News & Events

Intel Shadow Stack – A Bridge Too Far for the Tech Giant?

Karamba Security | June 11th, 2019
green lines

Intel has yet to deploy its Control-Flow Enforcement Technology (CET) in its for-market processors, yet another testament to the importance of control flow integrity (CFI) for addressing in-memory cyberattacks.

A lot has changed since 2016 – and if you’ve flipped on a TV or been on Twitter since then, you know that’s an understatement. Donald Trump became president, Brexit won, LeBron became a Laker, and the Cubs won a World Series.

One thing has remained the same though – Intel has yet to deploy its Control-Flow Enforcement Technology (CET) in its for-market processors. If anything, this is yet another testament to the importance of control flow integrity (CFI) for addressing in-memory cyberattacks.

Intel announced the CET specification in June 2016, and in a blog post at the time, touted its ability to “establish controls to help prevent and interfere with code-reuse attacks.”

Much like Karamba’s XGuard CFI, CET is designed to stop the misuse of legitimate code and exploits like return-oriented programming (ROP).

As Intel explained in May 2019, CET allocates a shadow stack that is used solely for control transfer operations, and works in addition to the traditional stack for control transfer and data, in order to thwart ROP attacks. With CET on board, return instructions would first be confirmed by the CPU to ensure that the return address on the thread stack and the shadow stack match.

So far though, the promise of CET has not reached fruition.

Introducing a runtime integrity validation into every Intel based connected system bears the promise of an incredible security advancement that would fortify countless use cases like never before. Luckily, Karamba’s Control Flow Integrity provides the answer already today, for Intel CPUs as well as Arm (32 and 64 bit), PowerPC and Infineon.

With Karamba CFI, code reuse attacks are detected, blocked, and reported, with a negligible impact on system performance. Karamba CFI works by monitoring and validating both forward and backward memory address jumps in real time. It rejects diversions from the device’s factory settings, so even if the code has memory vulnerabilities like buffer overflow, the exploits are blocked at the gate.

Karamba CFI is automatically installed during the build process to operate during runtime. With granular control of functions to be implemented it has proven to have a negligible performance footprint. Protecting the full software stack, OS, application and 3rd party libraries and scripts, it is also chip architecture and OS agnostic and can be applied across a product portfolio as a base software. When Intel CET is launched, further down the road, Karamba XGuard can be used to manage and enable CET, and provide deep forensics on exploit attempts and enable auto-recovery when an attempt is detected and prevented.

A lot can happen in a few years, and hopefully these next few years will bring Intel CET closer to market deployment.

Read more

Want to learn more?

Contact Us
Loc

USA

41000 Woodward Ave
Building East, Suite 350
Bloomfield Hills, MI 48304
Tel: +1 248-574-5171

Loc

Israel

24 HaNagar Street
Hod Hasharon
45277-13
Tel: +972 9 88 66 113

Loc

Germany

Wasserburger
Landstr. 264, Munich
81827
Tel: +49 151 1471 6088