Towards cryptographically-authenticated in-memory data structures

Setareh Ghorshi; Lachlan J. Gunn; Hans Liljestrand; N. Asokan

doi:10.1109/SecDev53368.2022.00018

Towards cryptographically-authenticated in-memory data structures

Setareh Ghorshi, Lachlan J. Gunn, Hans Liljestrand, N. Asokan

Tutkimustuotos: Artikkeli kirjassa/konferenssijulkaisussa › Conference contribution › Scientific › vertaisarvioitu

Abstrakti

Modern processors include high-performance cryptographic functionalities such as Intel's AES- NI and ARM's Pointer Authentication that allow programs to efficiently authenticate data held by the program. Pointer Authentication is already used to protect return addresses in recent Apple devices, but as yet these structures have seen little use for the protection of general program data. In this paper, we show how cryptographically-authenticated data structures can be used to protect against attacks based on memory corruption, and show how they can be efficiently realized using widely available hardware-assisted cryptographic mechanisms. We present realizations of secure stacks and queues with minimal overall performance overhead (3.4%-6.4% slowdown of the OpenCV core performance tests), and provide proofs of correctness.

Alkuperäiskieli	Englanti
Otsikko	Proceedings - 2022 IEEE Secure Development Conference, SecDev 2022
Kustantaja	IEEE
Sivut	30-44
Sivumäärä	15
ISBN (elektroninen)	978-1-6654-7182-4
DOI - pysyväislinkit	https://doi.org/10.1109/SecDev53368.2022.00018
Tila	Julkaistu - 2022
OKM-julkaisutyyppi	A4 Artikkeli konferenssijulkaisuussa
Tapahtuma	IEEE Secure Development Conference - Atlanta, Yhdysvallat Kesto: 18 lokak. 2022 → 20 lokak. 2022

Conference

Conference	IEEE Secure Development Conference
Lyhennettä	SecDev
Maa/Alue	Yhdysvallat
Kaupunki	Atlanta
Ajanjakso	18/10/2022 → 20/10/2022

Pääsy asiakirjaan

10.1109/SecDev53368.2022.00018

https://arxiv.org/abs/2210.11340

OpenUrl-saatavuus

Koko teksti

Muut tiedostot ja linkit

Linkki julkaisuun Scopuksessa

Siteeraa tätä

@inproceedings{8effbd4a594a451eae4aa60a61d94bd8,

title = "Towards cryptographically-authenticated in-memory data structures",

abstract = "Modern processors include high-performance cryptographic functionalities such as Intel's AES- NI and ARM's Pointer Authentication that allow programs to efficiently authenticate data held by the program. Pointer Authentication is already used to protect return addresses in recent Apple devices, but as yet these structures have seen little use for the protection of general program data. In this paper, we show how cryptographically-authenticated data structures can be used to protect against attacks based on memory corruption, and show how they can be efficiently realized using widely available hardware-assisted cryptographic mechanisms. We present realizations of secure stacks and queues with minimal overall performance overhead (3.4%-6.4% slowdown of the OpenCV core performance tests), and provide proofs of correctness.",

author = "Setareh Ghorshi and Gunn, {Lachlan J.} and Hans Liljestrand and N. Asokan",

note = "Publisher Copyright: {\textcopyright} 2022 IEEE.; IEEE Secure Development Conference, SecDev ; Conference date: 18-10-2022 Through 20-10-2022",

year = "2022",

doi = "10.1109/SecDev53368.2022.00018",

language = "English",

pages = "30--44",

booktitle = "Proceedings - 2022 IEEE Secure Development Conference, SecDev 2022",

publisher = "IEEE",

address = "United States",

}

TY - GEN

T1 - Towards cryptographically-authenticated in-memory data structures

AU - Ghorshi, Setareh

AU - Gunn, Lachlan J.

AU - Liljestrand, Hans

AU - Asokan, N.

PY - 2022

Y1 - 2022

N2 - Modern processors include high-performance cryptographic functionalities such as Intel's AES- NI and ARM's Pointer Authentication that allow programs to efficiently authenticate data held by the program. Pointer Authentication is already used to protect return addresses in recent Apple devices, but as yet these structures have seen little use for the protection of general program data. In this paper, we show how cryptographically-authenticated data structures can be used to protect against attacks based on memory corruption, and show how they can be efficiently realized using widely available hardware-assisted cryptographic mechanisms. We present realizations of secure stacks and queues with minimal overall performance overhead (3.4%-6.4% slowdown of the OpenCV core performance tests), and provide proofs of correctness.

AB - Modern processors include high-performance cryptographic functionalities such as Intel's AES- NI and ARM's Pointer Authentication that allow programs to efficiently authenticate data held by the program. Pointer Authentication is already used to protect return addresses in recent Apple devices, but as yet these structures have seen little use for the protection of general program data. In this paper, we show how cryptographically-authenticated data structures can be used to protect against attacks based on memory corruption, and show how they can be efficiently realized using widely available hardware-assisted cryptographic mechanisms. We present realizations of secure stacks and queues with minimal overall performance overhead (3.4%-6.4% slowdown of the OpenCV core performance tests), and provide proofs of correctness.

UR - http://www.scopus.com/inward/record.url?scp=85145435548&partnerID=8YFLogxK

U2 - 10.1109/SecDev53368.2022.00018

DO - 10.1109/SecDev53368.2022.00018

M3 - Conference contribution

AN - SCOPUS:85145435548

SP - 30

EP - 44

BT - Proceedings - 2022 IEEE Secure Development Conference, SecDev 2022

PB - IEEE

T2 - IEEE Secure Development Conference

Y2 - 18 October 2022 through 20 October 2022

ER -

Towards cryptographically-authenticated in-memory data structures

Abstrakti

Conference

Pääsy asiakirjaan

OpenUrl-saatavuus

Muut tiedostot ja linkit

Sormenjälki

Siteeraa tätä