Comments on: RIO: Return Instruction Obfuscation for Bare-Metal IoT Devices with Binary Analysis
Kai Lehniger, Peter Langendörfer
TL;DR
The paper analyzes the RIO approach for Return Instruction Obfuscation on ARM-based bare-metal IoT devices and identifies flaws that allow attackers to recover plaintext return instructions without the secret key. It explains RIO's LLVM-based implementation, including the Run-Time Return Control Flow module and an SRAM-stored decryption table, and then highlights three attack vectors that undermine the scheme. The authors propose concrete improvements such as encrypting prologue pushes, adding randomization to stack-frame handling, and dynamic runtime diversification to counter binary-analysis-based gadget discovery. These insights have practical implications for securing ROP-resistant designs in resource-constrained IoT environments by clarifying where current protections can fail and how to strengthen them.
Abstract
This is a comment on "RIO: Return Instruction Obfuscation for Bare-Metal IoT Devices with Binary Analysis". RIO prevents finding gadgets for Return-Oriented Programming attacks by encrypting return instructions. This paper shows flaws in the design of RIO that allow for the easy retrieval of the plaintext return instructions without decrypting them. Additionally, changes are proposed to improve upon the original idea.