Yuval Yarom --- Publications

cs.adelaide.edu.au

Publications

To Appear

Anatoly Shusterman, Zohar Avraham, Eliezer Croitoru, Yarden Haskal, Lachlan Kang, Dvir Levi, Yosef Meltser, Prateek Mittal, Yossi Oren, Yuval Yarom, Website Fingerprinting Through the Cache Occupancy Channel and its Real World Practicality, IEEE TDSC, To Appear.

2020

Paul Kocher, Jann Horn, Anders Fogh, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, Yuval Yarom, Spectre Attacks: Exploiting Speculative Execution, Communications of the ACM 63(7), pp. 93–101, Jul 2020.

Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Jann Horn, Stefan Mangard, Paul Kocher, Daniel Genkin, Yuval Yarom, Mike Hamburg, Raoul Strackx, Meltdown: Reading Kernel Memory from User Space, Communications of the ACM 63(6), pp. 45–56, Jun 2020.

Diego F. Aranha and Felipe Rodrigues Novaes and Akira Takahashi and Mehdi Tibouchi and Yuval Yarom, LadderLeak: Breaking ECDSA With Less Than One Bit Of Nonce Leakage, ePrint 2020/615, May 2020.

Shaanan Cohney, Andrew Kwong, Shachar Paz, Daniel Genkin, Nadia Heninger, Eyal Ronen, Yuval Yarom, Pseudorandom Black Swans: Cache Attacks on CTR_DRBG, IEEE SP, pp. 875–892, May 2020.

Andrew Kwong, Daniel Genkin, Daniel Gruss, Yuval Yarom, RAMBleed: Reading Bits in Memory Without Accessing Them, IEEE SP, pp. 310–326, May 2020.

Jo Van Bulck, Daniel Moghimi, Michael Schwarz, Moritz Lipp, Marina Minkin, Daniel Genkin, Yuval Yarom, Berk Sunar, Daniel Gruss, Frank Piessens, LVI: Hijacking Transient Execution through Microarchitectural Load Value Injection, IEEE SP, pp. 1452–1470, May 2020.

Michelle McClintock, Katrina Falkner, Claudia Szabo, Yuval Yarom, Enterprise Security Architecture: Mythology or Methodology?, ICEIS, pp. 679–689, May 2020. Best student paper award.

Stephan van Schaik, Marina Minkin, Andrew Kwong, Daniel Genkin, Yuval Yarom, CacheOut: Leaking Data on Intel CPUs via Cache Evictions, Online http://cacheoutattack.com, Jan 2020.

2019

Madura A. Shelton, Niels Samwel, Lejla Batina, Francesco Regazzoni, Markus Wagner, Yuval Yarom, Rosita: Towards Automatic Elimination of Power-Analysis Leakage in Ciphers, ePrint 2019/1445, Dec 2019.

Daniel Genkin, Romain Poussier, Rui Qi Sim, Yuval Yarom, Yuanjing Zhao, Cache vs. Key-Dependency: Side Channeling an Implementation of Pilsung, TCHES 2020(1), pp. 231–255, Nov 2019.

Claudio Canella, Daniel Genkin, Lukas Giner, Daniel Gruss, Moritz Lipp, Marina Minkin, Daniel Moghimi, Frank Piessens, Michael Schwarz, Berk Sunar, Jo Van Bulck, Yuval Yarom, Fallout: Leaking Data on Meltdown-resistant CPUs, CCS, pp. 769–784, London, United Kingdom, Nov 2019.

Anatoly Shusterman, Lachlan Kang, Yarden Haskal, Yosef Meltser, Prateek Mittal, Yossi Oren, Yuval Yarom, Robust Website Fingerprinting Through the Cache Occupancy Channel, USENIX Security, pp. 639–656, Santa Clara, CA, USA, Aug 2019.

Jo Van Bulck, Marina Minkin, Ofir Weisse, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Thomas F. Wenisch, Yuval Yarom, Raoul Strackx, Breaking Virtual Memory Protection and the SGX Ecosystem with Foreshadow, IEEE Micro 39(3), pp. 66–74, May 2019.

Eyal Ronen, Robert Gillham, Daniel Genkin, Adi Shamir, David Wong, Yuval Yarom, The 9 Lives of Bleichenbacher's CAT: New Cache ATtacks on TLS Implementations, IEEE SP, pp. 966–983, San Francisco, CA, USA, May 2019.

