eyalro.netEyal Ronen

Home Publications Talks Projects Contact Tel Aviv University Welcome! I’m a faculty member at Tel Aviv University’s School of Computer Science . My research interests are in cybersecurity and applied cryptography. I am interested in analyzing and designing real-world implementations of cryptographic and security protocols and primitives (both in software and hardware). In particular, my research spans side-channel attacks (e.g., power analysis and cache attacks), cryptographic protocols (e.g., TLS and WPA3), cryptanalysis of cryptographic primitives (e.g., AES), adversarial machine learning, IoT security, and password-based authentication. I completed my Ph.D. at the Weizmann Institute of Science , where I was fortunate to have Prof. Adi Shamir as my advisor. I was then a postdoctoral researcher at Tel Aviv University’s School of Computer Science and KU Leuven’s COSIC research group hosted by Prof. Bart Preneel . I am looking for excellent students interested in working on topics related to security and cryptography. Students Current Gal Horowitz (M.Sc.) Michal Shagam (M.Sc.) Former Daniel Katzman (M.Sc.) Alon Shakevsky (M.Sc.) Ohad Amon (M.Sc.) Shahar Paz (M.Sc.) Program Committees USENIX Security 2020-24 IEEE S&P 2023-24 ACM CCS 2022-23 WOOT 2020-21 CT-RSA 2021 SAC 2020 LatinCrypto 2019 CPS-SPC 2019 Publications Cas Cremers , , Mang Zhao . Multi-Stage Group Key Distribution and PAKEs: Securing Zoom Groups against Malicious Servers without New Security Elements . IEEE Symposium on Security & Privacy, 2024. PDF Carlos Aguilar-Melchor , Andreas Huelsing , David Joseph , Christian Majenz , , Dongze Yue . SDitH in the QROM . Asiacrypt, 2023. PDF Nina Bindel , Nicolas Gama , Sandra Guasch , . To attest or not to attest, this is the question – Provable attestation in FIDO2 . Asiacrypt, 2023. Orr Dunkelman , Nathan Keller , , Adi Shamir . Quantum Time/Memory/Data Tradeoff Attacks . Designs, Codes and Cryptography (DESI), 2023. PDF Andrew Kwong , Walter Wang , Jason Kim , Jonathan Berger , Daniel Genkin , , Hovav Shacham , Riad Wahby , Yuval Yarom . Checking Passwords on Leaky Computers: A Side Channel Analysis of Chrome’s Password Leak Detect Protocol . USENIX Security, 2023. PDF Slides Daniel Katzman , William Kosasih , Chitchanok Chuengsatiansup , , Yuval Yarom . The Gates of Time: Improving Cache Attacks with Transient Execution . USENIX Security, 2023. PDF Andreas Hülsing , Mikhail Kudinov , , Eylon Yogev . SPHINCS+C: Compressing SPHINCS+ With (Almost) No Cost . IEEE Symposium on Security & Privacy and NIST 4th PQC Standardization Conference , 2023. PDF Code Slides Video Itai Dinur , Orr Dunkelman , Nathan Keller , , Adi Shamir . Efficient Detection of High Probability Statistical Properties of Cryptosystems via Surrogate Differentiation . EuroCrypt, 2023. PDF Stephanvan Schaik , Alex Seto , Thomas Yurek , Adam Batori , Bader AlBassam , Christina Garman , Daniel Genkin , Andrew Miller , , Yuval Yarom . SoK: SGX.Fail: How Secrets Get eXtracted . Real World Crypt, 2023. PDF Cas Cremers , Charlie Jacomme , . TokenWeaver: Privacy Preserving and Post-Compromise Secure Attestation . 2022. PDF Code Cas Cremers , Moni Naor , Shahar Paz , . CHIP and CRISP: Protecting All Parties Against Compromise through Identity-Binding PAKEs . Real World Crypto and Crypto, 2022. PDF Code Alon Shakevsky , , Avishai Wool . Trust Dies in Darkness: Shedding Light on Samsung’s TrustZone Keymaster Design . Real World Crypto and USENIX Security, 2022. PDF Code Ayush Agarwal , Sioli O’Connell , Jason Kim , Shaked Yehezkel , Daniel Genkin , , Yuval Yarom . Spook.js: Attacking Chrome Strict Site Isolation via Speculative Execution . IEEE Symposium on Security & Privacy, 2022. PDF Code Nimrod Aviram , Benjamin Dowling , Ilan Komargodski , Kenneth G. Paterson , , Eylon Yogev . Practical (Post-Quantum) Key Combiners from One-Wayness and Applications to TLS . 