Browse Prior Art Database

Method for authenticating processor execution streams at runtime

IP.com Disclosure Number: IPCOM000008847D
Publication Date: 2002-Jul-17
Document File: 2 page(s) / 31K

Publishing Venue

The IP.com Prior Art Database

Abstract

Disclosed is a method for authenticating processor execution streams at runtime. Benefits include improved security.

This text was extracted from a Microsoft Word document.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 50% of the total text.

Method for authenticating processor execution streams at runtime

Disclosed is a method for authenticating processor execution streams at runtime. Benefits include improved security.

Background

              A large number of conventional software solutions exist for authenticating executables that have been downloaded from the Internet or obtained from a third party. These authentication schemes work by applying a one-way hash function to the whole executable and comparing it to a known value. However, when an executable has been authenticated and starts running, no further authentication of the execution stream is performed. The malicious modification of a running executable is not addressed.

              The most prevalent conventional security problem in Internet server applications is buffer overflow exploitation. An attacker uses the fact that the application does not sufficiently check the length of all its input parameters. The attacker passes a string to the application that exceeds the size of the allocated buffer and overwrites the local stack area that holds the return address of the current function. When the function returns, the manipulated return address passes control to a section of the input string that contains malicious code.

              While buffer overflow exploitation is essentially a software problem, the complexity of the software involved makes it unlikely that the vulnerability will ever completely be removed through software techniques.

Description

              The disclosed method is a hardware mechanism that enables a microprocessor to authenticate each instruction before it is executed, preventing malicio...