Prime+Probe 1, JavaScript 0: Overcoming Browser-based Side-Channel Defenses
Abstract The “eternal war in cache” has reached browsers, with multiple cache-based side-channel attacks and countermeasures being suggested. A common approach for countermeasures is to disable or restrict javaScript features deemed essential for carrying out attacks. A recent proposal following...
Hasnain says:
This paper will be fun to read when it’s out...
“We follow a line of research that perform website fingerprinting attacks. We develop a sequence of attacks with progressively decreasing dependency on JavaScript features, culminating in the first browser-based side-channel attack which is constructed entirely from Cascading Style Sheets (CSS), and therefore works even when script execution is completely blocked.”
Posted on 2021-03-01T06:46:01+0000