CrypTag: Thwarting Physical and Logical Memory Vulnerabilities using Cryptographically Colored Memory

12/12/2020
by   Pascal Nasahl, et al.
0

Memory vulnerabilities are a major threat to many computing systems. To effectively thwart spatial and temporal memory vulnerabilities, full logical memory safety is required. However, current mitigation techniques for memory safety are either too expensive or trade security against efficiency. One promising attempt to detect memory safety vulnerabilities in hardware is memory coloring, a security policy deployed on top of tagged memory architectures. However, due to the memory storage and bandwidth overhead of large tags, commodity tagged memory architectures usually only provide small tag sizes, thus limiting their use for security applications. Irrespective of logical memory safety, physical memory safety is a necessity in hostile environments prevalent for modern cloud computing and IoT devices. Architectures from Intel and AMD already implement transparent memory encryption to maintain confidentiality and integrity of all off-chip data. Surprisingly, the combination of both, logical and physical memory safety, has not yet been extensively studied in previous research, and a naive combination of both security strategies would accumulate both overheads. In this paper, we propose CrypTag, an efficient hardware/software co-design mitigating a large class of logical memory safety issues and providing full physical memory safety. At its core, CrypTag utilizes a transparent memory encryption engine not only for physical memory safety, but also for memory coloring at hardly any additional costs. The design avoids any overhead for tag storage by embedding memory colors in the upper bits of a pointer and using these bits as an additional input for the memory encryption. A custom compiler extension automatically leverages CrypTag to detect logical memory safety issues for commodity programs and is fully backward compatible.

READ FULL TEXT
research
03/08/2022

xTag: Mitigating Use-After-Free Vulnerabilities via Software-Based Pointer Tagging on Intel x86-64

Memory safety in complex applications implemented in unsafe programming ...
research
09/01/2022

Memory Tagging: A Memory Efficient Design

ARM recently introduced a security feature called Memory Tagging Extensi...
research
10/17/2017

Towards Linux Kernel Memory Safety

The security of billions of devices worldwide depends on the security an...
research
07/27/2020

SPAM: Stateless Permutation of Application Memory

In this paper, we propose the Stateless Permutation of Application Memor...
research
02/19/2020

PTAuth: Temporal Memory Safety via Robust Points-to Authentication

Temporal memory corruptions are commonly exploited software vulnerabilit...
research
04/23/2020

Using DSP Slices as Content-Addressable Update Queues

Content-Addressable Memory (CAM) is a powerful abstraction for building ...
research
02/14/2023

L4 Pointer: An efficient pointer extension for spatial memory safety support without hardware extension

Since buffer overflow has long been a frequently occurring, high-risk vu...

Please sign up or login with your details

Forgot password? Click here to reset