Many cybersecurity attacks rely on analyzing a binary executable to find
exploitable sections of code. Code obfuscation is used to prevent attackers
from reverse engineering these executables. In this work, we focus on control
flow obfuscation - a technique that prevents attackers from statically
determining which code segments are original, and which segments are added in
to confuse attackers. We propose a RISC-V-based hardware-assisted deobfuscation
technique that deobfuscates code at runtime based on a secret safely stored in
hardware, along with an LLVM compiler extension for obfuscating binaries.
Unlike conventional tools, our work does not rely on compiling
hard-to-reverse-engineer code, but on securing a secret key. As such, it can be
seen as a lightweight alternative to on-the-fly binary decryption.Comment: 2019 Boston Area Architecture Workshop (BARC'19