Exposing a Security Vulnerability in Computer Access via Graphics Card

Researchers at Graz University of Technology attempted three different side-channel attacks on graphics cards via the WebGPU browser interface—and succeeded. The attacks were fast enough to work during normal surfing behavior.

Web browsers have access to the computing capacities of the graphics card (GPU) in addition to a computer’s CPU. JavaScript can use the GPU resources via programming interfaces such as WebGL and the new WebGPU standard. By using a website with malicious JavaScript, researchers from the Institute of Applied Information Processing and Communications at Graz University of Technology (TU Graz) could spy on information about data, keystrokes, and encryption keys on other people’s computers in three different attacks via WebGPU.

While WebGPU is still under active development, browsers such as Chrome, Chromium, Microsoft Edge, and Firefox Nightly already support it. It provides greater flexibility and modernized design compared to WebGL, and the expectation is that the interface will be widely used. The researchers said, “Our attacks do not require users to interact with a website, and they run in a time frame that allows them to be carried out during normal internet surfing. With our work, we want to point out to browser manufacturers that they need to deal with access to the GPU like other resources that affect security and privacy,” says Lukas Giner from the Institute of Applied Information Processing and Communications at TU Graz.

The research team carried out its attacks on several systems using different graphics cards from NVIDIA and AMD. The NVIDIA cards used were from the GTX 1000 series and the RTX 2000, 3000, and 4000 series, while the AMD cards used were from the RX 6000 series. For all three attack types, the researchers accessed the computer’s cache memory via WebGPU, providing them with meta-information to conclude security-relevant information.

The team could track changes in the cache by filling it themselves using code in the JavaScript via WebGPU and monitoring when their data was removed by input. They could analyze keystrokes relatively quickly and accurately. By segmenting the cache, they could also use a second attack to set up their secret communication channel, in which filled and unfilled cache segments served as zeros and ones and thus as the basis for binary code. They used 1024 of these cache segments and achieved transfer speeds of up to 10.9 kilobytes per second, fast enough to transfer simple information. Attackers can extract data using other attacks in areas of the computer that are disconnected from the internet.

The third attack targeted AES encryption, which encrypts documents, connections, and servers. Here, they filled up the cache with their own AES encryption. The reaction of the cache enabled them to identify the places in the system responsible for encryption and access the keys of the attacked system. “Our AES attack would probably be somewhat more complicated under real-time conditions because many encryptions run in parallel on a GPU,” says Roland Czerny from the Institute of Applied Information Processing and Communications at TU Graz. “Nevertheless, we demonstrated that we can also attack algorithms very precisely. We communicated the findings of our work to the browser manufacturers in advance, and we hope they will consider this issue in the further development of WebGPU.”

The research and paper will be presented at the ACM Asia Conference on Computer and Communications Security from 1 to 5 July in Singapore.