Yuval Yarom --- Publications

Submission History

View publications: by year; by type;

2021 decisions

Asiacrypt 2021	Reject	—Redacted—
CCS 2021	Revision	Rosita++: Automatic Higher-Order Leakage Elimination from Cryptographic Code
CCS 2021	Accept	Rosita++: Automatic Higher-Order Leakage Elimination from Cryptographic Code
CFAIL 2021	Accept	Row, Row, Row Your Boat: How to Not Find Weak Keys in Pilsung
CHES 2021	Reject	—Redacted—
Euro S&P 2021	Accept	Nonce@Once: A Single-Trace EM Side Channel Attack on Several Constant-Time Elliptic Curve Implementations in Mobile Platforms
IEEE Micro	Reject	—Redacted—
IEEE SP 2022	Revision	—Redacted—
IEEE SP 2022	Accept	Spook.js: Attacking Chrome Strict Site Isolation via Speculative Execution
USENIX Sec 2021	Reject	—Redacted—

2020 decisions

ACSAC 2020	Reject	A Queueing Solution to Reduce Delay in Processing of Disclosed Vulnerabilities
CCS 2020	Reject	Nonce@Once: A Single-Trace EM Side Channel Attack on Several Constant-Time Elliptic Curve Implementations in Mobile Platforms
CCS 2020	Accept	LadderLeak: Breaking ECDSA With Less Than One Bit Of Nonce Leakage
ICEIS 2020	Accept	Enterprise Security Architecture: Mythology or Methodology?
IEEE SP 2020	Reject	Rosita: Towards Automatic Elimination of Power-Analysis Leakage in Ciphers
IEEE SP 2021	Reject	—Redacted—
IEEE SP 2021	Accept	CacheOut: Leaking Data on Intel CPUs via Cache Evictions
IEEE SP 2021	Reject	—Redacted—
IEEE TDSC	Revision	Website Fingerprinting Through the Cache Occupancy Channel and its Real World Practicality
IEEE TDSC	Reject	A Queueing Solution to Reduce Delay in Processing of Disclosed Vulnerabilities
IEEE TDSC	Accept	Website Fingerprinting Through the Cache Occupancy Channel and its Real World Practicality
LNBIP EIS	Accept	Security Architecture Framework for Enterprises
MICRO 2020	Accept	PThammer: Cross-User-Kernel-Boundary Rowhammer through Implicit Accesses
NDSS 2021	Reject	CacheOut: Leaking Data on Intel CPUs via Cache Evictions
NDSS 2021	Revision	Rosita: Towards Automatic Elimination of Power-Analysis Leakage in Ciphers
NDSS 2021	Reject	Nonce@Once: A Single-Trace EM Side Channel Attack on Several Constant-Time Elliptic Curve Implementations in Mobile Platforms
NDSS 2021	Accept	Rosita: Towards Automatic Elimination of Power-Analysis Leakage in Ciphers
RAID 2020	Reject	A Queueing Solution to Reduce Delay in Processing of Disclosed Vulnerabilities
S&P Mag.	Accept	Whack-a-Meltdown: Microarchitectural Security Games
SSR 2020	Reject	A Queueing Solution to Reduce Delay in Processing of Disclosed Vulnerabilities
TPS-ISA 2020	Accept	A Queueing Solution to Reduce Delay in Processing of Disclosed Vulnerabilities
USENIX Sec 2020	Reject	CacheOut: Leaking Data on Intel CPUs via Cache Evictions
USENIX Sec 2020	Revision	Prime+Probe 1, JavaScript 0: Overcoming Browser-based Side-Channel Defenses
USENIX Sec 2021	Accept	Prime+Probe 1, JavaScript 0: Overcoming Browser-based Side-Channel Defenses

