My research explores the security of the interface between the software and the hardware. In particular, I am interested in the discrepancy between the way that programmers think about software execution and the concrete execution in modern processors. I work on identifying micro-architectural vulnerabilities, and on exploitation and mitigation techniques.
Contact Information
Email: yuval.yarom [at] rub [dot] deNews
4 Jul 2024
Published the Code Artifact for Evict+Spec+Time: Exploiting Out-of-Order Execution to Improve Cache-Timing Attacks. 2 Jul 2024
Preprint available Protecting cryptographic code against Spectre-RSB (and, in fact, all known Spectre variants), co-authored with
,
,
,
,
,
,
, and
.
22 May 2024
The paper Elephants Do Not Forget: Differential Privacy with State Continuity for Privacy Budget with will appear in CCS 202419 Apr 2024
I have been appointed as an adjunct faculty at the Max Planck Institute for Security and Privacy4 Apr 2024
The paper Testing Side-Channel Security of Cryptographic Implementations against Future Microarchitectures with will appear in CCS 202416 Mar 2024
The paper Evict+Spec+Time: Exploiting Out-of-Order Execution to Improve Cache-Timing Attacks with will appear in TCHES2 Feb 2024
Preprint available Evict+Spec+Time: Exploiting Out-of-Order Execution to Improve Cache-Timing Attacks, co-authored with .More news...
Service
Program Chair: SEED 2022, WOOT 2020, Kangacrypt 2018, SPACE 2018.
Event Organisation: SSS2 2023, CHES 2020, Kangacrypt 2018, ASEC 2018.
Steering Committees: CHES 2019–2020, WOOT 2020–.
Editorial Board: Communications in Cryptography 2024
Program Committees:
- 2025: CHES, IEEE EuroS&P, IEEE S&P, USENIX Security
- 2024: ASPLOS (ERC), CHES, IEEE EuroS&P, IEEE S&P, RWC, USENIX Security, WOOT
- 2023: ACISP, CCS, IEEE S&P (Associate Chair), RWC, SecDev, SILM, USENIX Security, WOOT
- 2022: ACISP, CARDIS, CCS, CFAIL, CHES, DRAMSec, HASP, IEEE S&P, RWC, SecDev, SILM, Top in HES, USENIX Security
- 2021: ACISP, ACSAC, AsiaCCS, CARDIS, CHES, CT-RSA, DATE, DRAMSec, ESORICS, IEEE S&P, SEED, SILM, USENIX Security
- 2020: ACSAC, CARDIS, CHES, IEEE S&P, SCAM, SILM, SPACE, USENIX Security
- 2019: ASPLOS (ERC), CARDIS, CCS, CHES, IEEE EuroS&P, Latincrypt, RWC, SAC, SPACE, USENIX ATC, USENIX Security, WOOT
- 2018: CARDIS, CHES, SysTEX
- 2017: Latincrypt, SPACE, USENIX Security
- 2015: SYSTOR
Awards
- Excellent Teaching Award Nominee — RUB 2024
- Humies Gold Award — GECCO 2023
- Distinguished Paper Award — PLDI 2023
- NSA Best Scientific Cybersecurity Paper Competition 2020
- SA Young Tall Poppy Award — 2020
- Best student paper award — ICEIS 2020
- Chris Wallace Award for Outstanding Research — 2020
- Honorable Mention — NSA Best Scientific Cybersecurity Paper Competition 2019
- Distinguished Paper Award — IEEE SP 2019
- Best Paper Award — EuroSys 2019
- Foreshadow chosen for IEEE Micro Top Pick — 2019
- Best Paper Award — APSys 2018
- Pwnie Award — Most Innovative Research — Black Hat 2018
- Pwnie Award — Best Privilege Escalation Bug — Black Hat 2018
- Knuth Reward Cheque — 1999
- Mifal Hapayis Research Prize — 1994
Misc
- My Erdös number is 2.
- PhD Thesis: Software-based Reference Protection for Component Isolation
- Master Thesis: The Deputy Mechanism for Transparent Process Migration
- Simulated Annealing for Standard-Cell Sizing (An Amirim—Science project report — in Hebrew).