1 of 41

Fantastic Timers and Where to Find Them: High-Resolution Microarchitectural Attacks in JavaScript

Team - sleep(10);

Ajay Jain

203050036

2 of 41

Outline

  • Introduction
  • High resolution timers in Javascript
  • DRAM Attack and Counter-Measures
  • Conclusion

3 of 41

Introduction

4 of 41

Is your browser safe?

5 of 41

Hi Chrome, I can read your secrets

Are you kidding me, Lol

You have no clue? I can use performance.now() to perform Row-hammer and Covert channel attacks.

It’s a quick fix

We will decrease performance.now() resolution of from ns to ms.

You think you are safe now. I can still access in ns using implicit timers. 😂

6 of 41

Resolution in microseconds

7 of 41

8 of 41

High Resolution Timers in Javascript

9 of 41

Clock Interpolation

  • Measure how often we can increment a variable between two timer ticks
  • Average number of increments is the interpolation step
  • To measure with high resolution:
    • Start measurement at clock edge
    • Increment a variable until next clock edge
  • Highly accurate: 500 ns (Firefox/Chrome), 15 µs (Tor)

10 of 41

Clock interpolation

Function

T2

T3

T4

T5

T6

T7

T1

X units

Y units

Y-7x units

11 of 41

Calibrating time taken by one count operation

It will help to align to the start edge of the clock

It increments the count until next clock cycle

12 of 41

Edge thresholding

What’s Intuition?

F1

F2

Relative time

Attacker just need to find whether F1 is slower than f2

Function F1

Function F2

13 of 41

Edge Thresholding

Padding is multiple constant time operations

14 of 41

Message Passing

Main Thread

subworker

subworker2

Request time

Counter 0 1 2 3 4 5 6 7 8 9 10 11 12

Request time

Request time

Request time

0

3

6

9

15 of 41

SharedArrayBuffer

Thread

16 of 41

SharedArrayBuffer

Counting Thread

17 of 41

18 of 41

CSS Animation

  • Increase width of element as fast as possible
  • Width of element is timestamp
  • However, animation is limited to 60 fps → 16 ms

19 of 41

Evaluation and Results

20 of 41

DRAM Attack and Counter-Measures

21 of 41

Covert Channel

  • Two programs would like to communicate but are not allowed to do so
    • No communication channel
    • Channels are monitored and stopped on communication attempts

  • Use side channels to communicate

22 of 41

DRAM Organisation

Channel 1

Channel 2

back of DIMM: Rank 1

Front of DIMM :

Rank 0

Chip

23 of 41

DRAM Organisation

Bank 0

Row 0

Row 1

Row 2

Row 32767

Row buffer

Chip

64k cells

1 capacitor,

1 transistor each

24 of 41

Reading from DRAM

25 of 41

Reading from DRAM

26 of 41

Reading from DRAM

27 of 41

Reading from DRAM

28 of 41

Reading from DRAM

29 of 41

DRAM covert channel

  • Sender and receiver agree on a bank (can be hardcoded)
  • Both (native) sender inside VM and JavaScript on host select a different row inside this bank
  • JavaScript measures access time for this row
  • Sender can transmit 0 by doing nothing and 1 by causing row conflict
  • If measured timing was “fast” sender transmitted 0 otherwise 1.

30 of 41

Bank 0

Row 0

Row 1

Row 2

Row 3

Row 32767

Row buffer

Sender and

receiver decide

on one bank

31 of 41

Bank 0

Row 0

Row 1

Row 2

Row 3

Row 32767

Row buffer

Receiver measures access time to

its address

Activate

Copy

32 of 41

Bank 0

Row 0

Row 1

Row 2

Row 3

Row 32767

Row buffer

Return

33 of 41

Bank 0

Row 0

Row 1

Row 2

Row 3

Row 32767

Row buffer

Return

Repeated access

always has low

access times

34 of 41

Bank 0

Row 0

Row 1

Row 2

Row 3

Row 32767

Row buffer

Return

35 of 41

Bank 0

Row 0

Row 1

Row 2

Row 3

Row 32767

Row buffer

Sender accesses

its address

Activate

Copy

36 of 41

Bank 0

Row 0

Row 1

Row 2

Row 3

Row 32767

Row buffer

Return

37 of 41

Bank 0

Row 0

Row 1

Row 2

Row 3

Row 32767

Row buffer

On next access

of receiver, there

is a row miss

Activate

Copy

38 of 41

Bank 0

Row 0

Row 1

Row 2

Row 3

Row 32767

Row buffer

Return

Receiver has

high access time

39 of 41

Countermeasures

  • Adding random jitter to clock. Clock edges are randomised
  • Making thread affinity to same CPU core
  • Increase latency in message passing

40 of 41

Conclusion

  • Just rounding timers is not a solution
  • Multithreading allows to build new timers
  • Shared data comes with great risks
  • It allows to build timers with nanosecond resolution
  • Microarchitectural attacks in the browser are possible again

41 of 41

THANK YOU

Any Questions?