{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,27]],"date-time":"2026-05-27T03:02:41Z","timestamp":1779850961658,"version":"3.53.1"},"publisher-location":"Cham","reference-count":68,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783032078902","type":"print"},{"value":"9783032078919","type":"electronic"}],"license":[{"start":{"date-parts":[[2025,10,17]],"date-time":"2025-10-17T00:00:00Z","timestamp":1760659200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,10,17]],"date-time":"2025-10-17T00:00:00Z","timestamp":1760659200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2026]]},"DOI":"10.1007\/978-3-032-07891-9_19","type":"book-chapter","created":{"date-parts":[[2025,10,16]],"date-time":"2025-10-16T10:24:10Z","timestamp":1760610250000},"page":"359-378","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Code Encryption with\u00a0Intel TME-MK for\u00a0Control-Flow Enforcement"],"prefix":"10.1007","author":[{"given":"Martin","family":"Unterguggenberger","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Lukas","family":"Lamster","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Mathias","family":"Oberhuber","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Simon","family":"Scherer","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Stefan","family":"Mangard","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"297","published-online":{"date-parts":[[2025,10,17]]},"reference":[{"key":"19_CR1","doi-asserted-by":"crossref","unstructured":"Abadi, M., Budiu, M., Erlingsson, \u00da., Ligatti, J.: Control-flow integrity. In: CCS (2005)","DOI":"10.1145\/1102120.1102165"},{"key":"19_CR2","unstructured":"Aktas, E., Cohen, C., Eads, J., Forshaw, J., Wilhelm, F.: Intel Trust Domain Extensions (TDX) Security Review (2023). https:\/\/services.google.com\/fh\/files\/misc\/intel_tdx_-_full_report_041423.pdf. Accessed 10 June 2024"},{"key":"19_CR3","unstructured":"AMD: 4th Gen AMD EPYC Processor Architecture (2023). https:\/\/www.amd.com\/en\/products\/processors\/server\/epyc\/4th-generation-architecture.html. Accessed 27 May 2024"},{"key":"19_CR4","unstructured":"AMD: AMD64 Architecture Programmer\u2019s Manual Volume 2: System Programming (2025). https:\/\/www.amd.com\/content\/dam\/amd\/en\/documents\/processor-tech-docs\/programmer-references\/24593.pdf. Accessed 26 Feb 2025"},{"key":"19_CR5","unstructured":"Arm: Arm Architecture Reference Manual for A-profile architecture (2025). https:\/\/developer.arm.com\/documentation\/ddi0487. Accessed 26 Feb 2025"},{"key":"19_CR6","unstructured":"Azad, B.: Google Project Zero: Examining Pointer Authentication on the iPhone XS (2019). https:\/\/googleprojectzero.blogspot.com\/2019\/02\/examining-pointer-authentication-on.html. Accessed 10 June 2024"},{"key":"19_CR7","doi-asserted-by":"publisher","first-page":"370","DOI":"10.1109\/JPROC.2005.862424","volume":"94","author":"H Bar-El","year":"2006","unstructured":"Bar-El, H., Choukri, H., Naccache, D., Tunstall, M., Whelan, C.: The sorcerer\u2019s apprentice guide to fault attacks. Proc. IEEE 94, 370\u2013382 (2006)","journal-title":"Proc. IEEE"},{"key":"19_CR8","doi-asserted-by":"crossref","unstructured":"Biondo, A., Conti, M., Lain, D.: Back to the epilogue: evading control flow guard via unaligned targets. In: NDSS (2018)","DOI":"10.14722\/ndss.2018.23318"},{"key":"19_CR9","doi-asserted-by":"crossref","unstructured":"Bletsch, T.K., Jiang, X., Freeh, V.W., Liang, Z.: Jump-oriented programming: a new class of