Publications
To Appear
Anatoly Shusterman, Zohar Avraham, Eliezer Croitoru, Yarden Haskal, Lachlan Kang, Dvir Levi, Yosef Meltser, Prateek Mittal, Yossi Oren, Yuval Yarom, Website Fingerprinting Through the Cache Occupancy Channel and its Real World Practicality, IEEE TDSC, To Appear.
Daniel Genkin, Yuval Yarom, Whack-a-Meltdown: Microarchitectural Security Games, IEEE S&P Magazine, To Appear.
2021
Stephan van Schaik, Marina Minkin, Andrew Kwong, Daniel Genkin, Yuval Yarom, CacheOut: Leaking Data on Intel CPUs via Cache Evictions, IEEE SP, Virtual, May 2021.
Madura A. Shelton, Niels Samwel, Lejla Batina, Francesco Regazzoni, Markus Wagner, Yuval Yarom, Rosita: Towards Automatic Elimination of Power-Analysis Leakage in Ciphers, NDSS, Feb 2021.
2020
Andrew Feutrill, Matthew Roughan, Yuval Yarom, Joshua Ross, A Queueing Solution to Reduce Delay in Processing of Disclosed Vulnerabilities, IEEE TPS, Dec 2020.
Diego F. Aranha, Felipe Rodrigues Novaes, Akira Takahashi, Mehdi Tibouchi, Yuval Yarom, LadderLeak: Breaking ECDSA With Less Than One Bit Of Nonce Leakage, CCS, pp. 225–242, Nov 2020.
Zhi Zhang, Yueqiang Cheng, Dongxi Liu, Surya Nepal, Zhi Wang, Yuval Yarom, PThammer: Cross-User-Kernel-Boundary Rowhammer through Implicit Accesses, MICRO, pp. 28–41, Oct 2020.
Paul Kocher, Jann Horn, Anders Fogh, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, Yuval Yarom, Spectre Attacks: Exploiting Speculative Execution, Communications of the ACM 63(7), pp. 93–101, Jul 2020.
Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Jann Horn, Stefan Mangard, Paul Kocher, Daniel Genkin, Yuval Yarom, Mike Hamburg, Raoul Strackx, Meltdown: Reading Kernel Memory from User Space, Communications of the ACM 63(6), pp. 45–56, Jun 2020.
Shaanan Cohney, Andrew Kwong, Shachar Paz, Daniel Genkin, Nadia Heninger, Eyal Ronen, Yuval Yarom, Pseudorandom Black Swans: Cache Attacks on CTR_DRBG, IEEE SP, pp. 875–892, May 2020.
Andrew Kwong, Daniel Genkin, Daniel Gruss, Yuval Yarom, RAMBleed: Reading Bits in Memory Without Accessing Them, IEEE SP, pp. 310–326, May 2020.
Jo Van Bulck, Daniel Moghimi, Michael Schwarz, Moritz Lipp, Marina Minkin, Daniel Genkin, Yuval Yarom, Berk Sunar, Daniel Gruss, Frank Piessens, LVI: Hijacking Transient Execution through Microarchitectural Load Value Injection, IEEE SP, pp. 1452–1470, May 2020.
Michelle McClintock, Katrina Falkner, Claudia Szabo, Yuval Yarom, Enterprise Security Architecture: Mythology or Methodology?, ICEIS, pp. 679–689, May 2020. Best student paper award.
2019
Daniel Genkin, Romain Poussier, Rui Qi Sim, Yuval Yarom, Yuanjing Zhao, Cache vs. Key-Dependency: Side Channeling an Implementation of Pilsung, TCHES 2020(1), pp. 231–255, Nov 2019.
Claudio Canella, Daniel Genkin, Lukas Giner, Daniel Gruss, Moritz Lipp, Marina Minkin, Daniel Moghimi, Frank Piessens, Michael Schwarz, Berk Sunar, Jo Van Bulck, Yuval Yarom, Fallout: Leaking Data on Meltdown-resistant CPUs, CCS, pp. 769–784, London, United Kingdom, Nov 2019.
Anatoly Shusterman, Lachlan Kang, Yarden Haskal, Yosef Meltser, Prateek Mittal, Yossi Oren, Yuval Yarom, Robust Website Fingerprinting Through the Cache Occupancy Channel, USENIX Security, pp. 639–656, Santa Clara, CA, USA, Aug 2019.
Eyal Ronen, Robert Gillham, Daniel Genkin, Adi Shamir, David Wong, Yuval Yarom, The 9 Lives of Bleichenbacher's CAT: New Cache ATtacks on TLS Implementations, IEEE SP, pp. 966–983, San Francisco, CA, USA, May 2019.
