When software is designed, even with security in mind, assumptions are made about
the details of hardware behavior. Unfortunately, the correctness of such assumptions can be
critical to the desired security properties. In this dissertation we first demonstrate how incorrect
assumptions about the hardware abstraction lead to side-channels that threaten modern software
security, and second we propose a principled method of timing channel defense for modern web
We show how performance variations in floating-point math instructions enable the
first demonstrated instruction-data timing side-channel on commodity hardware. We use this
side-channel in two case studies to prove it’s viability. First, we redesign a previous attack on an
xivolder version of the Firefox web browser to violate the Same Origin Policy. Second, we break
the guarantees of a differentially private database designed to resist timing attacks. We show
how the timing side-channel arises from hardware optimization decisions that have been well
understood in the architecture, numerical analysis, and game-engine communities, but largely
ignored in security.
Using a detailed measurement and analysis of floating-point performance, we examine
the progress and potential of defenses against floating-point timing side-channels. We find that
all deployed defensive schemes for desktop web browsers were insufficient, and most are still
vulnerable. Using the same analysis methods, we show how a proposed defensive scheme makes
incorrect assumptions about the hardware features it leverages, negating its guarantees.
As a possible remediation to the problem of floating-point timing side-channels, we
present libfixedtimefixedpoint as an alternative to floating-point. It provides a fixed-
point implementation of most available floating-point operations and is designed to run in
constant time regardless of the input values.
Finally, we discuss structural problems in modern web browser design that make them
amenable to all timing attacks. Adapting solutions from parallel problems solved by early trusted
operating systems projects, we propose a modified browser architecture providing a provable
defensive guarantee against all timing attacks. We then demonstrate the viability of this scheme
by prototyping aspects of the architecture in a modified web browser.