From bottom to top: Exploiting hardware side channels from web browsers

Speaker(s) : Clémentine Maurice

  • Language : Anglais
  • Level : Expert
  • Nature : Conference
  • Date : Tuesday 4 July 2017
  • Schedule : 11h00
  • Duration : 40 minutes
  • Place : Lecture hall J 020

Video : https://rmll.ubicast.tv/videos/du-materiel-au-logiciel_12764/

Fil rouge : Esthétique du libre
Public cible : GeeksProfessionnels

Note: an interview of Clémentine Maurice is available.

Hardware is often considered as an abstract layer that behaves correctly, just executing instructions and outputing a result. However, the internal state of the hardware leaks information about the programs that are executing, paving the way for covert or side-channel attacks. Yet, even though these vulnerabilities are present at a low level, in hardware, they are also exploitable at a high level, in browsers.

In this talk, we present hardware side-channel attacks that are due to microarchitectural components - and in particular the DRAM row buffer - and their application to web browsers. In a second part, we focus on the high-resolution timers that have been removed from browsers, and the techniques we can use to recover new high-resolution timers.

Clémentine Maurice

Clémentine Maurice is a security researcher. She obtained her PhD from Telecom ParisTech in October 2015 while working at Technicolor in Rennes, jointly with the S3 group of Eurecom in Sophia Antipolis. She is now working as a postdoctoral researcher in the Secure Systems group at the Graz University of Technology, in Austria. Among other topics, she is interested in microarchitectural covert and side channels and reverse-engineering processor parts. She led the research on Rowhammer hardware fault attacks in JavaScript through a remote website, an attack also known as Rowhammer.js. She presented her work on several academic conferences and venues like 32c3, 33c3 and Black Hat Europe.

titre documents joints

Slides (PDF - 6.4 Mb)