OnQ Blog

Qualcomm releases whitepaper detailing pointer authentication on ARMv8.3

2017年1月10日

Qualcomm products mentioned within this post are offered by Qualcomm Technologies, Inc. and/or its subsidiaries.

ARM recently announced ARMv8.3-A, the 2016 additions to the ARMv8-A architecture. These additions include pointer authentication instructions: “a mechanism for enhanced security associated with pointer authentication.” It is very exciting to see the technology, refined and expanded through discussions and contributions from ARM and its partners, making it into the architecture as the new pointer authentication instructions.

The pointer authentication scheme added to the ARMv8 architecture is a software security primitive that makes it much harder for an attacker to modify protected pointers in memory without being detected. In a new Qualcomm whitepaper, we describe the pointer authentication mechanism including the design criteria, provide a security analysis, and discuss the implementation of certain software security countermeasures such as stack protection and control flow integrity using the pointer authentication primitives.

These new instructions provide a way for quickly verifying the integrity of pointers and data in memory. In addition to the use cases described in the whitepaper, we expect these primitives to pave way to new techniques and opportunities to improve the memory safety of programs and runtime environments.

Download the whitepaper here

 

Engage with us on

and

Related News

OnQ

Secure boot and image authentication in mobile tech

Ensuring that a device runs only authorized and trusted software is crucial to end users, device manufacturers (OEMs), and carriers alike. OEMs may want to protect their devices from running unauthorized software. Software that is not authentic could degrade carrier network or device performance. Malicious software can potentially compromise anything from a user’s private or financial data to irreparably damaging the physical device itself. There are many risks and potential consequences in executing untrusted software — more than we can enumerate here.

Consider an attacker who attempts maliciously inject or modify the software images in storage.  The earlier in the chain of loaded software that an attacker can compromise an image, the more control they gain. Device software is usually loaded in stages where each software image is often configured to have less authority and control than the previous image in the chain. Specifically, the first software image which is loaded has nearly complete control of the device. These first images to be loaded are called bootloader images.

If an attacker can replace the first software image to execute with their own malicious image, then they control the rest of the device’s execution. This makes the integrity of the boot chain critical. Replacing a bootloader image in storage with a malicious image could result in a persistent exploit that would control execution in that software image and any image to be run after it. 

Implementing a “secure boot” chain is designed to ensure that each of these images are unmodified, and is one way of deterring malicious or dangerous software from executing. Qualcomm Technologies products offer a secure boot implementation and have for many years.

Secure boot is defined as a boot sequence in which each executable software image is authenticated by previously verified software. This sequence is engineered to prevent unauthorized or modified code from running. We build our chain of trust according to this definition, starting with the first piece of immutable software running out of read-only-memory (ROM). This first ROM bootloader cryptographically verifies the signature of the next bootloader in the chain, then that bootloader cryptographically verifies the signature of the next software image or images, and so on.

The diagram above depicts an example of a secure boot sequence. The three images verified by the operating system have been authenticated by a chain of trust that leads back to the first ROM bootloader in hardware. Each image in this chain has been cryptographically verified by a certificate chain anchored to the root certificate, which is also anchored in hardware. Any attempt to inject potentially harmful code into the image will be thwarted.

For more information on the Qualcomm Technologies secure boot and image authentication process, download our Qualcomm Technologies Secure Boot whitepaper. This whitepaper provides an in-depth look at our signed ELF images format, the process of loading and authenticating those images, certificate chain contents, and supported signature algorithms.

Learn more about Qualcomm Product Security

 

2017年1月17日
OnQ

Qualcomm releases whitepaper detailing pointer authentication on ARMv8.3

ARM recently announced ARMv8.3-A, the 2016 additions to the ARMv8-A architecture. These additions include pointer authentication instructions: “a mechanism for enhanced security associated with pointer authentication.” It is very exciting to see the technology, refined and expanded through discussions and contributions from ARM and its partners, making it into the architecture as the new pointer authentication instructions.

The pointer authentication scheme added to the ARMv8 architecture is a software security primitive that makes it much harder for an attacker to modify protected pointers in memory without being detected. In a new Qualcomm whitepaper, we describe the pointer authentication mechanism including the design criteria, provide a security analysis, and discuss the implementation of certain software security countermeasures such as stack protection and control flow integrity using the pointer authentication primitives.

These new instructions provide a way for quickly verifying the integrity of pointers and data in memory. In addition to the use cases described in the whitepaper, we expect these primitives to pave way to new techniques and opportunities to improve the memory safety of programs and runtime environments.

Download the whitepaper here

 

2017年1月10日