Paul Kocher, Jann Horn, Anders Fogh, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, Yuval Yarom, Spectre Attacks: Exploiting Speculative Execution, IEEE SP, pp. 19–37, San Francisco, CA, USA, May 2019. Distinguished paper award.

Qian Ge, Yuval Yarom, Gernot Heiser, Time Protection: the Missing OS Abstraction, EuroSys, pp. 1:1–1:17, Dresden, Germany, Mar 2019. Best paper award.

2018

Andrew Feutrill, Dinesha Ranathunga, Yuval Yarom, Matthew Roughan, The Effect of Common Vulnerability Scoring System Metrics on Vulnerability Exploit Delay, CANDAR, Hida Takayama, Japan, Nov 2018.

Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Anders Fogh, Jann Horn, Stefan Mangard, Paul Kocher, Daniel Genkin, Yuval Yarom, Mike Hamburg, Meltdown: Reading Kernel Memory from User Space, USENIX Security, pp. 973–990, Baltimore, MD, USA, Aug 2018.

Jo Van Bulck, Marina Minkin, Ofir Weisse, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Thomas F. Wenisch, Yuval Yarom, Raoul Strackx, Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution, USENIX Security, pp. 991–1008, Baltimore, MD, USA, Aug 2018.

Qian Ge, Yuval Yarom, Gernot Heiser, No Security Without Time protection: We Need a New hardware Software Contract, APSys, Jeju Island, Korea, Aug 2018. Best paper award.

Daniel Genkin, Lev Pachmanov, Eran Tromer, Yuval Yarom, Drive-by Key-Extraction Cache Attacks from Portable Code, ACNS, pp. 83–102, Leuven, Belgium, Jul 2018.

Fergus Dall, Gabrielle De Micheli, Thomas Eisenbarth, Daniel Genkin, Nadia Heninger, Ahmad Moghimi, Yuval Yarom, CacheQuote: Efficiently Recovering Long-term Secrets of SGX EPID via Cache Attacks, TCHES 2018(2), pp. 171–191, May 2018.

Daniel Gruss, Moritz Lipp, Michael Schwartz, Daniel Genkin, Jonas Juffinger, Sioli O'Connell, Wolfgang Schoechl, Yuval Yarom, Another Flip in the Wall of Rowhammer Defenses, IEEE SP, pp. 489–505, San Francisco, CA, USA, May 2018.

Qian Ge, Yuval Yarom, David Cock, Gernot Heiser, A Survey of Microarchitectural Timing Attacks and Countermeasures on Contemporary Hardware, JCEN 8(1), pp. 1–27, Apr 2018.

2017

Daniel Genkin, Luke Valenta, Yuval Yarom, May the Fourth Be With You: A Microarchitectural Side Channel Attack on Several Real-World Applications of Curve25519, CCS, pp. 845–858, Dallas, TX, US, Oct 2017.

Peter Pessl, Leon Groot Bruinderink, Yuval Yarom, To BLISS-B or not to be — Attacking StrongSwan's Implementation of Post-Quantum Signatures, CCS, pp. 1843–1855, Dallas, TX, USA, Oct 2017.

Daniel J. Bernstein, Joachim Breitner, Daniel Genkin, Leon Groot Bruinderink, Nadia Heninger, Tanja Lange, Christine van Vredendaal, Yuval Yarom, Sliding Right Into Disaster: Left-to-right sliding windows leak, CHES, pp. 555–576, Taipei, Taiwan, Sep 2017.

Yang Su, Daniel Genkin, Damith C. Ranasinghe, Yuval Yarom, USB Snooping Made Easy: Crosstalk Leakage Attacks on USB Hubs, USENIX Security, pp. 1145–1161, Vancouver, BC, Canada, Aug 2017.

Yuval Yarom, Daniel Genkin, Nadia Heninger, CacheBleed: A Timing Attack on OpenSSL Constant Time RSA, JCEN 7(2), pp. 99–112, Jun 2017.

Paul Grubbs, Thomas Ristenpart, Yuval Yarom, Modifying an Enciphering Scheme after Deployment, EuroCrypt, pp. 499–527, Paris, France, Apr 2017.

Mike J. Wilkinson, Claudia Szabo, Caroline S. Ford, Yuval Yarom, Adam E. Croxford, Amanda Camp, Paul Gooding, Replacing Sanger with Next Generation Sequencing to improve coverage and quality of reference DNA barcodes for plants, Scientific Reports 7(46040), Apr 2017.

