Remote Scheduler Contention Attacks

Stefan Gast; Jonas Juffinger; Lukas Maar; Christoph Royer; Andreas Kogler; Daniel Gruss

Remote Scheduler Contention Attacks

Stefan Gast^*, Jonas Juffinger, Lukas Maar, Christoph Royer, Andreas Kogler, Daniel Gruss

^*Korrespondierende/r Autor/-in für diese Arbeit

Institut für Angewandte Informationsverarbeitung und Kommunikationstechnologie (7050)

Publikation: Beitrag in Buch/Bericht/Konferenzband › Beitrag in einem Konferenzband › Begutachtung

Abstract

In this paper, we investigate unexplored aspects of scheduler contention: We systematically study the leakage of all scheduler queues on AMD Zen 3 and show that all queues leak. We mount the first scheduler contention attacks on Zen 4, with a novel measurement method evoking an out-of-order race condition, more precise than the state of the art. We demonstrate the first inter-keystroke timing attacks based on scheduler contention, with an F1 score of ≥99.5 % and a standard deviation below 4 ms from the ground truth. Our end-to-end JavaScript attack transmits across Firefox instances, bypassing cross-origin policies and site isolation, with 891.9 bit/s (Zen 3) and 940.7 bit/s (Zen 4).

Originalsprache	englisch
Titel	Financial Cryptography and Data Security - 28th International Conference, FC 2024, Revised Selected Papers
Publikationsstatus	Veröffentlicht - 4 März 2024
Veranstaltung	Financial Cryptography and Data Security 2024 - Willemstad, Curaçao Dauer: 4 März 2024 → 8 März 2024 https://fc24.ifca.ai/index.html

Publikationsreihe

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Herausgeber (Verlag)	Springer-Verlag

Konferenz

Konferenz	Financial Cryptography and Data Security 2024
Kurztitel	FC 2024
Land/Gebiet	Curaçao
Ort	Willemstad
Zeitraum	4/03/24 → 8/03/24
Internetadresse	https://fc24.ifca.ai/index.html

ASJC Scopus subject areas

Information systems

Fields of Expertise

Information, Communication & Computing

Zugriff auf Dokument

remote_scheduler_contention_attacksAkzeptiertes Autorenmanuskript, 395 KB

Andere Dateien und Links

Remote Scheduler Contention Attacks
Stefan Gast (Redner/in)
6 März 2024
Aktivität: Vortrag oder Präsentation › Vortrag bei Konferenz oder Fachtagung › Science to science

Dieses zitieren

Remote Scheduler Contention Attacks. / Gast, Stefan ; Juffinger, Jonas ; Maar, Lukas et al.
Financial Cryptography and Data Security - 28th International Conference, FC 2024, Revised Selected Papers. 2024. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

Publikation: Beitrag in Buch/Bericht/Konferenzband › Beitrag in einem Konferenzband › Begutachtung

Gast, S , Juffinger, J , Maar, L, Royer, C, Kogler, A & Gruss, D 2024, Remote Scheduler Contention Attacks. in Financial Cryptography and Data Security - 28th International Conference, FC 2024, Revised Selected Papers. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), Financial Cryptography and Data Security 2024, Willemstad, Curaçao, 4/03/24.

@inproceedings{597ae0dec68b44a097317ec6d9e98bc9,

title = "Remote Scheduler Contention Attacks",

abstract = "In this paper, we investigate unexplored aspects of scheduler contention: We systematically study the leakage of all scheduler queues on AMD Zen 3 and show that all queues leak. We mount the first scheduler contention attacks on Zen 4, with a novel measurement method evoking an out-of-order race condition, more precise than the state of the art. We demonstrate the first inter-keystroke timing attacks based on scheduler contention, with an F1 score of ≥99.5 % and a standard deviation below 4 ms from the ground truth. Our end-to-end JavaScript attack transmits across Firefox instances, bypassing cross-origin policies and site isolation, with 891.9 bit/s (Zen 3) and 940.7 bit/s (Zen 4).",

author = "Stefan Gast and Jonas Juffinger and Lukas Maar and Christoph Royer and Andreas Kogler and Daniel Gruss",

year = "2024",

month = mar,

day = "4",

language = "English",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer-Verlag",

booktitle = "Financial Cryptography and Data Security - 28th International Conference, FC 2024, Revised Selected Papers",

note = "Financial Cryptography and Data Security 2024, FC 2024 ; Conference date: 04-03-2024 Through 08-03-2024",

url = "https://fc24.ifca.ai/index.html",

}

TY - GEN

T1 - Remote Scheduler Contention Attacks

AU - Gast, Stefan

AU - Juffinger, Jonas

AU - Maar, Lukas

AU - Royer, Christoph

AU - Kogler, Andreas

AU - Gruss, Daniel

PY - 2024/3/4

Y1 - 2024/3/4

N2 - In this paper, we investigate unexplored aspects of scheduler contention: We systematically study the leakage of all scheduler queues on AMD Zen 3 and show that all queues leak. We mount the first scheduler contention attacks on Zen 4, with a novel measurement method evoking an out-of-order race condition, more precise than the state of the art. We demonstrate the first inter-keystroke timing attacks based on scheduler contention, with an F1 score of ≥99.5 % and a standard deviation below 4 ms from the ground truth. Our end-to-end JavaScript attack transmits across Firefox instances, bypassing cross-origin policies and site isolation, with 891.9 bit/s (Zen 3) and 940.7 bit/s (Zen 4).

AB - In this paper, we investigate unexplored aspects of scheduler contention: We systematically study the leakage of all scheduler queues on AMD Zen 3 and show that all queues leak. We mount the first scheduler contention attacks on Zen 4, with a novel measurement method evoking an out-of-order race condition, more precise than the state of the art. We demonstrate the first inter-keystroke timing attacks based on scheduler contention, with an F1 score of ≥99.5 % and a standard deviation below 4 ms from the ground truth. Our end-to-end JavaScript attack transmits across Firefox instances, bypassing cross-origin policies and site isolation, with 891.9 bit/s (Zen 3) and 940.7 bit/s (Zen 4).

UR - https://stefangast.eu/papers/javasquip.pdf

UR - https://fc24.ifca.ai/preproceedings/150.pdf

M3 - Conference paper

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

BT - Financial Cryptography and Data Security - 28th International Conference, FC 2024, Revised Selected Papers

T2 - Financial Cryptography and Data Security 2024

Y2 - 4 March 2024 through 8 March 2024

ER -

Remote Scheduler Contention Attacks

Abstract

Publikationsreihe

Konferenz

ASJC Scopus subject areas

Fields of Expertise

Zugriff auf Dokument

Andere Dateien und Links

Fingerprint

Aktivitäten

Remote Scheduler Contention Attacks

Dieses zitieren