Paul Kocher, Jann Horn, Anders Fogh, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, Yuval Yarom, Spectre Attacks: Exploiting Speculative Execution, IEEE SP, pp. 19–37, San Francisco, CA, USA, May 2019. Distinguished paper award.
Jo Van Bulck, Marina Minkin, Ofir Weisse, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Thomas F. Wenisch, Yuval Yarom, Raoul Strackx, Breaking Virtual Memory Protection and the SGX Ecosystem with Foreshadow, IEEE Micro 39(3), pp. 66–74, May 2019.
Qian Ge, Yuval Yarom, Tom Chothia, Gernot Heiser, Time Protection: the Missing OS Abstraction, EuroSys, pp. 1:1–1:17, Dresden, Germany, Mar 2019. Best paper award.
2018
Andrew Feutrill, Dinesha Ranathunga, Yuval Yarom, Matthew Roughan, The Effect of Common Vulnerability Scoring System Metrics on Vulnerability Exploit Delay, CANDAR, Hida Takayama, Japan, Nov 2018.
Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Anders Fogh, Jann Horn, Stefan Mangard, Paul Kocher, Daniel Genkin, Yuval Yarom, Mike Hamburg, Meltdown: Reading Kernel Memory from User Space, USENIX Security, pp. 973–990, Baltimore, MD, USA, Aug 2018. NSA Best Scientific Cybersecurity Paper Honorable Mention.
Jo Van Bulck, Marina Minkin, Ofir Weisse, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Thomas F. Wenisch, Yuval Yarom, Raoul Strackx, Foreshadow: Extracting the Keys to the IntelSGX Kingdom with Transient Out-of-Order Execution, USENIX Security, pp. 991–1008, Baltimore, MD, USA, Aug 2018. IEEE Micro Top Pick.
Qian Ge, Yuval Yarom, Gernot Heiser, No Security Without Time protection: We Need a New hardware Software Contract, APSys, Jeju Island, Korea, Aug 2018. Best paper award.
Daniel Genkin, Lev Pachmanov, Eran Tromer, Yuval Yarom, Drive-by Key-Extraction Cache Attacks from Portable Code, ACNS, pp. 83–102, Leuven, Belgium, Jul 2018.
Daniel Gruss, Moritz Lipp, Michael Schwarz, Daniel Genkin, Jonas Juffinger, Sioli O'Connell, Wolfgang Schoechl, Yuval Yarom, Another Flip in the Wall of Rowhammer Defenses, IEEE SP, pp. 489–505, San Francisco, CA, USA, May 2018.
Fergus Dall, Gabrielle De Micheli, Thomas Eisenbarth, Daniel Genkin, Nadia Heninger, Ahmad Moghimi, Yuval Yarom, CacheQuote: Efficiently Recovering Long-term Secrets of SGX EPID via Cache Attacks, TCHES 2018(2), pp. 171–191, May 2018.
Qian Ge, Yuval Yarom, David Cock, Gernot Heiser, A Survey of Microarchitectural Timing Attacks and Countermeasures on Contemporary Hardware, JCEN 8(1), pp. 1–27, Apr 2018.
2017
Daniel Genkin, Luke Valenta, Yuval Yarom, May the Fourth Be With You: A Microarchitectural Side Channel Attack on Several Real-World Applications of Curve25519, CCS, pp. 845–858, Dallas, TX, US, Oct 2017.
Peter Pessl, Leon Groot Bruinderink, Yuval Yarom, To BLISS-B or not to be — Attacking StrongSwan's Implementation of Post-Quantum Signatures, CCS, pp. 1843–1855, Dallas, TX, USA, Oct 2017.
Daniel J. Bernstein, Joachim Breitner, Daniel Genkin, Leon Groot Bruinderink, Nadia Heninger, Tanja Lange, Christine van Vredendaal, Yuval Yarom, Sliding Right Into Disaster: Left-to-Right Sliding Windows Leak, CHES, pp. 555–576, Taipei, Taiwan, Sep 2017.
Yang Su, Daniel Genkin, Damith C. Ranasinghe, Yuval Yarom, USB Snooping Made Easy: Crosstalk Leakage Attacks on USB Hubs, USENIX Security, pp. 1145–1161, Vancouver, BC, Canada, Aug 2017.
Yuval Yarom, Daniel Genkin, Nadia Heninger, CacheBleed: A Timing Attack on OpenSSL Constant Time RSA, JCEN 7(2), pp. 99–112, Jun 2017.
Paul Grubbs, Thomas Ristenpart, Yuval Yarom, Modifying an Enciphering Scheme after Deployment, EuroCrypt, pp. 499–527, Paris, France, Apr 2017.
