TL;DR
This paper introduces Fully Randomized Pointers (FRP), a memory error defense that offers strong protection through pointer bit randomization while maintaining compatibility with existing binary software, demonstrated via software and hardware prototypes.
Contribution
FRP provides a novel pointer encoding scheme that achieves high security and compatibility without requiring recompilation or hardware modifications.
Findings
FRP effectively randomizes pointer bits, thwarting brute force attacks.
The software prototype BlueFat maintains compatibility and security.
The hardware prototype GreenFat achieves less than 4% performance overhead.
Abstract
Memory errors continue to be a critical concern for programs written in low-level programming languages such as C and C++. Many different memory error defenses have been proposed, each with varying trade-offs in terms of overhead, compatibility, and attack resistance. Some defenses are highly compatible but only provide minimal protection, and can be easily bypassed by knowledgeable attackers. On the other end of the spectrum, capability systems offer very strong (unforgeable) protection, but require novel software and hardware implementations that are incompatible by definition. The challenge is to achieve both very strong protection and high compatibility. In this paper, we propose {\em Fully Randomized Pointers} FRP as a strong memory error defense that also maintains compatibility with existing binary software. The key idea behind FRP is to design a new pointer encoding scheme…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
