FIPAC: Thwarting Fault- and Software-Induced Control-Flow Attacks with ARM Pointer Authentication

Abstract

With improvements in computing technology, more and more applications in the Internet-of-Things, mobile devices, or automotive area embed powerful ARM processors. These systems can be attacked by redirecting the control-flow to bypass critical pieces of code such as privilege checks or signature verifications or to perform other fault attacks on applications or security mechanisms like secure boot. Control-flow hijacks can be performed using classical software vulnerabilities, physical fault attacks, or software-induced faults. To cope with this threat and to protect the control-flow, dedicated countermeasures are needed. Control-flow integrity (CFI) aims to be a generic solution to counteract control-flow hijacks. However, software-based CFI typically either protects against software or fault attacks, but not against both. While hardware-assisted CFI can mitigate both, they require hardware changes, which are unrealistic for existing architectures. Thus, a wide range of systems remains unprotected and vulnerable to control-flow attacks. This work presents FIPAC, a software-based CFI scheme protecting the execution at basic block granularity against software and fault attacks. FIPAC exploits ARM pointer authentication of ARMv8.6-A to implement a cryptographically signed control-flow graph. We cryptographically link the correct sequence of executed basic blocks to enforce CFI at this level. We use a custom LLVM-based toolchain to automatically instrument programs. The evaluation on SPEC2017 with different security policies shows a geometric mean code overhead between 51–91 % and a runtime overhead between 19–63 %. For embedded benchmarks, we measured geometric mean runtime overheads between 49–168 %. While these overheads are higher than for countermeasures against software attacks, FIPAC outperforms related work protecting the control-flow against faults. FIPAC is an efficient solution to protect software- and fault-based CFI attacks on basic block level on modern ARM devices.

Publication
International Workshop on Constructive Side-Channel Analysis and Secure Design
Robert Schilling
Robert Schilling
Silicon Engineer

Silicon engineer working on platform security for custom silicon. Previously led OpenTitan Integrated development at Rivos. Research background in hardware-software codesign for fault attack protection.