Yuval Yarom

Orcid: 0000-0003-0401-4197

Affiliations:
  • Ruhr University Bochum, Germany
  • The University of Adelaide, School of Computer Science, Adelaide, SA, Australia (former, PhD 2014)


According to our database1, Yuval Yarom authored at least 96 papers between 2008 and 2024.

Collaborative distances:

Timeline

Legend:

Book 
In proceedings 
Article 
PhD thesis 
Dataset
Other 

Links

Online presence:

On csauthors.net:

Bibliography

2024
TeeJam: Sub-Cache-Line Leakages Strike Back.
IACR Trans. Cryptogr. Hardw. Embed. Syst., 2024

Evict+Spec+Time: Exploiting Out-of-Order Execution to Improve Cache-Timing Attacks.
IACR Trans. Cryptogr. Hardw. Embed. Syst., 2024

Protecting cryptographic code against Spectre-RSB.
IACR Cryptol. ePrint Arch., 2024

Spec-o-Scope: Cache Probing at Cache Speed.
IACR Cryptol. ePrint Arch., 2024

Testing side-channel security of cryptographic implementations against future microarchitectures.
CoRR, 2024

Elephants Do Not Forget: Differential Privacy with State Continuity for Privacy Budget.
CoRR, 2024

Pixel Thief: Exploiting SVG Filter Leakage in Firefox and Chrome.
Proceedings of the 33rd USENIX Security Symposium, 2024

SledgeHammer: Amplifying Rowhammer via Bank-level Parallelism.
Proceedings of the 33rd USENIX Security Symposium, 2024

SoK: SGX.Fail: How Stuff Gets eXposed.
Proceedings of the IEEE Symposium on Security and Privacy, 2024

SoK: Can We Really Detect Cache Side-Channel Attacks by Monitoring Performance Counters?
Proceedings of the 19th ACM Asia Conference on Computer and Communications Security, 2024

CNN Architecture Extraction on Edge GPU.
Proceedings of the Applied Cryptography and Network Security Workshops, 2024

2023
Row, Row, Row Your Boat: How to Not Find Weak Keys in Pilsung.
Comput. J., June, 2023

CryptOpt: Verified Compilation with Randomized Program Search for Cryptographic Primitives.
Proc. ACM Program. Lang., 2023

Leaky McEliece: Secret Key Recovery From Highly Erroneous Side-Channel Information.
IACR Cryptol. ePrint Arch., 2023

BarraCUDA: Bringing Electromagnetic Side Channel Into Play to Steal the Weights of Neural Networks from NVIDIA GPUs.
CoRR, 2023

On Borrowed Time - Preventing Static Power Side-Channel Analysis.
CoRR, 2023

BunnyHop: Exploiting the Instruction Prefetcher.
Proceedings of the 32nd USENIX Security Symposium, 2023

Ultimate SLH: Taking Speculative Load Hardening to the Next Level.
Proceedings of the 32nd USENIX Security Symposium, 2023

Hot Pixels: Frequency, Power, and Temperature Attacks on GPUs and Arm SoCs.
Proceedings of the 32nd USENIX Security Symposium, 2023

Checking Passwords on Leaky Computers: A Side Channel Analysis of Chrome's Password Leak Detect Protocol.
Proceedings of the 32nd USENIX Security Symposium, 2023

The Gates of Time: Improving Cache Attacks with Transient Execution.
Proceedings of the 32nd USENIX Security Symposium, 2023

The Impostor Among US(B): Off-Path Injection Attacks on USB Communications.
Proceedings of the 32nd USENIX Security Symposium, 2023

CryptOpt: Automatic Optimization of Straightline Code.
Proceedings of the 45th IEEE/ACM International Conference on Software Engineering: ICSE 2023 Companion Proceedings, 2023

iLeakage: Browser-based Timerless Speculative Execution Attacks on Apple Devices.
Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, 2023

CacheFX: A Framework for Evaluating Cache Security.
Proceedings of the 2023 ACM Asia Conference on Computer and Communications Security, 2023

2022
Breaking and Fixing Speculative Load Hardening.
IACR Cryptol. ePrint Arch., 2022

Spectre Declassified: Reading from the Right Place at the Wrong Time.
IACR Cryptol. ePrint Arch., 2022

CryptOpt: Verified Compilation with Random Program Search for Cryptographic Primitives.
CoRR, 2022

DRAWNAPART: A Device Identification Technique based on Remote GPU Fingerprinting.
CoRR, 2022