code-reuse attack. In: ASIACCS (2011)","DOI":"10.1145\/1966913.1966919"},{"key":"19_CR10","doi-asserted-by":"crossref","unstructured":"Bucek, J., Lange, K., von Kistowski, J.: SPEC CPU2017: next-generation compute benchmark. In: ICPE (2018)","DOI":"10.1145\/3185768.3185771"},{"key":"19_CR11","doi-asserted-by":"crossref","unstructured":"Buchanan, E., Roemer, R., Shacham, H., Savage, S.: When good instructions go bad: generalizing return-oriented programming to RISC. In: CCS (2008)","DOI":"10.1145\/1455770.1455776"},{"key":"19_CR12","doi-asserted-by":"crossref","unstructured":"Burow, N., et al.: Control-flow integrity: precision, security, and performance. ACM Comput. Surv. 50, 16:1\u201316:33 (2017)","DOI":"10.1145\/3054924"},{"key":"19_CR13","unstructured":"Cai, Z., et al.: Demystifying pointer authentication on apple M1. In: USENIX Security (2023)"},{"key":"19_CR14","unstructured":"Carlini, N., Barresi, A., Payer, M., Wagner, D.A., Gross, T.R.: Control-flow bending: on the effectiveness of control-flow integrity. In: USENIX Security (2015)"},{"key":"19_CR15","unstructured":"Carlini, N., Wagner, D.A.: ROP is still dangerous: breaking modern defenses. In: USENIX Security (2014)"},{"key":"19_CR16","doi-asserted-by":"crossref","unstructured":"Checkoway, S., Davi, L., Dmitrienko, A., Sadeghi, A., Shacham, H., Winandy, M.: Return-oriented programming without returns. In: CCS (2010)","DOI":"10.1145\/1866307.1866370"},{"key":"19_CR17","doi-asserted-by":"crossref","unstructured":"Cheng, P., et al.: Intel TDX demystified: a top-down approach. ACM Comput. Surv. 56, 238:1\u2013238:33 (2024)","DOI":"10.1145\/3652597"},{"key":"19_CR18","doi-asserted-by":"crossref","unstructured":"de\u00a0Clercq, R., et al.: SOFIA: software and control flow integrity architecture. In: DATE (2016)","DOI":"10.3850\/9783981537079_1001"},{"key":"19_CR19","unstructured":"Cowan, C., Beattie, S., Johansen, J., Wagle, P.: PointGuard\u2122: protecting pointers from buffer overflow vulnerabilities. In: USENIX Security (2003)"},{"key":"19_CR20","doi-asserted-by":"crossref","unstructured":"Daemen, J., Rijmen, V.: The block cipher rijndael. In: CARDIS (1998)","DOI":"10.1007\/BFb0052343"},{"key":"19_CR21","doi-asserted-by":"crossref","unstructured":"Daemen, J., Rijmen, V.: The design of rijndael: AES - the advanced encryption standard. In: Information Security and Cryptography (2002)","DOI":"10.1007\/978-3-662-04722-4"},{"key":"19_CR22","doi-asserted-by":"crossref","unstructured":"Durumeric, Z., et al.: The matter of heartbleed. In: IMC (2014)","DOI":"10.1145\/2663716.2663755"},{"key":"19_CR23","doi-asserted-by":"crossref","unstructured":"Gaidis, A.J., Moreira, J., Sun, K., Milburn, A., Atlidakis, V., Kemerlis, V.P.: FineIBT: fine-grain control-flow enforcement with indirect branch tracking. In: RAID (2023)","DOI":"10.1145\/3607199.3607219"},{"key":"19_CR24","doi-asserted-by":"crossref","unstructured":"Gousselot, T., Dutertre, J., Potin, O., Rigaud, J.: Code encryption for confidentiality and execution integrity down to control signals. In: HOST (2025)","DOI":"10.1109\/HOST64725.2025.11050061"},{"key":"19_CR25","unstructured":"Graham-Cumming, J.: Incident report on memory leak caused by Cloudflare parser bug (2017). https:\/\/blog.cloudflare.com\/incident-report-on-memory-leak-caused-by-cloudflare-parser-bug. Accessed 10 June 2024"},{"key":"19_CR26","doi-asserted-by":"crossref","unstructured":"Halderman, J.A., et al.: Lest we remember: cold boot attacks on encryption