Comments on: RIO: Return Instruction Obfuscation for Bare-Metal IoT Devices with Binary Analysis

Comments on: RIO: Return Instruction Obfuscation for Bare-Metal IoT Devices with Binary Analysis

This is a comment on "RIO: Return Instruction Obfuscation for Bare-Metal IoT Devices with Binary Analysis". RIO prevents finding gadgets for Return-Oriented Programming attacks by encrypting return instructions. This paper shows flaws in the design of RIO that allow for the easy retrieval...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Lehniger, Kai, Langendörfer, Peter
Format: Artikel
Sprache:eng
Schlagworte:
Computer Science - Cryptography and Security
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:This is a comment on "RIO: Return Instruction Obfuscation for Bare-Metal IoT Devices with Binary Analysis". RIO prevents finding gadgets for Return-Oriented Programming attacks by encrypting return instructions. This paper shows flaws in the design of RIO that allow for the easy retrieval of the plaintext return instructions without decrypting them. Additionally, changes are proposed to improve upon the original idea.
DOI:10.48550/arxiv.2412.08257