Protecting the stack with PACed canaries

Hans Liljestrand; Zaheer Gauhar; Thomas Nyman; Jan-Erik Ekberg; N.; Asokan

arXiv:1909.05747·cs.CR·September 13, 2019

Protecting the stack with PACed canaries

Hans Liljestrand, Zaheer Gauhar, Thomas Nyman, Jan-Erik Ekberg, N., Asokan

PDF

Open Access

TL;DR

This paper introduces PCan, a novel canary protection method leveraging ARMv8.3-A pointer authentication to enhance security against memory disclosure and brute-force attacks with minimal performance impact.

Contribution

It presents a new canary scheme using pointer authentication, providing more fine-grained security and addressing vulnerabilities of traditional stack canaries.

Findings

01

PCan effectively mitigates memory disclosure attacks.

02

It introduces minimal performance overhead.

03

Provides stronger protection compared to traditional canaries.

Abstract

Stack canaries remain a widely deployed defense against memory corruption attacks. Despite their practical usefulness, canaries are vulnerable to memory disclosure and brute-forcing attacks. We propose PCan, a new approach based on ARMv8.3-A pointer authentication (PA), that uses dynamically-generated canaries to mitigate these weaknesses and show that it provides more fine-grained protection with minimal performance overhead.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.

Taxonomy

TopicsSecurity and Verification in Computing · Diamond and Carbon-based Materials Research · Advanced Malware Detection Techniques