Saved in:
| Main Authors: | , , , , , |
|---|---|
| Format: | Preprint |
| Published: |
2024
|
| Subjects: | |
| Online Access: | https://arxiv.org/abs/2404.07042 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1866929309206183936 |
|---|---|
| author | Gast, Stefan Juffinger, Jonas Maar, Lukas Royer, Christoph Kogler, Andreas Gruss, Daniel |
| author_facet | Gast, Stefan Juffinger, Jonas Maar, Lukas Royer, Christoph Kogler, Andreas Gruss, Daniel |
| contents | In this paper, we investigate unexplored aspects of scheduler contention: We systematically study the leakage of all scheduler queues on AMD Zen 3 and show that all queues leak. We mount the first scheduler contention attacks on Zen 4, with a novel measurement method evoking an out-of-order race condition, more precise than the state of the art. We demonstrate the first inter-keystroke timing attacks based on scheduler contention, with an F1 score of $\geq$ 99.5 % and a standard deviation below 4 ms from the ground truth. Our end-to-end JavaScript attack transmits across Firefox instances, bypassing cross-origin policies and site isolation, with 891.9 bit/s (Zen 3) and 940.7 bit/s (Zen 4). |
| format | Preprint |
| id |
arxiv_https___arxiv_org_abs_2404_07042 |
| institution | arXiv |
| publishDate | 2024 |
| record_format | arxiv |
| spellingShingle | Remote Scheduler Contention Attacks Gast, Stefan Juffinger, Jonas Maar, Lukas Royer, Christoph Kogler, Andreas Gruss, Daniel Cryptography and Security In this paper, we investigate unexplored aspects of scheduler contention: We systematically study the leakage of all scheduler queues on AMD Zen 3 and show that all queues leak. We mount the first scheduler contention attacks on Zen 4, with a novel measurement method evoking an out-of-order race condition, more precise than the state of the art. We demonstrate the first inter-keystroke timing attacks based on scheduler contention, with an F1 score of $\geq$ 99.5 % and a standard deviation below 4 ms from the ground truth. Our end-to-end JavaScript attack transmits across Firefox instances, bypassing cross-origin policies and site isolation, with 891.9 bit/s (Zen 3) and 940.7 bit/s (Zen 4). |
| title | Remote Scheduler Contention Attacks |
| topic | Cryptography and Security |
| url | https://arxiv.org/abs/2404.07042 |