2022. PDF Orr Dunkelman , Zeev Geyzel , Chaya Keller , Nathan Keller , , Adi Shamir , Ran J. Tessler . Error Resilient Space Partitioning . ICALP, 2021. PDF Ohad Amon , Orr Dunkelman , Nathan Keller , , Adi Shamir . Three Third Generation Attacks on the Format Preserving Encryption Scheme FF3 . Eurocrypt, 2021. PDF Code Benny Pinkas , . Hashomer - A Proposal for a Privacy-Preserving Bluetooth Based Contact Tracing Scheme for Hamagen . Real World Crypto and NDSS Corona-Def Workshop, 2021. PDF Code Mathy Vanhoef , . Dragonblood: A Security Analysis of WPA3’s SAE Handshake . Real World Crypto 2020 and IEEE Symposium on Security & Privacy, 2020. PDF Project Slides Video Shaanan Cohney , Andrew Kwong , Shachar Paz , Daniel Genkin , Nadia Heninger , , Yuval Yarom . Pseudorandom Black Swans: Cache Attacks on CTR_DRBG . Real World Crypto 2020 and IEEE Symposium on Security & Privacy, 2020. PDF Project Orr Dunkelman , Nathan Keller , , Adi Shamir . The Retracing Boomerang Attack . Eurocrypt, 2020. PDF Code Moni Naor , Benny Pinkas , . How to (not) share a password: Privacy preserving protocols for finding heavy hitters with adversarial behavior . Real World Crypto and ACM CCS, 2019. PDF Slides Video Adi Shamir , Itay Safran , , Orr Dunkelman . A Simple Explanation for the Existence of Adversarial Examples with Small Hamming Distance . 2019. PDF , Robert Gillham , Daniel Genkin , Adi Shamir , David Wong , Yuval Yarom . The 9 Lives of Bleichenbacher’s CAT: New Cache ATtacks on TLS Implementations . Real World Crypto 2020 and IEEE Symposium on Security & Privacy, 2019. PDF Project Slides Video , Kenneth G. Paterson , Adi Shamir . Pseudo Constant Time Implementations of TLS Are Only Pseudo Secure . ACM CCS, 2018. PDF Slides Achiya Bar-On , Orr Dunkelman , Nathan Keller , , Adi Shamir . Improved Key Recovery Attacks on Reduced-Round AES with Practical Data and Memory Complexities . CRYPTO, 2018. PDF Slides Video Achiya Bar-On , Itai Dinur , Orr Dunkelman , Rani Hod , Nathan Keller , , Adi Shamir . Tight Bounds on Online Checkpointing Algorithms . ICALP, 2018. PDF , Colin O’Flynn , Adi Shamir , Achi-Or Weingarten . IoT Goes Nuclear: Creating a Zigbee Chain Reaction . IEEE Security & Privacy, 2018. Project , Colin O’Flynn , Adi Shamir , Achi-Or Weingarten . IoT Goes Nuclear: Creating a ZigBee Chain Reaction . IEEE Symposium on Security and Privacy, 2017. PDF Project Slides Video , Adi Shamir . Extended Functionality Attacks on IoT Devices: The Case of Smart Lights . IEEE European Symposium on Security and Privacy, 2016. PDF Selected Talks For full talk list see Talks Dragonblood: A Security Analysis of WPA3’s SAE Handshake Jan 10, 2020 1:00 PM Real World Crypto 2020 New York, USA PDF Project Slides Video The 9 Lives of Bleichenbacher’s CAT: New Cache ATtacks on TLS Implementations Jan 8, 2020 1:00 PM Real World Crypto 2020 New York, USA PDF Project Slides Video How to (not) share a password: Privacy preserving protocols for finding heavy hitters with adversarial behavior Jan 9, 2019 1:00 PM Real World Crypto 2019 San Jose, US PDF Slides Video Pseudo Constant Time Implementations of TLS Are Only Pseudo Secure Oct 18, 2018 1:00 PM ACM CCS Toronto, Canada PDF Slides Improved Key Recovery Attacks on Reduced-Round AES with PracticalData and Memory Complexities Aug 23, 2018 1:00 PM CRYPTO Santa Barbara, US PDF Slides Video Iot Goes Nuclear: Creating a Zigbee Chain Reaction May 22, 2017 1:00 PM IEEE Symposium on Security and Privacy San Jose, United States Project Slides Video A Lightbulb Worm? (with Colin O`flyin) Aug 4, 2016 1:00 PM Black Hat Las Vegas, United States Project Video Projects Pseudorandom Black Swans: Cache Attacks on CTR_DRBG Dragonblood: A Security Analysis of WPA3’s SAE Handshake The 9 Lives of Bleichenbacher’s CAT: New Cache ATtacks on TLS Implementations IoT Goes Nuclear: Creating a ZigBee Chain Reaction Contact er [at] eyalro [dot] net [firstname] [dot] [lastname] [at] cs.tau.ac.il Tel Aviv university, Checkpoint Building, 233 © 2019 · Powered by the Academic theme for Hugo . Cite × Copy...