Shalom and welcome!
My name is Yossi Oren. I‘m a Senior Lecturer (Assistant Professor in U.S. terms) in the Department of Software and Information Systems Engineering in Ben-Gurion University. I am also a member of BGU's Cyber Security Research Center. My research interests are:
- Secure Hardware: Side channel attacks such as power analysis and other hardware attacks and countermeasures on cryptographic devices; Low-resource cryptographic constructions for lightweight computers such as RFID tags.
- Cryptography in the real world: Consumer and voter privacy in the digital era; Web application security
Here are the various social networks I have a profile on:
|*new!*Cross-Router Covert Channels||13th USENIX Workshop on Offensive Technologies (WOOT), 2019|
|Robust Website Fingerprinting Through the Cache Occupancy Channel||28th USENIX Security Symposium, 2019|
|Reverse Engineering IoT Devices: Effective Techniques and Methods||IEEE Internet of Things Journal volume 5 Issue 6 (2019)|
|Sensorless, Permissionless Information Exfiltration with Wi-Fi Micro-jamming||12th USENIX Workshop on Offensive Technologies (WOOT), 2018|
|Brief Announcement: Deriving Context for Touch Events||Second International Symposium on Cyber Security Cryptography and Machine Learning (CSCML), 2018|
|Opening Pandora's Box: Effective Techniques for Reverse Engineering IoT Devices||17th International Conference on Smart Card Research and Advanced Applications (CARDIS), 2017|
|Shattered Trust: When Replacement Smartphone Components Attack||11th USENIX Workshop on Offensive Technologies (WOOT), 2017|
|From Smashed Screens to Smashed Stacks: Attacking Mobile Phones using Malicious Aftermarket Parts||Workshop on Security for Embedded and Mobile Systems (SEMS), 2017|
|*now online!*The Curious Case of the Curious Case: Detecting touchscreen events using a smartphone protective case||Workshop on Security for Embedded and Mobile Systems (SEMS), 2017|
|How to Phone Home with Someone Else's Phone: Information Exfiltration Using Intentional Sound Noise on Gyroscopic Sensors||10th USENIX Workshop on Offensive Technologies (WOOT), 2016|
|The Remanence Decay Side-Channel: The PUF Case||IEEE Transactions on Information Forensics and Security Volume 11, Issue 6 (June 2016)|
|ANVIL: Software-Based Protection Against Next-Generation Rowhammer Attacks||21st International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), 2016|
|Side-Channel Cryptographic Attacks using pseudo-Boolean Optimization||Constraints International Journal Volume 21, Issue 4 (October 2016)|
Attacking the Internet using Broadcast Digital Television
||ACM Transactions on Information and System Security Volume 17, Issue 4 (April 2015)|
A New Framework for Constraint-Based Probabilistic Template Side Channel Attacks
||16th Workshop on Cryptographic Hardware and Embedded Systems (CHES), 2014|
From the Aether to the Ethernet - Attacking the Internet using Broadcast Digital Television
||23rd USENIX Security Symposium, 2014|
Implementing public-key cryptography on passive RFID tags is practical
||International Journal of Information Security Volume 14, Issue 1 (February 2015)|
A Secure Supply-Chain RFID System that Respects your Privacy
||IEEE Pervasive Computing Volume 13, Issue 2 (April-June 2014)|
HTML5 - is it good for your battery? (Hint: yes)
||Unofficial Technical Report, 2013|
|Range Extension Attacks on Contactless Smart cards||18th European Symposium on Research in Computer Security (ESORICS), 2013|
|On the Effectiveness of the Remanence Decay Side-Channel to Clone Memory-based PUFs||15th Workshop on Cryptographic Hardware and Embedded Systems (CHES), 2013|
|Practical Template-Algebraic Side Channel Attacks with Extremely Low Data Complexity||Workshop on Hardware and Architectural Support for Security and Privacy (HASP), 2013|
|Algebraic Side-Channel Analysis Beyond the Hamming Weight Leakage Model||14th Workshop on Cryptographic Hardware and Embedded Systems (CHES), 2012|
|RFID Jamming and Attacks on Israeli e-Voting||European Conference on Smart Objects, Systems and Technologies (Smart SysTech), 2012|
|Tolerant Algebraic Side-Channel Analysis of AES||IACR Cryptology ePrint Archive, Report 2012/092, 2012|
|Toward Practical Public Key Anti-Counterfeiting for Low-Cost EPC Tags||5th International IEEE Conference on RFID, 2011|
|Algebraic Side-Channel Analysis in the Presence of Errors||12th Workshop on Cryptographic Hardware and Embedded Systems (CHES), 2010|
|RFID-Based Electronic Voting: What Could Possibly Go Wrong?||4th International IEEE Conference on RFID, 2010|
|Relay Attacks on RFID-Based Electronic Voting Systems||IACR Cryptology ePrint Archive, Report 2009/422, 2009|
|A Low-Resource Public-Key Identification Scheme for RFID Tags and Sensor Nodes||2nd ACM Conference on Wireless Network Security (WiSec), 2009|
|WIPR — Public Key Identification on Two Grains of Sand||4th Workshop on RFID Security (RFIDSec), 2008|
Remote Power Analysis of RFID Tags
Master's Thesis, later posted to IACR Cryptology ePrint Archive as Report 2007/330, 2007
How Not to Protect PCs from Power Analysis
CRYPTO 2006 Rump Session
Remote Password Extraction from RFID
||IEEE Transactions on Computers Volume 56, Issue 9 (September 2007)|
Other Academic Achievements
- News of our attack on the Israeli e-voting system is making the news - please check out Avishai's RFID page for the latest information.
If you like security and cookies, perhaps you'd like to join us every Sunday at the Security Theater video seminar.
- Initial results regarding power analysis attacks against RFID tags were announced by Adi Shamir at the RSA Conference 2006 . Here is the official web page describing these attacks.
- You can watch an online version of a talk about action recognition which I gave together with Moshe Blank at the Advanced Topics in Computer Vision course in 2005.
- You can also see the talk about Shannon's contributions to cryptography which I gave together with Gilad Tsur at Moni Naor's Key Papers in Computer Science course in 2006.
My primary non-academic achievements are my incredible kids Yair, Renana, Dvir and Talia Bat-Zion.
My employer for 9 years, Proxy Software Systems, went bankrupt in late 2008. I put up a little tribute page.