Venue: 30th USENIX Security Symposium, 2021 (to appear)
As a final contribution, we evaluate our techniques in hardened browser environments including the Tor browser, DeterFox (Cao el al., CCS 2017), and Chrome Zero (Schwartz et al., NDSS 2018). We confirm that none of these approaches completely defend against our attacks. We further argue that the protections of Chrome Zero need to be more comprehensively applied, and that the performance and user experience of Chrome Zero will be severely degraded if this approach is taken.
What is the Prime + Probe Attack?
The Prime + Probe Attack is a type of side-channel attack used to recover secrets from systems with shared cache memory. It was invented in 2005 by a trio of researchers: Dag Arne Osvik, Adi Shamir, and Eran Tromer.
- The 8-Bit
- Hacker.ru (in Russian)
- The Hacker News
- The Record
- cnBeta (in Chinese)
- MacGeneration (in French)
- Reddit and 4Chan
Our artifact repository, which contains demo attack pages for Cache Contention, Count Sweeps, String and Sock, and CSS PP0, as well as a Python notebook showing classification over real data, can be found at the following link.