EC-CFI: Control-Flow Integrity via Code Encryption Counteracting Fault Attacks

Pascal Nasahl, Salmin Sultana, Hans Liljestrand, Karanvir Grewal, Michael LeMay, David Durham, David Schrammel, Stefan Mangard

Research output: Chapter in Book/Report/Conference proceedingConference paperpeer-review


Fault attacks enable adversaries to manipulate the control-flow of security-critical applications. By inducing targeted faults into the CPU, the software’s call graph can be escaped and the control-flow can be redirected to arbitrary functions inside the program. To protect the control-flow from these attacks, dedicated fault control-flow integrity (CFI) countermeasures are commonly deployed. However, these schemes either have high detection latencies or require intrusive hardware changes.
In this paper, we present EC-CFI, a software-based cryptographically enforced CFI scheme with no detection latency utilizing hardware features of recent Intel® platforms. Our EC-CFI prototype is designed to prevent an adversary from escaping the program’s call graph using faults by encrypting each function with a different key before execution. At runtime, the instrumented program dynamically derives the decryption key, ensuring that the code only can be successfully decrypted when the program follows the intended call graph. To enable this level of protection on Intel® commodity systems, we combine Intel®’s TME-MK with the virtualization technology to achieve function-granular encryption. We open-source our custom LLVM-based toolchain automatically protecting arbitrary programs with EC-CFI. Furthermore, we evaluate EPT aliasing with the SPEC CPU2017 and Embench-IoT benchmarks and discuss and evaluate potential TME-MK hardware changes minimizing runtime overheads.
Original languageEnglish
Title of host publicationProceedings of the 2023 IEEE International Symposium on Hardware Oriented Security and Trust, HOST 2023
EditorsRosario Cammarota, Vincent Mooney, Farimah Farahmandi, Sheng Wei, Mehran Mozaffari Kermani
Number of pages12
ISBN (Electronic)9798350300628
Publication statusPublished - 2023
EventIEEE International Symposium on Hardware Oriented Security and Trust: HOST 2023 - San Jose, United States
Duration: 1 May 20234 May 2023


ConferenceIEEE International Symposium on Hardware Oriented Security and Trust
Country/TerritoryUnited States
CitySan Jose


  • control-flow integrity
  • encryption
  • fault attacks

ASJC Scopus subject areas

  • Safety, Risk, Reliability and Quality
  • Signal Processing
  • Hardware and Architecture


Dive into the research topics of 'EC-CFI: Control-Flow Integrity via Code Encryption Counteracting Fault Attacks'. Together they form a unique fingerprint.

Cite this