Mike J. Wilkinson, Claudia Szabo, Caroline S. Ford, Yuval Yarom, Adam E. Croxford, Amanda Camp, Paul Gooding, Replacing Sanger with Next Generation Sequencing to improve coverage and quality of reference DNA barcodes for plants, Scientific Reports 7(46040), Apr 2017.
2016
Thomas Allan, Billy Bob Brumley, Katrina Falkner, Joop van de Pol, Yuval Yarom, Amplifying Side Channels Through Performance Degradation, ACSAC, pp. 422–435, Los Angeles, CA, USA, Dec 2016.
César Pereida García, Billy Bob Brumley, Yuval Yarom, “Make Sure DSA Signing Exponentiations Really are Constant-Time”, CCS, pp. 1639–1650, Vienna, Austria, Oct 2016.
Daniel Genkin, Lev Pachmanov, Itamar Pipman, Eran Tromer, Yuval Yarom, ECDSA Key Extraction from Mobile Devices via Nonintrusive Physical Side Channels, CCS, pp. 1626–1638, Vienna, Austria, Oct 2016.
Yuval Yarom, Daniel Genkin, Nadia Heninger, CacheBleed: A Timing Attack on OpenSSL Constant Time RSA, CHES, pp. 346–367, Santa Barbabra, CA, US, Aug 2016.
Leon Groot Bruinderink, Andreas Hülsing, Tanja Lange, Yuval Yarom, Flush, Gauss, and Reload — A Cache Attack on the BLISS Lattice-Based Signature Scheme, CHES, pp. 323–345, Santa Barbabra, CA, USA, Aug 2016.
Fangfei Liu, Qian Ge, Yuval Yarom, Frank Mckeen, Carlos Rozas, Gernot Heiser, Ruby B. Lee, CATalyst: Defeating Last-Level Cache Side Channel Attacks in Cloud Computing, HPCA, pp. 406–418, Barcelona, Spain, Mar 2016.
2015
Gefei Li, Yuval Yarom, Damith C. Ranasinghe, Exploiting Transformations of the Galois Configuration to Improve Guess-and-Determine Attacks on NFSRs, ePrint 2015/1045, Oct 2015.
Yuval Yarom, Qian Ge, Fangfei Liu, Ruby B. Lee, Gernot Heiser, Mapping the Intel Last-Level Cache, ePrint 2015/905, Sep 2015.
Yuval Yarom, Gefei Li, Damith C. Ranasinghe, Evaluation and Cryptanalysis of the Pandaka Lightweight Cipher, ACNS, pp. 370–385, New York, NY, USA, Jun 2015.
Fangfei Liu, Yuval Yarom, Qian Ge, Gernot Heiser, Ruby B. Lee, Last-Level Cache Side-Channel Attacks are Practical, IEEE SP, pp. 605–622, San Jose, CA, USA, May 2015.
Joop van de Pol, Nigel P. Smart, Yuval Yarom, Just a Little Bit More, CT-RSA, pp. 3–21, San Francisco, CA, USA, Apr 2015.
2014
Naomi Benger, Joop van de Pol, Nigel P. Smart, Yuval Yarom, “Ooh Aah ... Just a Little Bit”: A Small Amount of Side Channel can go a Long Way, CHES, pp. 73–92, Busan, Korea, Sep 2014.
Yuval Yarom, Katrina Falkner, Flush+Reload: a High Resolution, Low Noise, L3 Cache Side-Channel Attack, USENIX Security, pp. 719–732, San Diego, CA, USA, Aug 2014.
Yuval Yarom, Naomi Benger, Recovering OpenSSL ECDSA Nonces Using the Flush+Reload Cache Side-channel Attack, ePrint 2014/140, Feb 2014.
2012
Yuval Yarom, Katrina Falkner, David S. Munro, S-RVM: a Secure Design for a High-Performance Java Virtual Machine, VMIL, Tuscon, AZ, USA, Oct 2012.
2008
Henry Detmold, Anton van den Hengel, Anthony Dick, Alex Cichowski, Rhys Hill, Ekim Kocadag, Yuval Yarom, Katrina Falkner, David S. Munro, Estimating Camera Overlap in Large and Growing Networks, ICDSC, pp. 1–10, Stanford University, CA, USA, Sep 2008.
1995
Amnon Barak, Oren Laden, Yuval Yarom, The NOW MOSIX and its Preemptive Process Migration Scheme, IEEE TCOS Bulletin 7(2), 1995.
1994
Danny Dolev, Dalia Malkhi, Yuval Yarom, Warm Backup Using Snooping, SDNE, pp. 60–65, Prague, Czech Republic, Jun 1994.