Spook.js: Attacking Chrome Strict Site Isolation via Speculative Execution.
Proceedings of the 43rd IEEE Symposium on Security and Privacy, 2022

DRAWN APART: A Device Identification Technique based on Remote GPU Fingerprinting.
Proceedings of the 29th Annual Network and Distributed System Security Symposium, 2022

Opportunities for genetic improvement of cryptographic code.
Proceedings of the GECCO '22: Genetic and Evolutionary Computation Conference, Companion Volume, Boston, Massachusetts, USA, July 9, 2022

Side-Channeling the Kalyna Key Expansion.
Proceedings of the Topics in Cryptology - CT-RSA 2022, 2022

Automating Cryptographic Code Generation.
Proceedings of the 2022 Workshop on Attacks and Solutions in Hardware Security, 2022

HammerScope: Observing DRAM Power Consumption Using Rowhammer.
Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, 2022

2021
Browser Based Side-Channel Defenses Datasets.
Dataset, October, 2021

Website Fingerprinting Through the Cache Occupancy Channel and its Real World Practicality.
IEEE Trans. Dependable Secur. Comput., 2021

Whack-a-Meltdown: Microarchitectural Security Games [Systems Attacks and Defenses].
IEEE Secur. Priv., 2021

Rosita++: Automatic Higher-Order Leakage Elimination from Cryptographic Code.
IACR Cryptol. ePrint Arch., 2021

RSA Key Recovery from Digit Equivalence Information.
IACR Cryptol. ePrint Arch., 2021

SoK: Design Tools for Side-Channel-Aware Implementations.
IACR Cryptol. ePrint Arch., 2021

SoK: Design Tools for Side-Channel-Aware Implementions.
CoRR, 2021

Prime+Probe 1, JavaScript 0: Overcoming Browser-based Side-Channel Defenses.
Proceedings of the 30th USENIX Security Symposium, 2021

CacheOut: Leaking Data on Intel CPUs via Cache Evictions.
Proceedings of the 42nd IEEE Symposium on Security and Privacy, 2021

Nonce@Once: A Single-Trace EM Side Channel Attack on Several Constant-Time Elliptic Curve Implementations in Mobile Platforms.
Proceedings of the IEEE European Symposium on Security and Privacy, 2021

2020
Cache vs. Key-Dependency: Side Channeling an Implementation of Pilsung.
IACR Trans. Cryptogr. Hardw. Embed. Syst., 2020

LadderLeak: Breaking ECDSA With Less Than One Bit Of Nonce Leakage.
IACR Cryptol. ePrint Arch., 2020

Meltdown: reading kernel memory from user space.
Commun. ACM, 2020

Spectre attacks: exploiting speculative execution.
Commun. ACM, 2020

A Queueing Solution to Reduce Delay in Processing of Disclosed Vulnerabilities.
Proceedings of the Second IEEE International Conference on Trust, 2020

RAMBleed: Reading Bits in Memory Without Accessing Them.
Proceedings of the 2020 IEEE Symposium on Security and Privacy, 2020

LVI: Hijacking Transient Execution through Microarchitectural Load Value Injection.
Proceedings of the 2020 IEEE Symposium on Security and Privacy, 2020

PThammer: Cross-User-Kernel-Boundary Rowhammer through Implicit Accesses.
Proceedings of the 53rd Annual IEEE/ACM International Symposium on Microarchitecture, 2020

Enterprise Security Architecture: Mythology or Methodology?
Proceedings of the 22nd International Conference on Enterprise Information Systems, 2020

Security Architecture Framework for Enterprises.
Proceedings of the Enterprise Information Systems - 22nd International Conference, 2020

2019
Website Fingerprinting - Last Level Cache Contention Traces.
Dataset, September, 2019

Breaking Virtual Memory Protection and the SGX Ecosystem with Foreshadow.
IEEE Micro, 2019

Rosita: Towards Automatic Elimination of Power-Analysis Leakage in Ciphers.
IACR Cryptol. ePrint Arch., 2019

Pseudorandom Black Swans: Cache Attacks on CTR_DRBG.
IACR Cryptol. ePrint Arch., 2019

Fallout: Reading Kernel Writes From User Space.
CoRR, 2019

Robust Website Fingerprinting Through the Cache Occupancy Channel.
Proceedings of the 28th USENIX Security Symposium, 2019

Time Protection: The Missing OS Abstraction.
Proceedings of the Fourteenth EuroSys Conference 2019, Dresden, Germany, March 25-28, 2019, 2019

