My research explores the security of the interface between the software and the hardware. In particular, I am interested in the discrepancy between the way that programmers think about software execution and the concrete execution in modern processors. I work on identifying micro-architectural vulnerabilities, and on exploitation and mitigation techniques.
Contact Information
Email: yuval.yarom [at] rub [dot] deNews
9 Dec 2024
Published a preprint and the Code Artifact for On Borrowed Time – Preventing Static Side-Channel Analysis.22 Nov 2024
The paper On Borrowed Time – Preventing Static Side-Channel Analysis with will appear in NDSS 20257 Nov 2024
Our work CryptOpt: Verified Compilation with Randomized Program Search for Cryptographic Primitives won the 2024 German IT Security Prize 29 Oct 2024
Congratulations to who completed a PhD on Enhancing State-of-the-Art Techniques Generating Low-Level Code for Cryptographic Arithmetic.15 Oct 2024
Spec-o-Scope: Cache Probing at Cache Speed received Distinguished Paper Award at CCS 2024.15 Oct 2024
Testing Side-Channel Security of Cryptographic Implementations against Future Microarchitectures received Distinguished Paper Award at CCS 2024.4 Jul 2024
Published the Code Artifact for Evict+Spec+Time: Exploiting Out-of-Order Execution to Improve Cache-Timing Attacks. 2 Jul 2024
Preprint available Protecting cryptographic code against Spectre-RSB (and, in fact, all known Spectre variants), co-authored with
,
,
,
,
,
,
, and
.
More news...
Service
Program Chair: SEED 2022, WOOT 2020, Kangacrypt 2018, SPACE 2018.
Event Organisation: SSS2 2023, CHES 2020, Kangacrypt 2018, ASEC 2018.
Steering Committees: CHES 2019–2020, WOOT 2020–.
Editorial Board: Communications in Cryptography 2024
Program Committees:
- 2025: CHES, IEEE EuroS&P, IEEE S&P, USENIX Security
- 2024: ASPLOS (ERC), CHES, IEEE EuroS&P, IEEE S&P, RWC, USENIX Security, WOOT
- 2023: ACISP, CCS, IEEE S&P (Associate Chair), RWC, SecDev, SILM, USENIX Security, WOOT
- 2022: ACISP, CARDIS, CCS, CFAIL, CHES, DRAMSec, HASP, IEEE S&P, RWC, SecDev, SILM, Top in HES, USENIX Security
- 2021: ACISP, ACSAC, AsiaCCS, CARDIS, CHES, CT-RSA, DATE, DRAMSec, ESORICS, IEEE S&P, SEED, SILM, USENIX Security
- 2020: ACSAC, CARDIS, CHES, IEEE S&P, SCAM, SILM, SPACE, USENIX Security
- 2019: ASPLOS (ERC), CARDIS, CCS, CHES, IEEE EuroS&P, Latincrypt, RWC, SAC, SPACE, USENIX ATC, USENIX Security, WOOT
- 2018: CARDIS, CHES, SysTEX
- 2017: Latincrypt, SPACE, USENIX Security
- 2015: SYSTOR
Awards
- German IT Security Prize; 2024
- Distinguished paper award — CCS 2024
- Distinguished paper award — CCS 2024
- Excellent Teaching Award Nominee — RUB 2024
- Humies Gold Award — GECCO 2023
- Distinguished Paper Award — PLDI 2023
- NSA Best Scientific Cybersecurity Paper Competition 2020
- SA Young Tall Poppy Award — 2020
- Best student paper award — ICEIS 2020
- Chris Wallace Award for Outstanding Research — 2020
- Honorable Mention — NSA Best Scientific Cybersecurity Paper Competition 2019
- Distinguished Paper Award — IEEE SP 2019
- Best Paper Award — EuroSys 2019
- Foreshadow chosen for IEEE Micro Top Pick — 2019
- Best Paper Award — APSys 2018
- Pwnie Award — Most Innovative Research — Black Hat 2018
- Pwnie Award — Best Privilege Escalation Bug — Black Hat 2018
- Knuth Reward Cheque — 1999
- Mifal Hapayis Research Prize — 1994
Misc
- My Erdös number is 2.
- PhD Thesis: Software-based Reference Protection for Component Isolation
- Master Thesis: The Deputy Mechanism for Transparent Process Migration
- Simulated Annealing for Standard-Cell Sizing (An Amirim—Science project report — in Hebrew).