发明名称 |
Creating stack position dependent cryptographic return address to mitigate return oriented programming attacks |
摘要 |
A computing device includes technologies for securing return addresses that are used by a processor to control the flow of execution of a program. The computing device uses a cryptographic algorithm to provide security for a return address in a manner that binds the return address to a location in a stack. |
申请公布号 |
US9514285(B2) |
申请公布日期 |
2016.12.06 |
申请号 |
US201414498521 |
申请日期 |
2014.09.26 |
申请人 |
Intel Corporation |
发明人 |
Durham David M.;Patel Baiju V. |
分类号 |
G06F21/54;G06F21/00 |
主分类号 |
G06F21/54 |
代理机构 |
Barnes & Thornburg LLP |
代理人 |
Barnes & Thornburg LLP |
主权项 |
1. A computing device to secure return addresses to mitigate return oriented programming attacks, the computing device comprising:
a processor comprising call logic, wherein, prior to storage of a return address on a call stack, the call logic is to:
read a secret key from a memory location of the computing device that is readable by the processor;determine a stack position identifier, the stack position identifier usable to determine a location on the call stack at which the return address is to be stored;generate security data indicative of the return address by execution of a cryptographic algorithm such that the security data is based on both of: (i) the secret key and (ii) the stack position identifier;modify the return address indicated in the security data to reference a non-canonical location in memory; andstore the security data in a memory location that is readable by the processor. |
地址 |
Santa Clara CA US |