loophole timing attacks on shared event loops in chrome
play

Loophole: Timing Attacks on Shared Event Loops in Chrome Pepe Vila - PowerPoint PPT Presentation

Nov 30, 2023 •553 likes •1.2k views

Loophole: Timing Attacks on Shared Event Loops in Chrome Pepe Vila and Boris Kpf vwzq.net @cgvwzq github.com/cgvwzq EVENT DRIVEN PROGRAMMING SO HOT RIGHT NOW EVENT DRIVEN PROGRAMMING SO HOT RIGHT NOW Source:

  1. Loophole: Timing Attacks on Shared Event Loops in Chrome Pepe Vila and Boris Köpf vwzq.net @cgvwzq github.com/cgvwzq

  2. EVENT DRIVEN PROGRAMMING SO HOT RIGHT NOW

  3. EVENT DRIVEN PROGRAMMING SO HOT RIGHT NOW

  4. Source: http://berb.github.io/diploma-thesis/original/042_serverarch.html

  5. We exploit 2 different shared Event Loops in Chrome:

  6. We exploit 2 different shared Event Loops in Chrome: I/O’s of the Host Process Main thread’s of Renderers

  7. We exploit 2 different shared Event Loops in Chrome: I/O’s of the Host Process Main thread’s of Renderers And implement 3 different attacks:

  8. We exploit 2 different shared Event Loops in Chrome: I/O’s of the Host Process Main thread’s of Renderers And implement 3 different attacks: Page Identification

  9. We exploit 2 different shared Event Loops in Chrome: I/O’s of the Host Process Main thread’s of Renderers And implement 3 different attacks: Page Identification Inter-keystroke Timing 10.00 4.00 2.00 1.00 0.40 0.20 0.10 0.06 0.04 0.02 19780.000 19785.000 19790.000 19795.000 19800.000

  10. We exploit 2 different shared Event Loops in Chrome: I/O’s of the Host Process Main thread’s of Renderers And implement 3 different attacks: Page Identification Covert Channel Inter-keystroke Timing 10.00 4.00 2.00 1.00 0.40 0.20 0.10 0.06 0.04 0.02 19780.000 19785.000 19790.000 19795.000 19800.000