2019 decisions

ACIS 2019	Reject	Enterprise Security Architecture: Mythology or Methodology?
CACM	Revision	Meltdown: Reading Kernel Memory from User Space
CACM	Accept	Meltdown: Reading Kernel Memory from User Space
CACM	Accept	Spectre Attacks: Exploiting Speculative Execution
CCS 2019	Reject	—Redacted—
CCS 2019	Revision	Fallout: Leaking Data on Meltdown-resistant CPUs
CCS 2019	Accept	Fallout: Leaking Data on Meltdown-resistant CPUs
IEEE Micro	Accept	Breaking Virtual Memory Protection and the SGX Ecosystem with Foreshadow
IEEE SP 2020	Accept	RAMBleed: Reading Bits in Memory Without Accessing Them
IEEE SP 2020	Accept	Pseudorandom Black Swans: Cache Attacks on CTR_DRBG
IEEE SP 2020	Accept	LVI: Hijacking Transient Execution through Microarchitectural Load Value Injection
USENIX Sec 2019	Accept	Robust Website Fingerprinting Through the Cache Occupancy Channel
USENIX Sec 2019	Reject	Nonce@Once: A Single-Trace EM Side Channel Attack on Several Constant-Time Elliptic Curve Implementations in Mobile Platforms

2018 decisions

ACNS 2018	Accept	Drive-by Key-Extraction Cache Attacks from Portable Code
APSys 2018	Accept	No Security Without Time protection: We Need a New hardware Software Contract
ATC 2018	Reject	No Security Without Time protection: We Need a New hardware Software Contract
CANDAR 2018	Accept	The Effect of Common Vulnerability Scoring System Metrics on Vulnerability Exploit Delay
CCS 2018	Reject	Robust Website Fingerprinting Through the Cache Occupancy Channel
ECIS 2018	Reject	Enterprise Security Architecture: Mythology or Methodology?
EuroSys 2019	Accept	Time Protection: the Missing OS Abstraction
IEEE SP 2018	Accept	Another Flip in the Wall of Rowhammer Defenses
IEEE SP 2019	Accept	Spectre Attacks: Exploiting Speculative Execution
IEEE SP 2019	Accept	The 9 Lives of Bleichenbacher's CAT: New Cache ATtacks on TLS Implementations
NDSS 2019	Reject	Robust Website Fingerprinting Through the Cache Occupancy Channel
TCHES	Accept	CacheQuote: Efficiently Recovering Long-term Secrets of SGX EPID via Cache Attacks
USENIX Sec 2018	Accept	Meltdown: Reading Kernel Memory from User Space

2017 decisions

ASPLOS 2018	Reject	No Security Without Time protection: We Need a New hardware Software Contract
CCS 2017	Accept	May the Fourth Be With You: A Microarchitectural Side Channel Attack on Several Real-World Applications of Curve25519
CCS 2017	Accept	To BLISS-B or not to be — Attacking StrongSwan's Implementation of Post-Quantum Signatures
CCS 2017	Reject	Drive-by Key-Extraction Cache Attacks from Portable Code
CHES 2017	Accept	Sliding Right Into Disaster: Left-to-Right Sliding Windows Leak
Euro S&P 2018	Reject	Drive-by Key-Extraction Cache Attacks from Portable Code
Eurocrypt 2017	Accept	Modifying an Enciphering Scheme after Deployment
IEEE SP 2017	Reject	No Security Without Time protection: We Need a New hardware Software Contract
IEEE SP 2018	Revision	Another Flip in the Wall of Rowhammer Defenses
JCEN	Revision	CacheBleed: A Timing Attack on OpenSSL Constant Time RSA
JCEN	Accept	CacheBleed: A Timing Attack on OpenSSL Constant Time RSA
SOSP 2017	Reject	Time Protection: the Missing OS Abstraction
Scientific Reports	Revision	Replacing Sanger with Next Generation Sequencing to improve coverage and quality of reference DNA barcodes for plants
Scientific Reports	Accept	Replacing Sanger with Next Generation Sequencing to improve coverage and quality of reference DNA barcodes for plants
Security and Privacy	Reject	—Redacted—
USENIX Sec 2017	Accept	USB Snooping Made Easy: Crosstalk Leakage Attacks on USB Hubs
USENIX Sec 2017	Reject	No Security Without Time protection: We Need a New hardware Software Contract

