
My research explores the security of the interface between the software and the hardware. In particular, I am interested in the discrepancy between the way that programmers think about software execution and the concrete execution in modern processors. I work on identifying micro-architectural vulnerabilities, and on exploitation and mitigation techniques.
Contact Information
Email: yuval.yarom [at] rub [dot] deNews
17 Nov 2023
The paper Pixel Thief: Exploiting SVG Filter Leakage in Firefox and Chrome with will appear in USENIX Security 20248 Nov 2023
's thesis has been awarded the Dean's Commendation for Master by Research Thesis Excellence5 Nov 2023
Congratulations to who completed a Master of Philosophy on Exploring the Vulnerability of Branch Prediction Unit.28 Oct 2023
The paper SoK: SGX.Fail: How Stuff Gets eXposed with will appear in IEEE SP 202425 Oct 2023
The paper iLeakage: Browser-based Timerless Speculative Execution Attacks on Apple Devices with will appear in CCS 202324 Oct 2023
Congratulations to who completed a Master of Philosophy on Cache Attacks and Defenses16 Oct 2023
The paper SledgeHammer: Amplifying Rowhammer via Bank-level Parallelism with will appear in USENIX Security 20249 Oct 2023
Preprint available Leaky McEliece: Secret Key Recovery From Highly Erroneous Side-Channel Information, co-authored with
,
,
,
.

2 Oct 2023
Cyber Today, the magazine of the Australian Information Security Association (AISA) has a piece on CryptOptMore news...
Service
Program Chair: SEED 2022, WOOT 2020, Kangacrypt 2018, SPACE 2018.
Event Organisation:
SSS2 2023,
CHES 2020,
Kangacrypt 2018,
ASEC 2018.
Steering Committees: CHES 2019–2020, WOOT 2020–.
Editorial Board: CCDS Special Issue on Offensive Cryptography, HASS Special Issue on SPACE 2018.
Program Committees:
- 2024: ASPLOS (ERC), CHES, IEEE EuroS&P, IEEE S&P, RWC, USENIX Security
- 2023: ACISP, CCS, IEEE S&P (Associate Chair), RWC, SecDev, SILM, USENIX Security, WOOT
- 2022: ACISP, CARDIS, CCS, CFAIL, CHES, DRAMSec, HASP, IEEE S&P, RWC, SecDev, SILM, Top in HES, USENIX Security
- 2021: ACISP, ACSAC, AsiaCCS, CARDIS, CHES, CT-RSA, DATE, DRAMSec, ESORICS, IEEE S&P, SEED, SILM, USENIX Security
- 2020: ACSAC, CARDIS, CHES, IEEE S&P, SCAM, SILM, SPACE, USENIX Security
- 2019: ASPLOS (ERC), CARDIS, CCS, CHES, IEEE EuroS&P, Latincrypt, RWC, SAC, SPACE, USENIX ATC, USENIX Security, WOOT
- 2018: CARDIS, CHES, SysTEX
- 2017: Latincrypt, SPACE, USENIX Security
- 2015: SYSTOR
Awards
- Humies Gold Award — GECCO 2023
- Distinguished Paper Award — PLDI 2023
- NSA Best Scientific Cybersecurity Paper Competition 2020
- SA Young Tall Poppy Award — 2020
- Best student paper award — ICEIS 2020
- Chris Wallace Award for Outstanding Research — 2020
- Honorable Mention — NSA Best Scientific Cybersecurity Paper Competition 2019
- Distinguished Paper Award — IEEE SP 2019
- Best Paper Award — EuroSys 2019
- Foreshadow chosen for IEEE Micro Top Pick — 2019
- Best Paper Award — APSys 2018
- Pwnie Award — Most Innovative Research — Black Hat 2018
- Pwnie Award — Best Privilege Escalation Bug — Black Hat 2018
- Knuth Reward Cheque — 1999
- Mifal Hapayis Research Prize — 1994
Misc
- My Erdös number is 2.
- PhD Thesis: Software-based Reference Protection for Component Isolation
- Master Thesis: The Deputy Mechanism for Transparent Process Migration
- Simulated Annealing for Standard-Cell Sizing (An Amirim—Science project report — in Hebrew).