1109/TCSII.2021.3118443
Fanti AChinea Perez CDenis-Courmont RRoascio GEkberg J(2022)Toward Register Spilling Security Using LLVM and ARM Pointer AuthenticationIEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems10.1109/TCAD.2022.319751141:11(3757-3766)Online publication date: Nov-2022
https://doi.org/10.1109/TCAD.2022.3197511
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Abstract

References

Cited By

Recommendations

Convertible multi-authenticated encryption scheme

Improved convertible authenticated encryption scheme with provable security

Practical convertible authenticated encryption schemes using self-certified public keys

Comments

Information

Published In

Sponsors

In-Cooperation

Publisher

Publication History

Permissions

Check for updates

Qualifiers

Conference

Acceptance Rates

Upcoming Conference

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Login options

Full Access

View options

PDF

eReader

Share

Share this Publication link

Share on social media

Affiliations