What is Alkemist®?
RunSafe Security’s Alkemist is a suite of software tools that apply memory protections directly into code, enabling that code to protect itself from memory corruption vulnerabilities without altering the functionality of the code.
Alkemist:Source randomizes the memory address for each function, making reliable exploitation nearly impossible for an attacker. Alkemist:Source uses a proprietary technique called Load-time Function Randomization (LFR).
Alkemist:Repo applies Alkemist:Source to common open-source applications, repackaging them with memory protections by default.
Alkemist:Source has an imperceptible effect on program initialization and runtime performance. When using the SPEC CPU2006 test suite, Alkemist:Source adds less than a 1% overhead to most of the benchmark running times. This percentage drops even lower when Alkemist:Source is applied to long-running services/daemons.
Binaries built with Alkemist:Source are randomized when loaded into main memory. This means that protected programs can be distributed just like traditional programs and can use the same checksum and signature tools too.
Easy to Use
No changes to build tools or processes are required. In most cases, using Alkemist:Source is as easy as prepending our helper script to the beginning of your build command.
Alkemist:Repo offerings infuse run-time cyber protections directly into open source code using Alkemist:Source technology. Software is automatically secured from the most common and severe types of cyber attacks with the highest level of protection.
Secures Third-Party Software
When using open-source software, developers have minimal insight into and control over the security of those applications. By using Alkemist:Repo, the same applications can be used while knowing that an entire class of security vulnerabilities has been mitigated.
Deploying with Alkemist:Repo is as simple as modifying where your software is currently installed from to point at RunSafe servers.
How it Works
Memory layouts have evolved a lot over time, but there are still fundamental problems that have plagued them all. On the left is the memory layout representative of a program built in the late 90s. Each time a program was executed, or library loaded, the memory addresses of each program were the same. In the early 2000s most OSes began adopting Address Space Layout Randomization (ASLR) to help prevent attackers from always knowing where . ASLR randomizes the base address of a program each time it is executed, but has an inherent weakness in that the whole program is moved as one unit. Introduction of ASLR made exploitation of memory corruption vulnerabilities more difficult, but ASLR can be defeated easily by one information leak. Alkemist:Source improves upon the ASLR concept by randomizing each function within a program.
An important aspect of Alkemist:Source is that while functions move around in memory, the functionality of the program stays identical. One way to assess functionality is to look at the call graph of a program. Let’s consider a simple program with five functions with a call graph shown in the left of the figure below. The call graph would read: Function 1 calls Function 3, Function 3 calls Function 2, Function 2 calls Function 4, and Function 4 calls Function 5. For simplicity’s sake, consider all functions to be contiguous in memory in the order shown in the figure. On the right is the same program, with the same five functions, after the program is executed and Alkemist:Source randomizes the functions in memory. You will see that while the functions are not in the same location, the call graph is the same.
By building Alkemist:Source into your software, you deprive the attacker the ability to reliably exploit your software because the code they need to execute is never in the same place twice. Additionally, any failed attempts to exploit Alkemist:Source-protected software result in the program crashing. When the software is launched again, any information an attacker could gain from the previous failed exploit attempt would not be useful because the program will have been randomized again.
Alkemist:Source allows you to continue using your existing compiler and linker. We accomplish this by sitting in front of the linker, making the modifications needed, and then calling your linker. This process can be seen in the figure below. The top path through the process is what a normal build looks like, abstracting away the infinite complexities that build systems bring. Alkemist:Source has been proven to work with builds as simple as a “Hello, World” example built with GCC all the way to a complex Yocto-based build using different compilers per project. With Alkemist:Source in the mix, compilation takes a slightly different path at the linking stage, where we inject information needed to accomplish our runtime randomization.
Alkemist:Repo applies all of this technology in pre-built packages of open-source applications to allow you to gain the protections of Alkemist:Source by simply changing where you pull your deployment's Docker images from.
Integrating Alkemist:Source into your software build process can be as seamless as changing one line of code. Head to the Alkemist:Source Deploy page to get started then and start your free trial today!
Adding Alkemist:Repo into your deployment simply involves changing where you pull software from. Visit our automatic upgrade tool to get started!