Intro to Intel's Control-Flow Enforcement Technology

Departments: Computer ScienceElectrical Engineering
Time: Tuesday, September 20, 2016 - 1:00pm - 2:00pm
Type: Seminar Series
Presenter: Ittai Anati; Senior Principal Engineer (Intel Corporation)
Room/Office: Becton 035
Location:
Becton Seminar Room
15 Prospect Street
New Haven, CT 06511
United States
See map: Google Maps

Yale Computer Engineering Seminar Series

Ittai Anati
Senior Principal Engineer (Intel Corporation)  
Intro to Intel's Control-Flow Enforcement Technology

Abstract: Control flow subversion attacks (ROP/JOP/COP) are becoming the attack vector of choice. After considering multiple approaches to address these emerging threats we narrowed the proposal down to the Control-Flow Enforcement Technology (CET) specification for Intel Architecture which covers both application and supervisor spaces. CET comprises of two main components; a shadow stack that verifies the integrity of control flow changes through RET operations and a new ENDBRANCH instruction that verifies the integrity of control flow changes through indirect jumps and calls. The talk will describe the main concepts of CET.

Bio: Ittai Anati is a senior principal engineer at Intel Corporation. He works at the processor architecture group, focusing on security. In his latest role, Ittai was the lead architect for integrating Intel's Software Guard Extension (Intel(tm) SGX) into the 6th generation Core CPU codenamed Skylake.

Host: Prof. Jakub Szefer, Dept. of Electrical Engineering, Yale University

1:00 p.m.
Tuesday, September 20, 2016 
Becton Seminar Room, Room MC035