CryptSan: Leveraging ARM Pointer Authentication for Memory Safety in C/C++

Hohentanner, Konrad and Zieris, Philipp and Horsch, Julian

2023

Back
Back to start of result list
Permanent link for displayed object

Document type:: Konferenzbeitrag
Author(s):: Hohentanner, Konrad and Zieris, Philipp and Horsch, Julian
Title:: CryptSan: Leveraging ARM Pointer Authentication for Memory Safety in C/C++
Abstract:: Memory safety bugs remain in the top ranks of security vulnerabilities, even after decades of research on their detection and prevention. Various mitigations have been proposed for C/C++, ranging from language dialects to instrumentation. Among these, compilerbased instrumentation is particularly promising, not requiring manual code modifications and being able to achieve precise memory safety. Unfortunately, existing compiler-based solutions compromise in many areas, including performance but also usability and memory safety guarantees. New developments in hardware can help improve performance and security of compiler-based memory safety. ARM Pointer Authentication, added in the ARMv8.3 architecture, is intended to enable hardware-assisted Control Flow Integrity (CFI). But since its operations are generic, it also enables other, more comprehensive hardware-supported runtime integrity approaches. As such, we propose CryptSan, a memory safety approach based on ARM Pointer Authentication. CryptSan uses pointer signatures to retrofit memory safety to C/C++ programs, protecting heap, stack, and globals against temporal and spatial vulnerabilities.We present a full LLVM-based prototype implementation, running on an M1 MacBook Pro, i.e., on actual ARMv8.3 hardware. Our prototype evaluation shows that the system outperforms similar approaches under real-world conditions. This, together with its interoperability with uninstrumented libraries and cryptographic protection against attacks on metadata, makes CryptSan a viable solution for retrofitting memory safety to C/C++ programs. «
Memory safety bugs remain in the top ranks of security vulnerabilities, even after decades of research on their detection and prevention. Various mitigations have been proposed for C/C++, ranging from language dialects to instrumentation. Among these, compilerbased instrumentation is particularly promising, not requiring manual code modifications and being able to achieve precise memory safety. Unfortunately, existing compiler-based solutions compromise in many areas, including performanc... »
Keywords:: memory safety, unsafe programming languages, pointer authentication, buffer overflows, use-after-free
Dewey Decimal Classification:: 620 Ingenieurwissenschaften
Book / Congress title:: Proceedings of the 38th ACM/SIGAPP Symposium on Applied Computing
Congress (additional information):: Tallinn, Estonia
Date of congress:: March 27 - March 31, 2023
Year:: 2023
Quarter:: 1. Quartal
Year / month:: 2023-03
Month:: Mar
Pages:: 1530--1539
Reviewed:: ja
Language:: en
WWW:: https://www.sigapp.org/sac/sac2023/
BibTeX

Occurrences:

mediaTUM Gesamtbestand Hochschulbibliographie 2023 Schools und Fakultäten TUM School of Computation, Information and Technology Sicherheit in der Informationstechnik (Prof. Sigl)

mediaTUM Gesamtbestand Einrichtungen Schools TUM School of Computation, Information and Technology Departments Computer Engineering Sicherheit in der Informationstechnik (Prof. Sigl)2023