JavaScript-based keystroke timing side-channel attacks bypassing sandbox
Timing attacks and side-channels have been used to bypass security measures and attack users for some years now. Research has shown that these attacks can be used to break cryptographic algorithms and to cause information leaks about a victim system. Keystrokes and interacting with a touchscreen triggers interrupts. These interrupts cause timing differences. Within this project, we demonstrate how to measure these differences and use them for side-channel attacks. Typically, these attacks require native code execution, which is less likely to be possible than executing JavaScript on a victim's system. We use the JavaScript engine of modern web browsers to implement the timing attacks without native code. By doing so, we successfully bypass modern security models such as the same-origin policy, HTTPS, and sandboxing.
We began by implementing a known timing side channel for interrupts in native code and then implemented the same functionality in JavaScript. This allows us to gain information about the victim by simply making him open a website or view a malicious advertisement.
We show that the results of the JavaScript implementation are as accurate as the results from the native code one and that our attack affects personal computers and mobile phones alike. As a countermeasure, we present randomly occurring interrupts to make timings less predictable.
Home | We <3 Developers | About us | Generated with pagegen.py