English

GANDALF: A fine-grained hardware-software co-design for preventing memory attacks

Cryptography and Security 2017-02-24 v1

Abstract

Reading or writing outside the bounds of a buffer is a serious security vulnerability that has been exploited in numerous occasions. These attacks can be prevented by ensuring that every buffer is only accessed within its specified bounds. In this paper we present Gandalf, a compiler-assisted hardware extension for the OpenRISC processor that thwarts all forms of memory based attacks including buffer overflows and over-reads.The feature associates lightweight base and bound capabilities to all pointer variables, which are checked at run time by the hardware. Gandalf is transparent to the user and does not require significant OS modifications. Moreover, it achieves locality, thus resulting in small performance penalties.

Keywords

Cite

@article{arxiv.1702.07223,
  title  = {GANDALF: A fine-grained hardware-software co-design for preventing memory attacks},
  author = {Gnanambikai Krishnakumar and Patanjali SLPSK and Prasanna Karthik Vairam and Chester Rebeiro},
  journal= {arXiv preprint arXiv:1702.07223},
  year   = {2017}
}

Comments

5 Pages, 2 figures, Winning entry of CSAW Embedded Security Challenge 2016, Not published elsewhere

R2 v1 2026-06-22T18:26:28.191Z