Practical Keystroke Timing Attacks in Sandboxed JavaScript

Moritz Lipp*, Daniel Gruss, Michael Schwarz, David Bidner, Clémentine Maurice, Stefan Mangard

*Korrespondierende/r Autor/-in für diese Arbeit

Publikation: Beitrag in Buch/Bericht/KonferenzbandBeitrag in einem KonferenzbandBegutachtung


Keystrokes trigger interrupts which can be detected through software side channels to reconstruct keystroke timings. Keystroke timing attacks use these side channels to infer typed words, passphrases, or create user fingerprints. While keystroke timing attacks are considered harmful, they typically require native code execution to exploit the side channels and, thus, may not be practical in many scenarios. In this paper, we present the first generic keystroke timing attack in sandboxed JavaScript, targeting arbitrary other tabs, processes and programs. This violates same-origin policy, HTTPS security model, and process isolation. Our attack is based on the interrupt-timing side channel which has previously only been exploited using native code. In contrast to previous attacks, we do not require the victim to run a malicious binary or interact with the malicious website. Instead, our attack runs in a background tab, possibly in a minimized browser window, displaying a malicious online advertisement. We show that we can observe the exact inter-keystroke timings for a user’s PIN or password, infer URLs entered by the user, and distinguish different users time-sharing a computer. Our attack works on personal computers, laptops and smartphones, with different operating systems and browsers. As a solution against all known JavaScript timing attacks, we propose a fine-grained permission model.

TitelComputer Security – ESORICS 2017 - 22nd European Symposium on Research in Computer Security, Proceedings
Herausgeber (Verlag)Springer-Verlag Italia
Band10493 LNCS
ISBN (Print)9783319663982
PublikationsstatusVeröffentlicht - 2017
Veranstaltung22nd European Symposium on Research in Computer Security, ESORICS 2017 - Oslo, Norwegen
Dauer: 11 Sep 201715 Sep 2017


NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Band10493 LNCS
ISSN (Print)0302-9743
ISSN (elektronisch)1611-3349


Konferenz22nd European Symposium on Research in Computer Security, ESORICS 2017

ASJC Scopus subject areas

  • Theoretische Informatik
  • Informatik (insg.)


Untersuchen Sie die Forschungsthemen von „Practical Keystroke Timing Attacks in Sandboxed JavaScript“. Zusammen bilden sie einen einzigartigen Fingerprint.

Dieses zitieren