Shalom and welcome!
My name is Yossi Oren. I‘m currently a Post-Doctoral Research Scientist in the Department of Computer Science at Columbia University in the City of New York. I am a member of the Network Security Lab, led by Prof. Angelos Keromytis, and the Computer Architecture and Security Technology Lab, led by Prof. Simha Sethumadhavan. My research interests are:
- Secure Hardware: Power analysis and other hardware attacks and countermeasures on cryptographic devices; Low-resource cryptographic constructions for lightweight computers such as RFID tags.
- Cryptography in the real world: Consumer and voter privacy in the digital era; Web application security
I was previously a Ph.D. student at the Cryptography and Network Security Lab at Tel-Aviv University, led by Prof. Avishai Wool, and an M.Sc. Student in the Department of Computer Science and Applied Math of the Weizmann Institute of Science, where my thesis advisor was Prof. Adi Shamir.My e-mail address is y|o|s|@c|s|.c|o|l|u|m|b|i|a|.e|d|u.
Here are the various social networks I have a profile on:
*new!* Attacking the Internet using Broadcast Digital Television
||ACM Transactions on Information and System Security, to appear|
A New Framework for Constraint-Based Probabilistic Template Side Channel Attacks
||Workshop on Cryptographic Hardware and Embedded Systems (CHES), 2014||
From the Aether to the Ethernet - Attacking the Internet using Broadcast Digital Television
||23rd USENIX Security Symposium, 2014|
Implementing public-key cryptography on passive RFID tags is practical
||International Journal of Information Security Volume 14, Issue 1 (February 2015)|
A Secure Supply-Chain RFID System that Respects your Privacy
||IEEE Pervasive Computing Volume 13, Issue 2 (April-June 2014)|
HTML5 - is it good for your battery? (Hint: yes)
||Unofficial Technical Report, 2013|
|Range Extension Attacks on Contactless Smart cards||European Symposium on Research in Computer Security (ESORICS), 2013|
|On the Effectiveness of the Remanence Decay Side-Channel to Clone Memory-based PUFs||Workshop on Cryptographic Hardware and Embedded Systems (CHES), 2013|
|Practical Template-Algebraic Side Channel Attacks with Extremely Low Data Complexity||Workshop on Hardware and Architectural Support for Security and Privacy (HASP), 2013|
|Algebraic Side-Channel Analysis Beyond the Hamming Weight Leakage Model||Workshop on Cryptographic Hardware and Embedded Systems (CHES), 2012|
|RFID Jamming and Attacks on Israeli e-Voting||European Conference on Smart Objects, Systems and Technologies (Smart SysTech), 2012|
|Tolerant Algebraic Side-Channel Analysis of AES||IACR Cryptology ePrint Archive, Report 2012/092, 2012|
|Toward Practical Public Key Anti-Counterfeiting for Low-Cost EPC Tags||5th International IEEE Conference on RFID, 2011|
|Algebraic Side-Channel Analysis in the Presence of Errors||Workshop on Cryptographic Hardware and Embedded Systems (CHES), 2010|
|RFID-Based Electronic Voting: What Could Possibly Go Wrong?||4th International IEEE Conference on RFID, 2010|
|Relay Attacks on RFID-Based Electronic Voting Systems||IACR Cryptology ePrint Archive, Report 2009/422, 2009|
|A Low-Resource Public-Key Identification Scheme for RFID Tags and Sensor Nodes||2nd ACM Conference on Wireless Network Security (WiSec), 2009|
|WIPR — Public Key Identification on Two Grains of Sand||4th Workshop on RFID Security (RFIDSec), 2008|
Remote Power Analysis of RFID Tags
Master's Thesis, later posted to IACR Cryptology ePrint Archive as Report 2007/330, 2007
How Not to Protect PCs from Power Analysis
CRYPTO 2006 Rump Session
Remote Password Extraction from RFID
||IEEE Transactions on Computers Volume 56, Issue 9 (September 2007)|
Other Academic Achievements
- News of our attack on the Israeli e-voting system is making the news - please check out Avishai's RFID page for the latest information.
- If you like security and cookies, perhaps you'd like to join us every Sunday
at the Security Theater
- Initial results regarding power analysis attacks against RFID tags were announced by Adi Shamir at the RSA Conference 2006. Here is the official web page describing these attacks.
- You can watch an online version of a talk about action recognition which I gave together with Moshe Blank at the Advanced Topics in Computer Vision course in 2005.
- You can also see the talk about Shannon's contributions to cryptography which I gave together with Gilad Tsur at Moni Naor's Key Papers in Computer Science course in 2006.
My primary non-academic achievements are my incredible kids Yair, Renana, Dvir and Talia Bat-Zion.
My employer for 9 years, Proxy Software Systems, went
bankrupt in late 2008. I put up a little tribute page.