keys. In: USENIX Security (2008)","DOI":"10.1145\/1506409.1506429"},{"key":"19_CR27","unstructured":"Intel: Intel Architecture Memory Encryption Technologies (2022). https:\/\/www.intel.com\/content\/www\/us\/en\/content-details\/679154\/intel-architecture-memory-encryption-technologies-specification.html. Revision 1.4. Accessed 31 Jan 2023"},{"key":"19_CR28","unstructured":"Intel: Intel Trust Domain Extensions (2022). https:\/\/cdrdv2-public.intel.com\/690419\/TDX-Whitepaper-February2022.pdf. Accessed 27 May 2024"},{"key":"19_CR29","unstructured":"Intel: Runtime Encryption of Memory with Intel Total Memory Encryption-Multi-Key (Intel TME-MK) (2022). https:\/\/www.intel.com\/content\/www\/us\/en\/developer\/articles\/news\/runtime-encryption-of-memory-with-intel-tme-mk.html. Accessed 27 May 2024"},{"key":"19_CR30","unstructured":"Intel: Architecture Specification: Intel Trust Domain Extensions (Intel TDX) Module (2023). https:\/\/cdrdv2-public.intel.com\/733568\/tdx-module-1.0-public-spec-344425005.pdf. Accessed 27 May 2024"},{"key":"19_CR31","unstructured":"Intel Labs: TME-MK-i for Memory Safety (2024). https:\/\/github.com\/intellabs\/tme-mk-fine-grained-encryption-integrity. Accessed 20 May 2024"},{"key":"19_CR32","unstructured":"Ismail, M., Quach, A., Jelesnianski, C., Jang, Y., Min, C.: Tightly seal your sensitive pointers with PACTight. In: USENIX Security (2022)"},{"key":"19_CR33","unstructured":"Kaplan, D., Powell, J., Woller, T.: AMD Memory Encryption (2021). https:\/\/www.amd.com\/content\/dam\/amd\/en\/documents\/epyc-business-docs\/white-papers\/memory-encryption-white-paper.pdf. Accessed 27 May 2024"},{"key":"19_CR34","doi-asserted-by":"crossref","unstructured":"Kim, Yet al.: Flipping bits in memory without accessing them: an experimental study of DRAM disturbance errors. In: ISCA (2014)","DOI":"10.1109\/ISCA.2014.6853210"},{"key":"19_CR35","doi-asserted-by":"crossref","unstructured":"Kocher, P., et al.: Spectre attacks: exploiting speculative execution. In: S &P (2019)","DOI":"10.1109\/SP.2019.00002"},{"key":"19_CR36","unstructured":"Kuznetsov, V., Szekeres, L., Payer, M., Candea, G., Sekar, R., Song, D.: Code-pointer integrity. In: OSDI (2014)"},{"key":"19_CR37","unstructured":"Lattner, C., Adve, V.S.: LLVM: a compilation framework for lifelong program analysis & transformation. In: CGO (2004)"},{"key":"19_CR38","doi-asserted-by":"crossref","unstructured":"LeMay, M., et al.: Cryptographic capability computing. In: MICRO (2021)","DOI":"10.1145\/3466752.3480076"},{"key":"19_CR39","unstructured":"Liljestrand, H., Nyman, T., Gunn, L.J., Ekberg, J., Asokan, N.: PACStack: an authenticated call stack. In: USENIX Security (2021)"},{"key":"19_CR40","unstructured":"Liljestrand, H., Nyman, T., Wang, K., Perez, C.C., Ekberg, J., Asokan, N.: PAC it up: towards pointer integrity using ARM pointer authentication. In: USENIX Security (2019)"},{"key":"19_CR41","unstructured":"Lipp, M., et al.: Meltdown: reading kernel memory from user space. In: USENIX Security (2018)"},{"key":"19_CR42","doi-asserted-by":"crossref","unstructured":"Lu, K., Hu, H.: Where does it go?: refining indirect-call targets with multi-layer type analysis. In: CCS (2019)","DOI":"10.1145\/3319535.3354244"},{"key":"19_CR43","doi-asserted-by":"publisher","first-page":"68","DOI":"10.1109\/MSP.2010.111","volume":"8","author":"L Martin","year":"2010","unstructured":"Martin, L.: XTS: a mode of AES for encrypting hard disks. IEEE Secur. Priv. 8, 68\u201369 (2010)","journal-title":"IEEE Secur. Priv."