OnQ Blog

Qualcomm releases whitepaper detailing pointer authentication on ARMv8.3

ARM recently announced ARMv8.3-A, the 2016 additions to the ARMv8-A architecture. These additions include pointer authentication instructions: “a mechanism for enhanced security associated with pointer authentication.” It is very exciting to see the technology, refined and expanded through discussions and contributions from ARM and its partners, making it into the architecture as the new pointer authentication instructions.

The pointer authentication scheme added to the ARMv8 architecture is a software security primitive that makes it much harder for an attacker to modify protected pointers in memory without being detected. In a new Qualcomm whitepaper, we describe the pointer authentication mechanism including the design criteria, provide a security analysis, and discuss the implementation of certain software security countermeasures such as stack protection and control flow integrity using the pointer authentication primitives.

These new instructions provide a way for quickly verifying the integrity of pointers and data in memory. In addition to the use cases described in the whitepaper, we expect these primitives to pave way to new techniques and opportunities to improve the memory safety of programs and runtime environments.

 

Opinions expressed in the content posted here are the personal opinions of the original authors, and do not necessarily reflect those of Qualcomm Incorporated or its subsidiaries ("Qualcomm"). Qualcomm products mentioned within this post are offered by Qualcomm Technologies, Inc. and/or its subsidiaries. The content is provided for informational purposes only and is not meant to be an endorsement or representation by Qualcomm or any other party. This site may also provide links or references to non-Qualcomm sites and resources. Qualcomm makes no representations, warranties, or other commitments whatsoever about any non-Qualcomm sites or third-party resources that may be referenced, accessible from, or linked to this site.