Remote Scheduler Contention Attacks
Abstract
In this paper, we investigate unexplored aspects of scheduler contention: We systematically study the leakage of all scheduler queues on AMD Zen 3 and show that all queues leak. We mount the first scheduler contention attacks on Zen 4, with a novel measurement method evoking an out-of-order race condition, more precise than the state of the art. We demonstrate the first inter-keystroke timing attacks based on scheduler contention, with an F1 score of $\geq$ 99.5 % and a standard deviation below 4 ms from the ground truth. Our end-to-end JavaScript attack transmits across Firefox instances, bypassing cross-origin policies and site isolation, with 891.9 bit/s (Zen 3) and 940.7 bit/s (Zen 4).
- Publication:
-
arXiv e-prints
- Pub Date:
- April 2024
- DOI:
- 10.48550/arXiv.2404.07042
- arXiv:
- arXiv:2404.07042
- Bibcode:
- 2024arXiv240407042G
- Keywords:
-
- Computer Science - Cryptography and Security
- E-Print:
- 22 pages, 6 figures, 3 tables, 2 listings, extended version of the FC 2024 submission which is going to appear in Springer LNCS 14744 or 14745