We gratefully acknowledge support from
the Simons Foundation and member institutions.
Full-text links:

Download:

Current browse context:

cs.CR
< prev | next >
new | recent | 2211

Change to browse by:

cs

References & Citations

DBLP - CS Bibliography

listing | bibtex

Bookmark

(what is this?)
CiteULike logo BibSonomy logo Mendeley logo del.icio.us logo Digg logo Reddit logo

Computer Science > Cryptography and Security

Title: Control-Flow Integrity at RISC: Attacking RISC-V by Jump-Oriented Programming

Authors: Olivier Gilles, Franck Viguier, Nikolai Kosmatov, Daniel Gracia Pérez
(Submitted on 26 Nov 2022)
Abstract: RISC-V is an open instruction set architecture recently developed for embedded real-time systems. To achieve a lasting security on these systems and design efficient countermeasures, a better understanding of vulnerabilities to novel and potential future attacks is mandatory. This paper demonstrates that RISC-V is sensible to Jump-Oriented Programming, a class of complex code-reuse attacks, able to bypass existing protections. We provide a first analysis of RISC-V systems' attack surface exploitable by such attacks, and show how they can be chained together in order to build a full-fledged attack. We use a conservative hypothesis on exploited registers and instruction patterns, in an approach we called reserved registers. This approach is implemented on a vulnerable RISC-V application, and successfully applied to expose an AES256 secret.
Comments: 9 pages
Subjects: Cryptography and Security (cs.CR)
MSC classes: 68M25
Cite as: arXiv:2211.16212 [cs.CR]
  (or arXiv:2211.16212v1 [cs.CR] for this version)

Submission history

From: Nikolai Kosmatov [view email]
[v1] Sat, 26 Nov 2022 10:18:30 GMT (597kb,D)
Which authors of this paper are endorsers? | Disable MathJax (What is MathJax?)

Link back to: arXiv, form interface, contact.