Activities per year
Abstract
In recent years, the use of GPUs for general-purpose computations has steadily increased. As security-critical computations like AES are becoming more common on GPUs, the scrutiny must also increase. At the same time, new technologies like WebGPU put easy access to compute shaders in every web browser. Prior work has shown that GPU caches are vulnerable to the same eviction-based attacks as CPUs, e.g., Prime+Probe, from native code.
In this paper, we present the first GPU cache side-channel attack from within the browser, more specifically from the restricted WebGPU environment. The foundation for our generic and automated attacks are self-configuring primitives applicable to a wide variety of devices, which we demonstrate on a set of 11 desktop GPUs from 5 different generations and 2 vendors. We leverage features of the new WebGPU standard to create shaders that implement all building blocks needed for cache side-channel attacks, such as techniques to distinguish L2 cache hits from misses. Beyond the state of the art, we leverage the massive parallelism of modern GPUs to design the first parallelized eviction set construction algorithm. Based on our attack primitives, we present three case studies: First, we present an inter-keystroke timing attack with high F1-scores, i.e., 82 % to 98 % on NVIDIA. Second, we demonstrate a generic, set-agnostic, end-to-end attack on a GPU-based AES encryption service, leaking a full AES key in 6 minutes. Third, we evaluate a native-to-browser data-exfiltration scenario with a Prime+Probe covert channel that achieves transmission rates of up to 10.9 kB/s. Our attacks require no user interaction and work in a time frame that easily enables drive-by attacks while browsing the Internet. Our work emphasizes that browser vendors need to treat access to the GPU similar to other security- and privacy-related resources.
In this paper, we present the first GPU cache side-channel attack from within the browser, more specifically from the restricted WebGPU environment. The foundation for our generic and automated attacks are self-configuring primitives applicable to a wide variety of devices, which we demonstrate on a set of 11 desktop GPUs from 5 different generations and 2 vendors. We leverage features of the new WebGPU standard to create shaders that implement all building blocks needed for cache side-channel attacks, such as techniques to distinguish L2 cache hits from misses. Beyond the state of the art, we leverage the massive parallelism of modern GPUs to design the first parallelized eviction set construction algorithm. Based on our attack primitives, we present three case studies: First, we present an inter-keystroke timing attack with high F1-scores, i.e., 82 % to 98 % on NVIDIA. Second, we demonstrate a generic, set-agnostic, end-to-end attack on a GPU-based AES encryption service, leaking a full AES key in 6 minutes. Third, we evaluate a native-to-browser data-exfiltration scenario with a Prime+Probe covert channel that achieves transmission rates of up to 10.9 kB/s. Our attacks require no user interaction and work in a time frame that easily enables drive-by attacks while browsing the Internet. Our work emphasizes that browser vendors need to treat access to the GPU similar to other security- and privacy-related resources.
Original language | English |
---|---|
Title of host publication | 2024 ACM ASIA Conference on Computer and Communications Security |
ISBN (Electronic) | 979-8-4007-0482-6 |
Publication status | Accepted/In press - 3 Jul 2024 |
Event | 19th ACM ASIA Conference on Computer and Communications Security: ASIACCS 2024 - Singapur, Singapore Duration: 1 Jul 2024 → 5 Jul 2024 Conference number: 19 https://asiaccs2024.sutd.edu.sg/ |
Conference
Conference | 19th ACM ASIA Conference on Computer and Communications Security |
---|---|
Abbreviated title | ASIACCS 2024 |
Country/Territory | Singapore |
City | Singapur |
Period | 1/07/24 → 5/07/24 |
Internet address |
Keywords
- secure cache
- cache architecture
- side channel
- Secure-Caches
- Hardware-Security
- Side-Channels
ASJC Scopus subject areas
- Software
- Safety, Risk, Reliability and Quality
- Computer Networks and Communications
Fingerprint
Dive into the research topics of 'Generic and Automated Drive-by GPU Cache Attacks from the Browser'. Together they form a unique fingerprint.Activities
- 1 Talk at conference or symposium
-
Generic and Automated Drive-by GPU Cache Attacks from the Browser
Lukas Giner (Speaker)
3 Jul 2024Activity: Talk or presentation › Talk at conference or symposium › Science to science