Cryptographic Least Privilege Enforcement for Scalable Memory Isolation

Martin Unterguggenberger*, David Schrammel, Lukas Maar, Lukas Lamster, Vedad Hadzic, Stefan Mangard

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference paperpeer-review

Abstract

C/C++ computing systems constitute a significant share of our critical software infrastructure and face substantial security risks from memory exploitation. A single memory safety error can potentially lead to the compromise of the entire software system. To efficiently secure C/C++ computing systems without extensive software adaption, the processor must be able to restrict memory access to individual memory locations, thereby enforcing the principle of least privilege. The integration of lightweight and transparent isolation mechanisms that offer flexible and scalable memory protection is crucial to minimize the attack surface of software attacks.

In this paper, we present cryptographic least privilege enforcement (CLPE), a novel mechanism for scalable memory isolation. Our lightweight ISA extension enforces cryptographic integrity checks for isolation granularities ranging from individual objects to arbitrarily sized protection domains. We achieve this through message authentication codes (MACs), linking pointers with specific access privileges that restrict access to memory resources. Our approach maintains compatibility with legacy software and only minimally increases the processor's microarchitectural complexity. We provide a formal model of our design, ensuring important properties of our ISA specification, and a hardware model, allowing functional and timing-accurate simulation. The simulated performance overhead of our hardware model shows an average overhead of 2.5-7.4 % for the SPEC CPU2017 benchmark suite.
Original languageEnglish
Title of host publicationIEEE International Symposium on Hardware Oriented Security and Trust (HOST)
Publication statusAccepted/In press - 2025
EventIEEE International Symposium on Hardware Oriented Security and Trust 2025: HOST 2025 - San Jose, United States
Duration: 5 May 20258 May 2025
http://www.hostsymposium.org/

Conference

ConferenceIEEE International Symposium on Hardware Oriented Security and Trust 2025: HOST 2025
Abbreviated titleHOST 2025
Country/TerritoryUnited States
CitySan Jose
Period5/05/258/05/25
Internet address

Keywords

  • memory safety
  • principle of least privilege

Fingerprint

Dive into the research topics of 'Cryptographic Least Privilege Enforcement for Scalable Memory Isolation'. Together they form a unique fingerprint.

Cite this