Fantastic Timers and Where to Find Them: High-Resolution Microarchitectural Attacks in JavaScript

Team - sleep(10);

​

Ajay Jain

203050036

Outline

• Introduction
• High resolution timers in Javascript
• DRAM Attack and Counter-Measures
• Conclusion

​

Introduction

Is your browser safe?

Hi Chrome, I can read your secrets

Are you kidding me, Lol

You have no clue? I can use performance.now() to perform Row-hammer and Covert channel attacks.

It’s a quick fix

We will decrease performance.now() resolution of from ns to ms.

You think you are safe now. I can still access in ns using implicit timers. 😂

Resolution in microseconds

High Resolution Timers in Javascript

Clock Interpolation

• Measure how often we can increment a variable between two timer ticks
• Average number of increments is the interpolation step
• To measure with high resolution:
• Start measurement at clock edge
• Increment a variable until next clock edge
• Highly accurate: 500 ns (Firefox/Chrome), 15 µs (Tor)

​

Clock interpolation

Function

T2

T3

T4

T5

T6

T7

T1

X units

Y units

Y-7x units

Calibrating time taken by one count operation

It will help to align to the start edge of the clock

It increments the count until next clock cycle

Edge thresholding

What’s Intuition?

F1

F2

Relative time

​

Attacker just need to find whether F1 is slower than f2

Function F1

Function F2

Edge Thresholding

Padding is multiple constant time operations

Message Passing

Main Thread

subworker

subworker2

Request time

Counter 0 1 2 3 4 5 6 7 8 9 10 11 12

Request time

Request time

Request time

0

3

6

9

SharedArrayBuffer

Thread

SharedArrayBuffer

​

Counting Thread

CSS Animation

• Increase width of element as fast as possible
• Width of element is timestamp
• However, animation is limited to 60 fps → 16 ms

Evaluation and Results

​

DRAM Attack and Counter-Measures

Covert Channel

• Two programs would like to communicate but are not allowed to do so
• No communication channel
• Channels are monitored and stopped on communication attempts

​

• Use side channels to communicate

DRAM Organisation

​

Channel 1

Channel 2

back of DIMM: Rank 1

Front of DIMM :

Rank 0

Chip

DRAM Organisation

Bank 0

Chip

64k cells

1 capacitor,

1 transistor each

​

Reading from DRAM

Reading from DRAM

Reading from DRAM

Reading from DRAM

Reading from DRAM

DRAM covert channel

• Sender and receiver agree on a bank (can be hardcoded)
• Both (native) sender inside VM and JavaScript on host select a different row inside this bank
• JavaScript measures access time for this row
• Sender can transmit 0 by doing nothing and 1 by causing row conflict
• If measured timing was “fast” sender transmitted 0 otherwise 1.

Bank 0

Sender and

receiver decide

on one bank

Bank 0

Receiver measures access time to

its address

Activate

Copy

Bank 0

Return

Bank 0

Return

Repeated access

always has low

access times

Bank 0

Return

Bank 0

Sender accesses

its address

Activate

Copy

Bank 0

Return

Bank 0

On next access

of receiver, there

is a row miss

Activate

Copy

Bank 0

Return

Receiver has

high access time

Countermeasures

​

• Adding random jitter to clock. Clock edges are randomised
• Making thread affinity to same CPU core
• Increase latency in message passing

Conclusion

• Just rounding timers is not a solution
• Multithreading allows to build new timers
• Shared data comes with great risks
• It allows to build timers with nanosecond resolution
• Microarchitectural attacks in the browser are possible again

​

THANK YOU

Any Questions?