Shalom and welcome!
My name is Yossi Oren. I‘m a Senior Lecturer (Assistant Professor in U.S. terms) in the Department of Software and Information Systems Engineering in Ben-Gurion University. I am also a member of BGU's Cyber Security Research Center. My research interests are:
- Secure Hardware: Side channel attacks such as power analysis and other hardware attacks and countermeasures on cryptographic devices; Low-resource cryptographic constructions for lightweight computers such as RFID tags.
- Cryptography in the real world: Consumer and voter privacy in the digital era; Web application security
My research lab (and how to join it!)
Here are the various social networks I have a profile on:
-
Yossi Oren on LinkedIn
-
Yossi Oren on Twitter
-
Yossi Oren on Google+
-
Yossi Oren on Facebook (not in active use – please don't poke me with your mafia farms)
Publications
My most recent publications can be found on the lab webpage. Here are the works I published before joining BGU:
Title |
Presented At |
---|---|
All newer publications... | ... can be found on my lab webpage. |
The Remanence Decay Side-Channel: The PUF Case | IEEE Transactions on Information Forensics and Security Volume 11, Issue 6 (June 2016) |
ANVIL: Software-Based Protection Against Next-Generation Rowhammer Attacks | 21st International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), 2016 |
Side-Channel Cryptographic Attacks using pseudo-Boolean Optimization | Constraints International Journal Volume 21, Issue 4 (October 2016) |
The Spy in the Sandbox -- Practical Cache Attacks in Javascript and their Implications | 22nd ACM Conference on Computer and Communications Security (CCS), 2015 |
The Spy in the Sandbox -- Practical Cache Attacks in Javascript | arXiv preprint CoRR abs/1502.07373, 2015 |
Attacking the Internet using Broadcast Digital Television |
ACM Transactions on Information and System Security Volume 17, Issue 4 (April 2015) |
A New Framework for Constraint-Based Probabilistic Template Side Channel Attacks |
16th Workshop on Cryptographic Hardware and Embedded Systems (CHES), 2014 |
From the Aether to the Ethernet - Attacking the Internet using Broadcast Digital Television |
23rd USENIX Security Symposium, 2014 |
Implementing public-key cryptography on passive RFID tags is practical |
International Journal of Information Security Volume 14, Issue 1 (February 2015) |
A Secure Supply-Chain RFID System that Respects your Privacy |
IEEE Pervasive Computing Volume 13, Issue 2 (April-June 2014) |
HTML5 - is it good for your battery? (Hint: yes) |
Unofficial Technical Report, 2013 |
Range Extension Attacks on Contactless Smart cards | 18th European Symposium on Research in Computer Security (ESORICS), 2013 |
On the Effectiveness of the Remanence Decay Side-Channel to Clone Memory-based PUFs | 15th Workshop on Cryptographic Hardware and Embedded Systems (CHES), 2013 |
Practical Template-Algebraic Side Channel Attacks with Extremely Low Data Complexity | Workshop on Hardware and Architectural Support for Security and Privacy (HASP), 2013 |
Algebraic Side-Channel Analysis Beyond the Hamming Weight Leakage Model | 14th Workshop on Cryptographic Hardware and Embedded Systems (CHES), 2012 |
RFID Jamming and Attacks on Israeli e-Voting | European Conference on Smart Objects, Systems and Technologies (Smart SysTech), 2012 |
Tolerant Algebraic Side-Channel Analysis of AES | IACR Cryptology ePrint Archive, Report 2012/092, 2012 |
Toward Practical Public Key Anti-Counterfeiting for Low-Cost EPC Tags | 5th International IEEE Conference on RFID, 2011 |
Algebraic Side-Channel Analysis in the Presence of Errors | 12th Workshop on Cryptographic Hardware and Embedded Systems (CHES), 2010 |
RFID-Based Electronic Voting: What Could Possibly Go Wrong? | 4th International IEEE Conference on RFID, 2010 |
Relay Attacks on RFID-Based Electronic Voting Systems | IACR Cryptology ePrint Archive, Report 2009/422, 2009 |
A Low-Resource Public-Key Identification Scheme for RFID Tags and Sensor Nodes | 2nd ACM Conference on Wireless Network Security (WiSec), 2009 |
WIPR — Public Key Identification on Two Grains of Sand | 4th Workshop on RFID Security (RFIDSec), 2008 |
Remote Power Analysis of RFID Tags |
Master's Thesis, later posted to IACR Cryptology ePrint Archive as Report 2007/330, 2007 |
How Not to Protect PCs from Power Analysis |
CRYPTO 2006 Rump Session |
Remote Password Extraction from RFID
Tags
|
IEEE Transactions on Computers Volume 56, Issue 9 (September 2007) |
Other Academic Achievements
- News of our attack on the Israeli e-voting system is making the news - please check out Avishai's RFID page for the latest information.
-
If you like security and cookies, perhaps you'd like to join us every Sunday at the Security Theater video seminar.
- Initial results regarding power analysis attacks against RFID tags were announced by Adi Shamir at the RSA Conference 2006 . Here is the official web page describing these attacks.
- You can watch an online version of a talk about action recognition which I gave together with Moshe Blank at the Advanced Topics in Computer Vision course in 2005.
- You can also see the talk about Shannon's contributions to cryptography which I gave together with Gilad Tsur at Moni Naor's Key Papers in Computer Science course in 2006.
Non-academic Achievements
My primary non-academic achievements are my incredible kids Yair, Renana, Dvir and Talia Bat-Zion.

My employer for 9 years, Proxy Software Systems, went bankrupt in late 2008. I put up a little tribute page.