How does DBSC prevent cookie theft?

The DBSC API will let a website tell the browser to start a new session and generate a private-public key pair for that session. The browser will then register the public key with the website using an endpoint path specified by the website and the website will then respond with short-lived cookies that are now associated with that public key.

The difference is the website can periodically request the browser for proof that it has the private key that’s part of the private-public key pair by asking it to sign a challenge. The challenge signature is then checked using the public key that was registered with the server when the session was created.

This private key needed to sign the challenge is stored securely and operations involving it are done via the computer’s TPM which has dedicated memory that is not accessible from within the operating system. This means the keys are kept secure from theft even in case of a full system compromise.

TPM chips have long been available in enterprise computers and laptops to support secure disk encryption and authentication, but they are now increasingly common in all types of PCs because the presence of a TPM 2.0 chip is a requirement for installing Windows 11. Studies done by the Chrome team suggest that currently over 60% of users have such a chip in their computers and the figure is only expected to increase.

TPM introduces a potential threat to DBSC

The problem with TPMs, however, is that they tend to have a high latency — the operations are not fast — and they have limited processing power which means they can’t handle many concurrent operations. Some users have already raised the issue of potential denial-of-service attacks performed by malicious domains and subdomains against TPMs via this feature by requesting key generation and validation for a large number of sessions at the same time.

The Chrome engineers responded that they already have a prioritization queue mechanism in mind and are exploring other protections to mitigate that threat.