Fallout: Leaking Data on Meltdown-resistant CPUs.
Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, 2019

2018
Spectre Attacks: Exploiting Speculative Execution.
meltdownattack.com, 2018

Meltdown
meltdownattack.com, 2018

CacheQuote: Efficiently Recovering Long-term Secrets of SGX EPID via Cache Attacks.
IACR Trans. Cryptogr. Hardw. Embed. Syst., 2018

A survey of microarchitectural timing attacks and countermeasures on contemporary hardware.
J. Cryptogr. Eng., 2018

The 9 Lives of Bleichenbacher's CAT: New Cache ATtacks on TLS Implementations.
IACR Cryptol. ePrint Arch., 2018

Drive-by Key-Extraction Cache Attacks from Portable Code.
IACR Cryptol. ePrint Arch., 2018

Meltdown: Reading Kernel Memory from User Space.
Proceedings of the 27th USENIX Security Symposium, 2018

Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution.
Proceedings of the 27th USENIX Security Symposium, 2018

Another Flip in the Wall of Rowhammer Defenses.
Proceedings of the 2018 IEEE Symposium on Security and Privacy, 2018

The Effect of Common Vulnerability Scoring System Metrics on Vulnerability Exploit Delay.
Proceedings of the Sixth International Symposium on Computing and Networking, 2018

No Security Without Time Protection: We Need a New Hardware-Software Contract.
Proceedings of the 9th Asia-Pacific Workshop on Systems, 2018

2017
CacheBleed: a timing attack on OpenSSL constant-time RSA.
J. Cryptogr. Eng., 2017

To BLISS-B or not to be - Attacking strongSwan's Implementation of Post-Quantum Signatures.
IACR Cryptol. ePrint Arch., 2017

Modifying an Enciphering Scheme after Deployment.
IACR Cryptol. ePrint Arch., 2017

May the Fourth Be With You: A Microarchitectural Side Channel Attack on Several Real-World Applications of Curve25519.
IACR Cryptol. ePrint Arch., 2017

Sliding right into disaster: Left-to-right sliding windows leak.
IACR Cryptol. ePrint Arch., 2017

USB Snooping Made Easy: Crosstalk Leakage Attacks on USB Hubs.
Proceedings of the 26th USENIX Security Symposium, 2017

2016
ECDSA Key Extraction from Mobile Devices via Nonintrusive Physical Side Channels.
IACR Cryptol. ePrint Arch., 2016

"Make Sure DSA Signing Exponentiations Really are Constant-Time".
IACR Cryptol. ePrint Arch., 2016

Flush, Gauss, and Reload - A Cache Attack on the BLISS Lattice-Based Signature Scheme.
IACR Cryptol. ePrint Arch., 2016

Do Hardware Cache Flushing Operations Actually Meet Our Expectations?
CoRR, 2016

CATalyst: Defeating last-level cache side channel attacks in cloud computing.
Proceedings of the 2016 IEEE International Symposium on High Performance Computer Architecture, 2016

2015
Evaluation and Cryptanalysis of the Pandaka Lightweight Cipher.
IACR Cryptol. ePrint Arch., 2015

Mapping the Intel Last-Level Cache.
IACR Cryptol. ePrint Arch., 2015

Exploiting Transformations of the Galois Configuration to Improve Guess-and-Determine Attacks on NFSRs.
IACR Cryptol. ePrint Arch., 2015

Amplifying Side Channels Through Performance Degradation.
IACR Cryptol. ePrint Arch., 2015

Last-Level Cache Side-Channel Attacks are Practical.
Proceedings of the 2015 IEEE Symposium on Security and Privacy, 2015

2014
Recovering OpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack.
IACR Cryptol. ePrint Arch., 2014

Just a Little Bit More.
IACR Cryptol. ePrint Arch., 2014

"Ooh Aah... Just a Little Bit" : A small amount of side channel can go a long way.
IACR Cryptol. ePrint Arch., 2014

2013
Flush+Reload: a High Resolution, Low Noise, L3 Cache Side-Channel Attack.
IACR Cryptol. ePrint Arch., 2013

2012
S-RVM: a secure design for a high-performance java virtual machine.
Proceedings of the VMIL@SPLASH 2012: Proceedings of the sixth ACM workshop on Virtual machines and intermediate languages, 2012

2008
Estimating camera overlap in large and growing networks.
Proceedings of the 2008 Second ACM/IEEE International Conference on Distributed Smart Cameras, 2008


  Loading...