TY - JOUR
T1 - Dynamic reencryption of return addresses
AU - Lee, Hyungyu
AU - Pyo, Changwoo
AU - Lee, Gyungho
N1 - Funding Information:
This research was supported by Basic Science Research Program through the National Research Foundation of Korea (NRF) funded by the Ministry of Education (NRF-2015R1D1A1A01057711 and NRF-2015R1A2A2A01003242).
Publisher Copyright:
© The Institution of Engineering and Technology 2018.
PY - 2019/1/1
Y1 - 2019/1/1
N2 - The authors present dynamic reencryption of return addresses to mitigate their leakage. The authors’ method enforces programs to save return addresses as encrypted and renew the encryption states with fresh keys before or after vulnerable operations. When a function returns, it should restore the return address from its encryption using the most recent key not to cause a crash. Under the protection of their method, return addresses and keys may leak, but the disclosed bits become garbage because keys govern all return addresses through encryption, while changing before control-flow proceeds into a vulnerable region. As a result, it becomes probabilistically infeasible to build exploits for intercepting control-flow by using leaked return addresses or keys. They implemented the proposed method as an extension of the LLVM compiler that inserts reencryption code where necessary. They also have confirmed its effectiveness against information leak attacks carried out in the early stage of blind return-oriented programming (BROP). The performance overhead ranges below 11.6% for processor-intensive programs and 4.12% or less for web servers.
AB - The authors present dynamic reencryption of return addresses to mitigate their leakage. The authors’ method enforces programs to save return addresses as encrypted and renew the encryption states with fresh keys before or after vulnerable operations. When a function returns, it should restore the return address from its encryption using the most recent key not to cause a crash. Under the protection of their method, return addresses and keys may leak, but the disclosed bits become garbage because keys govern all return addresses through encryption, while changing before control-flow proceeds into a vulnerable region. As a result, it becomes probabilistically infeasible to build exploits for intercepting control-flow by using leaked return addresses or keys. They implemented the proposed method as an extension of the LLVM compiler that inserts reencryption code where necessary. They also have confirmed its effectiveness against information leak attacks carried out in the early stage of blind return-oriented programming (BROP). The performance overhead ranges below 11.6% for processor-intensive programs and 4.12% or less for web servers.
UR - http://www.scopus.com/inward/record.url?scp=85059937961&partnerID=8YFLogxK
U2 - 10.1049/iet-ifs.2018.5142
DO - 10.1049/iet-ifs.2018.5142
M3 - Article
AN - SCOPUS:85059937961
SN - 1751-8709
VL - 13
SP - 76
EP - 85
JO - IET Information Security
JF - IET Information Security
IS - 1
ER -