Control Flow Integrity Based on Lightweight Encryption Architecture

Abstract

Control-flow integrity (CFI) plays a very important role in defending against code reuse attacks by protecting the control flows of programs from being hijacked. However, previous CFI methods suffer from performance overheads, cost, or security issues. In this paper, we propose a new CFI based on a lightweight encryption architecture with advanced encryption standard (LEA-AES) to address the challenges above. The LEA exploits AES to encrypt and decrypt return addresses and instructions at indirect jump destinations, which protects function calls and indirect jumps from being reused by return-oriented programming (ROP) and jump-oriented programming (JOP) attacks. For ROP, the encryption and decryption of return addresses are performed when the call and ret instructions are executing; for JOP, the encryption of instructions are performed when programs are loading into memory and the decryption of instructions are performed right before they are executing. The LEA-AES does not need to revise instruction sets of CPU and its security is also guaranteed by the encryption mechanism in addition to its high performance. Experimental results showed that the run-time and loading time overheads of LEA-AES are both less than 4% and the memory overhead is 0.62%.