},{"key":"19_CR44","doi-asserted-by":"crossref","unstructured":"Mashtizadeh, A.J., Bittau, A., Boneh, D., Mazi\u00e8res, D.: CCFI: cryptographically enforced control flow integrity. In: CCS (2015)","DOI":"10.1145\/2810103.2813676"},{"key":"19_CR45","unstructured":"Miller, M.: Trends, challenges, and strategic shifts in the software vulnerability mitigation landscape (2019). https:\/\/github.com\/Microsoft\/MSRC-Security-Research\/blob\/master\/presentations\/2019_02_BlueHatIL\/2019_01%20-%20BlueHatIL%20-%20Tren. Accessed 26 Feb 2023"},{"key":"19_CR46","doi-asserted-by":"crossref","unstructured":"Murdock, K., Oswald, D.F., Garcia, F.D., Bulck, J.V., Gruss, D., Piessens, F.: Plundervolt: software-based fault injection attacks against intel SGX. In: S &P (2020)","DOI":"10.1109\/SP40000.2020.00057"},{"key":"19_CR47","doi-asserted-by":"crossref","unstructured":"Nasahl, P., Mangard, S.: SCRAMBLE-CFI: mitigating fault-induced control-flow attacks on OpenTitan. In: GLSVLSI (2023)","DOI":"10.1145\/3583781.3590221"},{"key":"19_CR48","doi-asserted-by":"crossref","unstructured":"Nasahl, P., et al.: EC-CFI: control-flow integrity via code encryption counteracting fault attacks. In: HOST (2023)","DOI":"10.1109\/HOST55118.2023.10132915"},{"key":"19_CR49","unstructured":"National Security Agency: NSA Cybersecurity Information Sheet: Software Memory Safety (2022). https:\/\/media.defense.gov\/2022\/Nov\/10\/2003112742\/-1\/-1\/0\/CSI_SOFTWARE_MEMORY_SAFETY.PDF. Accessed 26 Feb 2023"},{"key":"19_CR50","unstructured":"Prince, M.: Quantifying the Impact of \u201cCloudbleed\u201d (2017). https:\/\/blog.cloudflare.com\/quantifying-the-impact-of-cloudbleed. Accessed 10 June 2024"},{"key":"19_CR51","unstructured":"Qualcomm: Pointer Authentication on ARMv8.3 (2017). https:\/\/www.qualcomm.com\/content\/dam\/qcomm-martech\/dm-assets\/documents\/pointer-auth-v7.pdf. Accessed 26 Feb 2023"},{"key":"19_CR52","doi-asserted-by":"crossref","unstructured":"Ravichandran, J., Na, W.T., Lang, J., Yan, M.: PACMAN: attacking ARM pointer authentication with speculative execution. In: ISCA (2022)","DOI":"10.1145\/3470496.3527429"},{"key":"19_CR53","unstructured":"Rebert, A., Kern, C.: Secure by Design: Google\u2019s Perspective on Memory Safety. Technical report, Google Security Engineering (2024)"},{"key":"19_CR54","doi-asserted-by":"crossref","unstructured":"Roemer, R., Buchanan, E., Shacham, H., Savage, S.: Return-oriented programming: systems, languages, and applications. ACM Trans. Priv. Secur. 15, 2:1\u20132:34 (2012)","DOI":"10.1145\/2133375.2133377"},{"key":"19_CR55","doi-asserted-by":"crossref","unstructured":"Rogaway, P., Bellare, M., Black, J., Krovetz, T.: OCB: a block-cipher mode of operation for efficient authenticated encryption. In: CCS (2001)","DOI":"10.1145\/502010.502011"},{"key":"19_CR56","unstructured":"R\u00f6ttger, S.: Control-flow Integrity in V8 (2023). https:\/\/v8.dev\/blog\/control-flow-integrity. Accessed 10 June 2024"},{"key":"19_CR57","doi-asserted-by":"crossref","unstructured":"Schrammel, D., et al.: MEMES: memory encryption-based memory safety on commodity hardware. In: SECRYPT (2023)","DOI":"10.5220\/0012050300003555"},{"key":"19_CR58","doi-asserted-by":"crossref","unstructured":"Schrammel, D., et al.: Memory tagging using cryptographic integrity on commodity x86 CPUs. In: EuroS &P (2024)","DOI":"10.1109\/EuroSP60621.2024.00024"},{"key":"19_CR59","doi-asserted-by":"crossref","unstructured":"Shacham, H.: