English

Tightly Seal Your Sensitive Pointers with PACTight

Cryptography and Security 2022-03-30 v1

Abstract

ARM is becoming more popular in desktops and data centers, opening a new realm in terms of security attacks against ARM. ARM has released Pointer Authentication, a new hardware security feature that is intended to ensure pointer integrity with cryptographic primitives. In this paper, we utilize Pointer Authentication (PA) to build a novel scheme to completely prevent any misuse of security-sensitive pointers. We propose PACTight to tightly seal these pointers. PACTight utilizes a strong and unique modifier that addresses the current issues with the state-of-the-art PA defense mechanisms. We implement four defenses based on the PACTight mechanism. Our security and performance evaluation results show that PACTight defenses are more efficient and secure. Using real PA instructions, we evaluated PACTight on 30 different applications, including NGINX web server, with an average performance overhead of 4.07% even when enforcing our strongest defense. PACTight demonstrates its effectiveness and efficiency with real PA instructions on real hardware.

Keywords

Cite

@article{arxiv.2203.15121,
  title  = {Tightly Seal Your Sensitive Pointers with PACTight},
  author = {Mohannad Ismail and Andrew Quach and Christopher Jelesnianski and Yeongjin Jang and Changwoo Min},
  journal= {arXiv preprint arXiv:2203.15121},
  year   = {2022}
}

Comments

Accepted for publication to USENIX Security 2022

R2 v1 2026-06-24T10:29:09.949Z