Skip to Main content Skip to Navigation
Conference papers

NOP-Oriented Programming: Should we Care?

Pierre-yves Péneau 1 Ludovic Claudepierre 2 Damien Hardy 3 Erven Rohou 3 
2 CIDRE - Confidentialité, Intégrité, Disponibilité et Répartition
CentraleSupélec, Inria Rennes – Bretagne Atlantique , IRISA-D1 - SYSTÈMES LARGE ÉCHELLE
3 PACAP - Pushing Architecture and Compilation for Application Performance
Inria Rennes – Bretagne Atlantique , IRISA-D3 - ARCHITECTURE
Abstract : Many fault injection techniques have been proposed in the recent years to attack computing systems, as well as the corresponding countermeasures. Most of published attacks are limited to one or a few faults. We provide a theoretical analysis of instruction skip attacks to show how an attacker can modify an application behavior at run-time when thousands of instruction skips are possible. Our main result is that instruction skip is Turing-complete under our theoretical model while requiring the presence of only common instructions in the binary. As a consequence, we show that current software-based countermeasures are fragile. In addition, we release a modification of gem5 that implements a classical instruction skip fault model that we used for our experiments. We believe this kind of simulation tools are useful to help the community explore attacks and hardware and software countermeasures.
Complete list of metadata

Cited literature [39 references]  Display  Hide  Download
Contributor : Pierre-Yves Péneau Connect in order to contact the contributor
Submitted on : Wednesday, August 5, 2020 - 3:52:27 PM
Last modification on : Saturday, June 25, 2022 - 9:15:18 PM
Long-term archiving on: : Monday, November 30, 2020 - 3:00:44 PM


Files produced by the author(s)



Pierre-yves Péneau, Ludovic Claudepierre, Damien Hardy, Erven Rohou. NOP-Oriented Programming: Should we Care?. Sécurité des Interfaces Logiciel/Matériel, Sep 2020, Genoa (virtual), Italy. ⟨10.1109/EuroSPW51379.2020.00100⟩. ⟨hal-02912301⟩



Record views


Files downloads