The geometry of innocent flesh on the bone: return-into-libc without function calls (on the x86). In: CCS (2007)","DOI":"10.1145\/1315245.1315313"},{"key":"19_CR60","doi-asserted-by":"crossref","unstructured":"Shanbhogue, V., Gupta, D., Sahita, R.: Security analysis of processor instruction set architecture for enforcing control-flow integrity. In: HASP (2019)","DOI":"10.1145\/3337167.3337175"},{"key":"19_CR61","doi-asserted-by":"crossref","unstructured":"Szekeres, L., Payer, M., Wei, T., Song, D.: SoK: eternal war in memory. In: S &P (2013)","DOI":"10.1109\/SP.2013.13"},{"key":"19_CR62","unstructured":"Tang, A., Sethumadhavan, S., Stolfo, S.J.: CLKSCREW: exposing the perils of security-oblivious energy management. In: USENIX Security (2017)"},{"key":"19_CR63","unstructured":"Taylor, A., Whalley, A., Jansens, D., Oskov, N.: An update on Memory Safety in Chrome (2021). https:\/\/security.googleblog.com\/2021\/09\/an-update-on-memory-safety-in-chrome.html. Accessed 26 June 2023"},{"key":"19_CR64","unstructured":"Tice, C., et al.: Enforcing forward-edge control-flow integrity in GCC & LLVM. In: USENIX Security (2014)"},{"key":"19_CR65","doi-asserted-by":"crossref","unstructured":"Unterguggenberger, M., Lamster, L., Schrammel, D., Schwarzl, M., Mangard, S.: TME-Box: scalable in-process isolation through intel TME-MK memory encryption. In: NDSS (2025)","DOI":"10.14722\/ndss.2025.240277"},{"key":"19_CR66","doi-asserted-by":"crossref","unstructured":"Unterguggenberger, M., Schrammel, D., Lamster, L., Nasahl, P., Mangard, S.: Cryptographically enforced memory safety. In: CCS (2023)","DOI":"10.1145\/3576915.3623138"},{"key":"19_CR67","doi-asserted-by":"crossref","unstructured":"van\u00a0der Veen, V., et al.: A tough call: mitigating advanced code-reuse attacks at the binary level. In: S &P (2016)","DOI":"10.1109\/SP.2016.60"},{"key":"19_CR68","doi-asserted-by":"crossref","unstructured":"Werner, M., Unterluggauer, T., Schaffenrath, D., Mangard, S.: Sponge-based control-flow protection for IoT devices. In: EuroS &P (2018)","DOI":"10.1109\/EuroSP.2018.00023"}],"container-title":["Lecture Notes in Computer Science","Computer Security \u2013 ESORICS 2025"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-032-07891-9_19","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,5,27]],"date-time":"2026-05-27T02:21:07Z","timestamp":1779848467000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-032-07891-9_19"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,10,17]]},"ISBN":["9783032078902","9783032078919"],"references-count":68,"URL":"https:\/\/doi.org\/10.1007\/978-3-032-07891-9_19","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,10,17]]},"assertion":[{"value":"17 October 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ESORICS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"European Symposium on Research in Computer Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Toulouse","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"France","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2025","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"22 September 2025","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"24 September 2025","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"30","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"esorics2025","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.esorics2025.org\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}