  12. Shared Event Loop FIFO queue Dispatcher time

  13. Shared Event Loop FIFO queue e 0 Dispatcher time

  14. Shared Event Loop FIFO queue Dispatcher time e 0

  15. Shared Event Loop FIFO queue e 1 Dispatcher time e 0

  16. Shared Event Loop FIFO queue e 1 e 0 Dispatcher time

  17. Shared Event Loop FIFO queue e 0 Dispatcher time e 1

  18. Shared Event Loop FIFO queue e 2 e 0 Dispatcher time e 1

  19. Shared Event Loop FIFO queue e 2 e 0 e 1 Dispatcher time

  20. Shared Event Loop FIFO queue e 2 e 0 e 1 Dispatcher time

  21. Shared Event Loop FIFO queue e 0 e 1 Dispatcher time e 2

  22. Shared Event Loop FIFO queue e 0 e 1 Dispatcher time e 2

  23. Shared Event Loop FIFO queue e 3 e 0 e 1 Dispatcher time e 2

  24. Shared Event Loop FIFO queue e 3 e 0 e 1 e 2 Dispatcher time

  25. Shared Event Loop FIFO queue e 3 e 0 e 1 e 2 Dispatcher time

  26. Shared Event Loop FIFO queue e 3 e 0 e 1 e 2 Dispatcher time

  27. Shared Event Loop FIFO queue e 0 e 1 e 2 Dispatcher time e 3

  28. Shared Event Loop FIFO queue e 4 e 0 e 1 e 2 Dispatcher time e 3

  29. Shared Event Loop FIFO queue e 4 e 0 e 1 e 2 e 3 Dispatcher time

  30. Shared Event Loop FIFO queue e 0 e 1 e 2 e 3 Dispatcher time e 4

  31. Shared Event Loop FIFO queue e 0 e 1 e 2 e 3 e 4 Dispatcher time

  32. Shared Event Loop FIFO queue d 0 d 1 d 2 d 3 e 0 e 1 e 2 e 3 e 4 Dispatcher time

  33. Shared Event Loop Event-delay trace FIFO queue d 0 d 1 d 2 d 3 e 0 e 1 e 2 e 3 e 4 Dispatcher time

  34. SYSTEM/INTERNET

  35. SYSTEM/INTERNET HOST PROCESS

  36. SYSTEM/INTERNET • NETWORK REQUESTS HOST PROCESS • IPC COMMUNICATION • DISPATCHES USER ACTIONS

  37. SYSTEM/INTERNET • NETWORK REQUESTS HOST PROCESS • IPC COMMUNICATION • DISPATCHES USER ACTIONS SHARED BETWEEN ALL RENDERERS

  38. SYSTEM/INTERNET HOST PROCESS RENDERER 1 RENDERER N tab1 | trusted.com tab 2 |

  39. SYSTEM/INTERNET HOST PROCESS SANDBOXED 
 PROCESSES RENDERER 1 RENDERER N tab1 | trusted.com tab 2 |

  40. SYSTEM/INTERNET HOST PROCESS RENDERER 1 RENDERER N tab1 | trusted.com tab 2 | evil.com

  41. Spying on the Host <script> 
 function loop () { save(performance.now()); fetch( new Request("http://0/")) . catch (loop); } loop(); </script> Timing resolution of ~500 μ s

  42. Spying on the Host <script> 
 function loop () { save(performance.now()); fetch( new Request("http://0/")) . catch (loop); } loop(); </script> Timing resolution of ~500 μ s With some smarter techniques we obtain <100 μ s 
 (see the paper)

  43. SYSTEM/INTERNET HOST PROCESS RENDERER 1 tab1 | trusted.com

  44. SYSTEM/INTERNET HOST PROCESS RENDERER 1 tab1 | trusted.com • JAVASCRIPT EXECUTION • RESOURCE PARSING • LAYOUT & RENDERING

  45. SYSTEM/INTERNET HOST PROCESS RENDERER 1 tab1 | trusted.com SHARED BETWEEN IFRAMES, POPUPS, iframe | MAX #RENDERER EXCEEDED…

  46. SYSTEM/INTERNET HOST PROCESS RENDERER 1 tab1 | trusted.com iframe | evil.co

  47. Spying on the Renderer <script> 
 function loop() { save(performance.now()); self.postMessage(0, "*"); } self.onmessage = loop; loop(); </script> Timing resolution of <25 μ s

  48. 
 
 Duration of Events μ -arch Mouse GC JS event events ? loop() movement scavenge handlers <5 μ s … 25 μ s 100 μ s <1 ms >2 ms

  49. 
 
 Duration of Events μ -arch Mouse GC JS event events ? loop() movement scavenge handlers <5 μ s … 25 μ s 100 μ s <1 ms >2 ms Good vs. badly coded web pages

  50. Web Page Identification & Inter-keystroke Timing

  51. Web Page Identification Monitor the EventLoop while page loading

  52. Dynamic Time Warping DTW is resistant to delays in the occurrence of events

  53. Dynamic Time Warping DTW is resistant to delays in the occurrence of events 2-4 seconds of measuring

  54. Dynamic Time Warping DTW is resistant to delays in the occurrence of events 2-4 seconds of One trace for measuring training

  55. Web Page Identification 500 pages x 30 traces x 3 machines x 2 event loops 75% Renderer’s main thread: (Linux desktop) 23% Host’s I/O thread: (Macbook Pro) (recognition rates below 5% across machines) R-library and datasets: 
 https://github.com/cgvwzq/rlang-loophole

  56. Inter-keystroke Timing 10.00 4.00 2.00 1.00 0.40 0.20 0.10 0.06 0.04 0.02 19780.000 19785.000 19790.000 19795.000 19800.000 19805.000 We obtain the password length and 
 time between consecutive pressed keys

  57. Inter-keystroke Timing 10.000 passwords 90% accuracy precision: σ = 6.1 ms

  58. Inter-keystroke Timing 10.000 passwords 90% accuracy precision: σ = 6.1 ms More precision than network based attacks. Less noise than in micro-architectural attacks. No privileges. No training.

