Shalom and welcome!

My name is Yossi Oren.  I‘m currently a Post-Doctoral Research Scientist in the Department of Computer Science at Columbia University in the City of New York. I am a member of the Network Security Lab, led by Prof. Angelos Keromytis, and the Computer Architecture and Security Technology Lab, led by Prof. Simha Sethumadhavan. My research interests are:

  • Secure Hardware: Power analysis and other hardware attacks and countermeasures on cryptographic devices; Low-resource cryptographic constructions for lightweight computers such as RFID tags.
  • Cryptography in the real world: Consumer and voter privacy in the digital era; Web application security

I was previously a Ph.D. student at the Cryptography and Network Security Lab at Tel-Aviv University, led by Prof. Avishai Wool, and an M.Sc. Student in the Department of Computer Science and Applied Math of the Weizmann Institute of Science, where my thesis advisor was Prof. Adi Shamir.

My e-mail address is y|o|s|@c|s|.c|o|l|u|m|b|i|a|.e|d|u.
Here are the various social networks I have a profile on:


Title Presented At
*new!* The Spy in the Sandbox -- Practical Cache Attacks in Javascript arXiv preprint CoRR abs/1502.07373, 2015
Attacking the Internet using Broadcast Digital Television
ACM Transactions on Information and System Security, to appear
A New Framework for Constraint-Based Probabilistic Template Side Channel Attacks
Workshop on Cryptographic Hardware and Embedded Systems (CHES), 2014
From the Aether to the Ethernet - Attacking the Internet using Broadcast Digital Television
23rd USENIX Security Symposium, 2014
Implementing public-key cryptography on passive RFID tags is practical
International Journal of Information Security Volume 14, Issue 1 (February 2015)
A Secure Supply-Chain RFID System that Respects your Privacy
IEEE Pervasive Computing Volume 13, Issue 2 (April-June 2014)
HTML5 - is it good for your battery? (Hint: yes)
Unofficial Technical Report, 2013
Range Extension Attacks on Contactless Smart cards European Symposium on Research in Computer Security (ESORICS), 2013
On the Effectiveness of the Remanence Decay Side-Channel to Clone Memory-based PUFs Workshop on Cryptographic Hardware and Embedded Systems (CHES), 2013
Practical Template-Algebraic Side Channel Attacks with Extremely Low Data Complexity Workshop on Hardware and Architectural Support for Security and Privacy (HASP), 2013
Algebraic Side-Channel Analysis Beyond the Hamming Weight Leakage Model Workshop on Cryptographic Hardware and Embedded Systems (CHES), 2012
RFID Jamming and Attacks on Israeli e-Voting European Conference on Smart Objects, Systems and Technologies (Smart SysTech), 2012
Tolerant Algebraic Side-Channel Analysis of AES IACR Cryptology ePrint Archive, Report 2012/092, 2012
Toward Practical Public Key Anti-Counterfeiting for Low-Cost EPC Tags 5th International IEEE Conference on RFID, 2011
Algebraic Side-Channel Analysis in the Presence of Errors Workshop on Cryptographic Hardware and Embedded Systems (CHES), 2010
RFID-Based Electronic Voting: What Could Possibly Go Wrong? 4th International IEEE Conference on RFID, 2010
Relay Attacks on RFID-Based Electronic Voting Systems IACR Cryptology ePrint Archive, Report 2009/422, 2009
A Low-Resource Public-Key Identification Scheme for RFID Tags and Sensor Nodes 2nd ACM Conference on Wireless Network Security (WiSec), 2009
WIPR — Public Key Identification on Two Grains of Sand 4th Workshop on RFID Security (RFIDSec), 2008
Remote Power Analysis of RFID Tags
Master's Thesis, later posted to IACR Cryptology ePrint Archive as Report 2007/330, 2007‏
How Not to Protect PCs from Power Analysis
CRYPTO 2006 Rump Session
Remote Password Extraction from RFID Tags
IEEE Transactions on Computers Volume 56, Issue 9 (September 2007)
Legend: Journal, Peer-Reviewed Conference, Technical Report.

Other Academic Achievements

Non-academic Achievements

My primary non-academic achievements are my incredible kids Yair, Renana, Dvir and Talia Bat-Zion.

My employer for 9 years, Proxy Software Systems, went bankrupt in late 2008.  I put up a little tribute page.