2016 decisions

ACIS 2016	Reject	Enterprise Security Architecture: Mythology or Methodology?
ACSAC 2016	Accept	Amplifying Side Channels Through Performance Degradation
Asiacrypt 2016	Reject	Modifying an Enciphering Scheme after Deployment
CCS 2016	Accept	“Make Sure DSA Signing Exponentiations Really are Constant-Time”
CCS 2016	Accept	ECDSA Key Extraction from Mobile Devices via Nonintrusive Physical Side Channels
CHES 2016	Accept	CacheBleed: A Timing Attack on OpenSSL Constant Time RSA
CHES 2016	Accept	Flush, Gauss, and Reload — A Cache Attack on the BLISS Lattice-Based Signature Scheme
CHES 2016	Reject	ECDSA Key Extraction from Mobile Devices via Nonintrusive Physical Side Channels
COMIND	Reject	Enterprise Security Architecture: Mythology or Methodology?
CRYPTO 2016	Reject	Modifying an Enciphering Scheme after Deployment
Eurocrypt 2016	Reject	Exploiting Transformations of the Galois Configuration to Improve Guess-and-Determine Attacks on NFSRs
IEEE SP 2016	Reject	Enterprise Security Architecture: Mythology or Methodology?
IEEE SP 2016	Reject	Amplifying Side Channels Through Performance Degradation
IJIS	Reject	—Redacted—
JCEN	Revision	A Survey of Microarchitectural Timing Attacks and Countermeasures on Contemporary Hardware
JCEN	Accept	A Survey of Microarchitectural Timing Attacks and Countermeasures on Contemporary Hardware
NDSS 2017	Reject	USB Snooping Made Easy: Crosstalk Leakage Attacks on USB Hubs
Nature	Reject	Replacing Sanger with Next Generation Sequencing to improve coverage and quality of reference DNA barcodes for plants
Nature Communications	Reject	Replacing Sanger with Next Generation Sequencing to improve coverage and quality of reference DNA barcodes for plants
Nature Plants	Reject	Replacing Sanger with Next Generation Sequencing to improve coverage and quality of reference DNA barcodes for plants
PNAS	Reject	Replacing Sanger with Next Generation Sequencing to improve coverage and quality of reference DNA barcodes for plants
TISSEC	Reject	—Redacted—
USENIX Sec 2016	Reject	Amplifying Side Channels Through Performance Degradation

2015 decisions

ACNS 2015	Accept	Evaluation and Cryptanalysis of the Pandaka Lightweight Cipher
CT-RSA 2015	Accept	Just a Little Bit More
HPCA 2016	Accept	CATalyst: Defeating Last-Level Cache Side Channel Attacks in Cloud Computing
IEEE SP 2015	Accept	Last-Level Cache Side-Channel Attacks are Practical
IEEE SP 2015	Reject	A Survey of Microarchitectural Timing Attacks and Countermeasures on Contemporary Hardware

2014 decisions

Asiacrypt 2014	Reject	Just a Little Bit More
CHES 2014	Accept	“Ooh Aah ... Just a Little Bit”: A Small Amount of Side Channel can go a Long Way
IEEE SP 2014	Reject	Flush+Reload: a High Resolution, Low Noise, L3 Cache Side-Channel Attack
USENIX Sec 2014	Accept	Flush+Reload: a High Resolution, Low Noise, L3 Cache Side-Channel Attack

2013 decisions

NDSS 2014

Reject

Flush+Reload: a High Resolution, Low Noise, L3 Cache Side-Channel Attack

2012 decisions

OOPSLA 2012	Reject	S-RVM: a Secure Design for a High-Performance Java Virtual Machine
VMIL 2012	Accept	S-RVM: a Secure Design for a High-Performance Java Virtual Machine

2011 decisions

APSys 2011

Reject

S-RVM: a Secure Design for a High-Performance Java Virtual Machine

2008 decisions

ICDSC 2008

Estimating Camera Overlap in Large and Growing Networks