  59. Countermeasures • Reduce clock resolution • Site Isolation Project • CPU Throttling

  60. Countermeasures • Reduce clock resolution • Site Isolation Project • CPU Throttling

  61. Conclusions • Shared event loops in Chrome are vulnerable to timing side-channels • We systematically study how this channel can be used for different attacks • Fundamental design issues that need to be addressed

  62. Thank you! :) Questions? 62

  63. You can visualise the congestion of event loops with our LoopScan tool https://github.com/cgvwzq/loopscan

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Loophole: Timing Attacks on Shared Event Loops in Chrome Pepe Vila &amp; Boris Kpf IMDEA

Loophole: Timing Attacks on Shared Event Loops in Chrome Pepe Vila &amp; Boris Kpf IMDEA

Loophole: Timing Attacks on Shared Event Loops in Chrome Pepe Vila &amp; Boris Kpf IMDEA Software Institute About me Im Pepe @cgvwzq http://vwzq.net/ Some notes about Chrome Chrome was a blackbox for me. Its code base is immense.

622 views • 38 slides
Loophole Timing Attacks on Shared Event Loops in Chrome Pepe Vila November 22, 2016 Pepe Vila

Loophole Timing Attacks on Shared Event Loops in Chrome Pepe Vila November 22, 2016 Pepe Vila

Loophole Timing Attacks on Shared Event Loops in Chrome Pepe Vila November 22, 2016 Pepe Vila Loophole November 22, 2016 1 / 22 Introduction Event-driven programming Event loops A timing side-channel on event loops Pepe Vila Loophole

996 views • 51 slides
Loophole: Timing Attacks on Shared Event Loops in Chrome Pepe Vila and Boris Kpf vwzq.net

Loophole: Timing Attacks on Shared Event Loops in Chrome Pepe Vila and Boris Kpf vwzq.net

Loophole: Timing Attacks on Shared Event Loops in Chrome Pepe Vila and Boris Kpf vwzq.net @cgvwzq github.com/cgvwzq DISCLAIMER: CRYPTACUS DISCLAIMER: CRYPTACUS DISCLAIMER: CRYPTACUS (its funny because its very ubiquitous)

1.05k views • 62 slides
5. Note two things, the box now says, Added to Chrome. Notice the Blue box with an S (for Snagit)

5. Note two things, the box now says, Added to Chrome. Notice the Blue box with an S (for Snagit)

Snagit for Google Chrome: Instructions IMPORTANT. You will need to be in Chrome and Not on Chrome for this app to work. (go to Chrome first, then go to whatever site you plan to screencast.) 1. Open Chrome, Type in Snagit for Chrome.

184 views • 3 slides
Discussion: Remote Timing Attacks are Practical 600.624 2/11/05 Outline Why are timing

Discussion: Remote Timing Attacks are Practical 600.624 2/11/05 Outline Why are timing

Discussion: Remote Timing Attacks are Practical 600.624 2/11/05 Outline Why are timing attacks important? Clarifications Zero-One Gap / Neighborhood Size etc. Problems Questions Extensions Contribution Discussion

645 views • 26 slides
The Clock is Still Ticking: Timing Attacks in the Modern Web Tom Van Goethem, Wouter Joosen,

The Clock is Still Ticking: Timing Attacks in the Modern Web Tom Van Goethem, Wouter Joosen,

The Clock is Still Ticking: Timing Attacks in the Modern Web Tom Van Goethem, Wouter Joosen, Nick Nikiforakis Background: Timing attacks Introduced by Felten et al. in 2000. A side-channel attack analyzing the time that it takes to a

642 views • 21 slides
To view this event we advise you to use the following browsers. DESKTOP: we support Chrome,

To view this event we advise you to use the following browsers. DESKTOP: we support Chrome,

