Skip to main content
Topic: Asymetric encryption to harden the OS against remote code execution (Read 584 times) previous topic - next topic
0 Members and 1 Guest are viewing this topic.

Asymetric encryption to harden the OS against remote code execution

Hello guys a light bulb flash into my mind in order to increase the OS security against remote code execution attacks due to unknown vulnerabilities. So long story short my idea is as follow: every process in order to be executed to have a fingerprint. So because the processor doesn't make a difference if the code is executed from a legit user or from the outside (malicious remote user in case of an exploit)  my idea is that in order to give legitimacy of a process to have the option to create a public-private key pair so that a process  without having the private key would not get executed at all. So when you launch a process to be generated a hash encrypted with the public key and if it is legitimate will be legitimized by the  private key found on the system. So when a remote code would try to bypass/exploit de vulnerability it will fail because will not have the legitimate hash derived from the private key only to be found on the user pc. Of course this mechanism will fail in the case of a trojan because that being already on the system can read the private key and send it to the attacker. Anyway this key pairs could be generated automatically after a reboot or a new session. What do you think guys? I'm thinking about this one because could be injected payloads coming from browsers that are more exposed to the internet and running with user rights that still can read clipboard print screen or key logg  8)

Re: Asymetric encryption to harden the OS against remote code execution

Reply #1
I'm not a security expert so I can't answer your question, though I have one complain to give:

Can you make your proposition have better structure and design, e.g proper spacing, instead of one huge wall of text?

Nobody is going to read this the way it's written

Re: Asymetric encryption to harden the OS against remote code execution

Reply #2
Well, when an attacker executes arbitrary code on your PC, he apparently uses an existing process (e.g. browser) to start the code. For the OS, it's just one process starting another process, nothing extraordinary.

BTW we start this or that code remotely every day, for example, when we request this page in our browser, we start web server, database server and PHP applications on a remote computer, not to mention various intermediate networking devices which are necessary to bring our request to the server.

So, remote code execution is an OK and necessary thing, that's what allows networks to work. What is not OK, and what is vulnerability, that's arbitrary remote code execution.