Shalom and welcome!

My name is Yossi Oren.  I‘m a Senior Lecturer (Assistant Professor in U.S. terms) in the Department of Software and Information Systems Engineering in Ben-Gurion University. I am also a member of BGU's Cyber Security Research Center. My research interests are:

  • Secure Hardware: Power analysis and other hardware attacks and countermeasures on cryptographic devices; Low-resource cryptographic constructions for lightweight computers such as RFID tags.
  • Cryptography in the real world: Consumer and voter privacy in the digital era; Web application security

My research lab (and how to join it!)


Here are the various social networks I have a profile on:

Publications

Title Presented At
*now online!*How to Phone Home with Someone Else's Phone: Information Exfiltration Using Intentional Sound Noise on Gyroscopic Sensors 10th USENIX Workshop on Offensive Technologies (WOOT), 2016
The Remanence Decay Side-Channel: The PUF Case IEEE Transactions on Information Forensics and Security Volume 11, Issue 6 (June 2016)
ANVIL: Software-Based Protection Against Next-Generation Rowhammer Attacks 21st International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), 2016
Side-Channel Cryptographic Attacks using pseudo-Boolean Optimization Constraints International Journal, 2016 (to appear)
The Spy in the Sandbox -- Practical Cache Attacks in Javascript and their Implications 22nd ACM Conference on Computer and Communications Security (CCS), 2015
The Spy in the Sandbox -- Practical Cache Attacks in Javascript arXiv preprint CoRR abs/1502.07373, 2015
Attacking the Internet using Broadcast Digital Television
ACM Transactions on Information and System Security Volume 17, Issue 4 (April 2015)
A New Framework for Constraint-Based Probabilistic Template Side Channel Attacks
16th Workshop on Cryptographic Hardware and Embedded Systems (CHES), 2014
From the Aether to the Ethernet - Attacking the Internet using Broadcast Digital Television
23rd USENIX Security Symposium, 2014
Implementing public-key cryptography on passive RFID tags is practical
International Journal of Information Security Volume 14, Issue 1 (February 2015)
A Secure Supply-Chain RFID System that Respects your Privacy
IEEE Pervasive Computing Volume 13, Issue 2 (April-June 2014)
HTML5 - is it good for your battery? (Hint: yes)
Unofficial Technical Report, 2013
Range Extension Attacks on Contactless Smart cards 18th European Symposium on Research in Computer Security (ESORICS), 2013
On the Effectiveness of the Remanence Decay Side-Channel to Clone Memory-based PUFs 15th Workshop on Cryptographic Hardware and Embedded Systems (CHES), 2013
Practical Template-Algebraic Side Channel Attacks with Extremely Low Data Complexity Workshop on Hardware and Architectural Support for Security and Privacy (HASP), 2013
Algebraic Side-Channel Analysis Beyond the Hamming Weight Leakage Model 14th Workshop on Cryptographic Hardware and Embedded Systems (CHES), 2012
RFID Jamming and Attacks on Israeli e-Voting European Conference on Smart Objects, Systems and Technologies (Smart SysTech), 2012
Tolerant Algebraic Side-Channel Analysis of AES IACR Cryptology ePrint Archive, Report 2012/092, 2012
Toward Practical Public Key Anti-Counterfeiting for Low-Cost EPC Tags 5th International IEEE Conference on RFID, 2011
Algebraic Side-Channel Analysis in the Presence of Errors 12th Workshop on Cryptographic Hardware and Embedded Systems (CHES), 2010
RFID-Based Electronic Voting: What Could Possibly Go Wrong? 4th International IEEE Conference on RFID, 2010
Relay Attacks on RFID-Based Electronic Voting Systems IACR Cryptology ePrint Archive, Report 2009/422, 2009
A Low-Resource Public-Key Identification Scheme for RFID Tags and Sensor Nodes 2nd ACM Conference on Wireless Network Security (WiSec), 2009
WIPR — Public Key Identification on Two Grains of Sand 4th Workshop on RFID Security (RFIDSec), 2008
Remote Power Analysis of RFID Tags
Master's Thesis, later posted to IACR Cryptology ePrint Archive as Report 2007/330, 2007‏
How Not to Protect PCs from Power Analysis
CRYPTO 2006 Rump Session
Remote Password Extraction from RFID Tags
IEEE Transactions on Computers Volume 56, Issue 9 (September 2007)
Legend: Journal, Peer-Reviewed Conference, Technical Report.


Other Academic Achievements

Non-academic Achievements

My primary non-academic achievements are my incredible kids Yair, Renana, Dvir and Talia Bat-Zion.

Yossi Oren's Family


My employer for 9 years, Proxy Software Systems, went bankrupt in late 2008.  I put up a little tribute page.