To view this event we advise you to use the following browsers. DESKTOP: we support Chrome, Firefox, Safari and Edge. Here are the minimum version requirements for each browser: Chrome 55+, Firefox 53+, Safari 12.1+, Edge 42 MOBILE: we have native

882 views • 51 slides
Event Loops in Practice July 19, 2017 Review Quiz Which of these is not a common method for

Event Loops in Practice July 19, 2017 Review Quiz Which of these is not a common method for

Event Loops in Practice July 19, 2017 Review Quiz Which of these is not a common method for speeding up an application? A. Threading B. Forking / Subprocesses C. Compression / Gzipping D. Event Loops / Async programming What is a benefit

352 views • 21 slides
Improving the QEMU Event Loop Fam Zheng Red Hat KVM Forum 2015 Agenda The event loops in

Improving the QEMU Event Loop Fam Zheng Red Hat KVM Forum 2015 Agenda The event loops in

Improving the QEMU Event Loop Fam Zheng Red Hat KVM Forum 2015 Agenda The event loops in QEMU Challenges Consistency Scalability Correctness The event loops in QEMU QEMU from a mile away Main loop from 10 meters The

523 views • 35 slides
Remote Timing Attacks are Practical by David Brumley and Dan Boneh Presented by Seny Kamara in

Remote Timing Attacks are Practical by David Brumley and Dan Boneh Presented by Seny Kamara in

Remote Timing Attacks are Practical by David Brumley and Dan Boneh Presented by Seny Kamara in Advanced Topics in Network Security (600/650.624) Outline Traditional threat model in cryptography Side-channel attacks Kochers

1.19k views • 77 slides
Remote Timing Attacks on TPMs, AKA TPM-Fail Daniel Moghimi About Me Daniel Moghimi

Remote Timing Attacks on TPMs, AKA TPM-Fail Daniel Moghimi About Me Daniel Moghimi

Remote Timing Attacks on TPMs, AKA TPM-Fail Daniel Moghimi About Me Daniel Moghimi @danielmgmi https://moghimi.org Security Researcher PhD Candidate @ WPI Microarchitectural Attacks Side Channels Breaking Crypto

1.2k views • 71 slides
On the Stability and Robustness of Non-Synchronous Circuits with Timing Loops Matthias Fgger,

On the Stability and Robustness of Non-Synchronous Circuits with Timing Loops Matthias Fgger,

On the Stability and Robustness of Non-Synchronous Circuits with Timing Loops Matthias Fgger, Gottfried Fuchs, Ulrich Schmid and Andreas Steininger Vienna University of Technology Embedded Computing Systems Group {fuegger, fuchs, schmid,

603 views • 19 slides
Remote Timing Attacks are Still Practical Billy Brumley Nicola Tuveri Aalto University School of

Remote Timing Attacks are Still Practical Billy Brumley Nicola Tuveri Aalto University School of

Remote Timing Attacks are Still Practical Billy Brumley Nicola Tuveri Aalto University School of Science, Finland {bbrumley,ntuveri}@tcs.hut.fi Synopsis New remote timing attack vulnerability in OpenSSLs implementation of Montgomerys

487 views • 25 slides
Cache-Timing Attacks Matteo BOCCHI System Research &amp; Applications STMicroelectronics S.r.l.

Cache-Timing Attacks Matteo BOCCHI System Research &amp; Applications STMicroelectronics S.r.l.

Cache-Timing Attacks Matteo BOCCHI System Research &amp; Applications STMicroelectronics S.r.l. 2018/12/06 Agenda 2 STM32 Nucleo Boards STM32 Firewall Cache-Timing Attack Evict&amp;Time vs. MbedTLS AES on STM32

477 views • 20 slides
Worst-Case Analysis of Digital Control Loops with Uncertain Input/Output Timing (Benchmark

Worst-Case Analysis of Digital Control Loops with Uncertain Input/Output Timing (Benchmark

Worst-Case Analysis of Digital Control Loops with Uncertain Input/Output Timing (Benchmark Proposal) Maximilian Gaukler and Peter Ulbrich Friedrich-Alexander-Universitt Erlangen-Nrnberg (FAU) ARCH19, Montral, Canada April 15, 2019 M.