2016

Thomas Allan, Billy Bob Brumley, Katrina Falkner, Joop van de Pol, Yuval Yarom, Amplifying Side Channels Through Performance Degradation, ACSAC, pp. 422–435, Los Angeles, CA, USA, Dec 2016.

César Pereida García, Billy Bob Brumley, Yuval Yarom, “Make Sure DSA Signing Exponentiations Really are Constant-Time”, CCS, pp. 1639–1650, Vienna, Austria, Oct 2016.

Daniel Genkin, Lev Pachmanov, Itamar Pipman, Eran Tromer, Yuval Yarom, ECDSA Key Extraction from Mobile Devices via Nonintrusive Physical Side Channels, CCS, pp. 1626–1638, Vienna, Austria, Oct 2016.

Yuval Yarom, Daniel Genkin, Nadia Heninger, CacheBleed: A Timing Attack on OpenSSL Constant Time RSA, CHES, pp. 346–367, Santa Barbabra, CA, US, Aug 2016.

Leon Groot Bruinderink, Andreas Hülsing, Tanja Lange, Yuval Yarom, Flush, Gauss, and Reload — A Cache Attack on the BLISS Lattice-Based Signature Scheme, CHES, pp. 323–345, Santa Barbabra, CA, USA, Aug 2016.

Fangfei Liu, Qian Ge, Yuval Yarom, Frank Mckeen, Carlos Rozas, Gernot Heiser, Ruby B. Lee, CATalyst: Defeating Last-Level Cache Side Channel Attacks in Cloud Computing, HPCA, pp. 406–418, Barcelona, Spain, Mar 2016.

2015

Gefei Li, Yuval Yarom, Damith C. Ranasinghe, Exploiting Transformations of the Galois Configuration to Improve Guess-and-Determine Attacks on NFSRs, ePrint 2015/1045, Oct 2015.

Yuval Yarom, Qian Ge, Fangfei Liu, Ruby B. Lee, Gernot Heiser, Mapping the Intel Last-Level Cache, ePrint 2015/905, Sep 2015.

Yuval Yarom, Gefei Li, Damith C. Ranasinghe, Evaluation and Cryptanalysis of the Pandaka Lightweight Cipher, ACNS, pp. 370–385, New York, NY, USA, Jun 2015.

Fangfei Liu, Yuval Yarom, Qian Ge, Gernot Heiser, Ruby B. Lee, Last-Level Cache Side-Channel Attacks are Practical, IEEE SP, pp. 605–622, San Jose, CA, USA, May 2015.

Joop van de Pol, Nigel P. Smart, Yuval Yarom, Just a Little Bit More, CT-RSA, pp. 3–21, San Francisco, CA, USA, Apr 2015.

2014

Naomi Benger, Joop van de Pol, Nigel P. Smart, Yuval Yarom, “Ooh Aah ... Just a Little Bit”: A small amount of side channel can go a long way, CHES, pp. 73–92, Busan, Korea, Sep 2014.

Yuval Yarom and Katrina Falkner, Flush+Reload: a High Resolution, Low Noise, L3 Cache Side-Channel Attack, USENIX Security, pp. 719–732, San Diego, CA, USA, Aug 2014.

Yuval Yarom and Naomi Benger, Recovering OpenSSL ECDSA Nonces Using the Flush+Reload Cache Side-channel Attack, ePrint 2014/140, Feb 2014.

2012

Yuval Yarom, Katrina Falkner, David S. Munro, S-RVM: a Secure Design for a High-Performance Java Virtual Machine, VMIL, Tuscon, AZ, USA, Oct 2012.

2008

Henry Detmold, Anton van den Hengel, Anthony Dick, Alex Cichowski, Rhys Hill, Ekim Kocadag, Yuval Yarom, Katrina Falkner, David S. Munro, Estimating Camera Overlap in Large and Growing Networks, ICDSC, pp. 1–10, Stanford University, CA, USA, Sep 2008.

1995

Amnon Barak, Oren Laden, Yuval Yarom, The NOW MOSIX and its Preemptive Process Migration Scheme, IEEE TCOS Bulletin 7(2), 1995.

1994

Danny Dolev, Dalia Malkhi, Yuval Yarom, Warm Backup Using Snooping, SDNE, pp. 60–65, Prague, Czech Republic, Jun 1994.