Preventing timing attacks on the web @ Fronteers Jam 2016

Preventing timing attacks on the web @ Fronteers Jam 2016

Back in April, I gave a scary talk about timing attacks at the very first Fronteers Spring Conference (https://dev.opera.com/blog/timing-attacks/). Since then, a new web technology has emerged that enables developers to prevent timing attacks from targeting their websites.

24e08a9ea84deb17ae121074d0f17125?s=128

Mathias Bynens

October 06, 2016
Tweet

Transcript

  1. 10.
  2. 11.
  3. 12.
  4. 13.
  5. 15.
  6. 22.

    @mathias “HEIST is a set of techniques that exploit timing

    side-channels in the browser […] to determine whether a response fitted into a single TCP window or whether it needed multiple. […] an attacker can determine the exact amount of bytes that were needed to send the response back to the client, all from within the browser. It so happens to be that knowing the exact size of a cross-origin resource is just what you need to launch a compression-based attack, which can be used to extract content (e.g. CSRF tokens) from any website using gzip compression.”
  7. 23.

    @mathias “HEIST is a set of techniques that exploit timing

    side-channels in the browser […] to determine whether a response fitted into a single TCP window or whether it needed multiple. […] an attacker can determine the exact amount of bytes that were needed to send the response back to the client, all from within the browser. It so happens to be that knowing the exact size of a cross-origin resource is just what you need to launch a compression-based attack, which can be used to extract content (e.g. CSRF tokens) from any website using gzip compression.”
  8. 30.
  9. 31.

    @mathias THANKS! Front-End Performance — The Dark Side Ep. I:

    mths.be/bvs HEIST: mths.be/bvp Introduction to Same-Site cookies: mths.be/bvq