601 views • 29 slides
Shared Spanning Trees GOAL Continue operating without loops in any physical connection

Shared Spanning Trees GOAL Continue operating without loops in any physical connection

Shared Spanning Trees GOAL Continue operating without loops in any physical connection topology including shared spanning tree switches, 802.1Q mono spanning tree switches, and others. Shared Spanning Trees January 27, 1999 1/11 IEEE

126 views • 11 slides
CPU Scheduling Eric McCreath Introduction CPU scheduling is at the heart of a multiprogrammed

CPU Scheduling Eric McCreath Introduction CPU scheduling is at the heart of a multiprogrammed

CPU Scheduling Eric McCreath Introduction CPU scheduling is at the heart of a multiprogrammed operating system. The CPU scheduler maintains the list of ready processes and determines when and which process is to be allocated to a CPU. A

472 views • 8 slides
eingebetteter Systeme C++-Tutorial Joachim Falk ( falk@cs.fau.de )

eingebetteter Systeme C++-Tutorial Joachim Falk ( falk@cs.fau.de )

Praktikum: Entwicklung interaktiver eingebetteter Systeme C++-Tutorial Joachim Falk ( falk@cs.fau.de ) Friedrich-Alexander-Universitt Erlangen-Nrnberg Joachim Falk 1 Agenda Classes Pointers and References Functions and

378 views • 36 slides
Machine Learning Accelerators Eric Chen Peicheng Tang In-Datacenter Performance Analysis of a

Machine Learning Accelerators Eric Chen Peicheng Tang In-Datacenter Performance Analysis of a

Machine Learning Accelerators Eric Chen Peicheng Tang In-Datacenter Performance Analysis of a Tensor Processing Unit Motivation Background TPU Overview Benchmarks and Platforms Results (Performance) Results

461 views • 23 slides
Title How FIFO is Your Concurrent FIFO Queue? Andreas Haas , Christoph M. Kirsch, Michael

Title How FIFO is Your Concurrent FIFO Queue? Andreas Haas , Christoph M. Kirsch, Michael

Title How FIFO is Your Concurrent FIFO Queue? Andreas Haas , Christoph M. Kirsch, Michael Lippautz, Hannes Payer University of Salzburg RACES Workshop, October 2012 1/17 Strict vs. Relaxed FIFO Queues strict FIFO queue implementations

985 views • 50 slides
Dataflow Analysis Iterative Data-flow Analysis and Static-Single-Assignment cs5363 1

Dataflow Analysis Iterative Data-flow Analysis and Static-Single-Assignment cs5363 1

Dataflow Analysis Iterative Data-flow Analysis and Static-Single-Assignment cs5363 1 Optimization And Analysis Improving efficiency of generated code Correctness: optimized code must preserve meaning of the original program

467 views • 31 slides
Welcome back! Please fi ll out a name tent with whatever you want us to call you. EN 1-24:

Welcome back! Please fi ll out a name tent with whatever you want us to call you. EN 1-24:

Welcome back! Please fi ll out a name tent with whatever you want us to call you. EN 1-24: Engineering in the Kitchen Steven Bell 14 September 2020 Quick review of last time Is it possible to have a voltage without a current? Respond at

218 views • 21 slides
Access Control Dr. John Yoon How do you know yours? Finding about you and the system $ who

Access Control Dr. John Yoon How do you know yours? Finding about you and the system $ who

Advanced Linux File Permission Access Control Dr. John Yoon How do you know yours? Finding about you and the system $ who $ hostname $ whoami $ uname $ id $ date $ ps -aux Environment Variables Environment Settings of a

530 views • 25 slides
1

1

{HEADSHOT}* * The*field*of*so3ware*analysis*is*highly*diverse:*there*are*many*approaches*with*different*strengths*and* limitaBons*in*aspects*such*as*soundness,*completeness,*applicability,*and*scalability.* * In* this* lesson,* we* will*

699 views • 47 slides

More recommend