Publications


Papers

(Within each topic, in reverse chronological order)

Cryptographically verified computation
proving correct execution of programs running on untrusted platforms

  • Eli Ben-Sasson, Iddo Ben-Tov, Alessandro Chiesa, Ariel Gabizon, Daniel Genkin, Matan Hamilis, Evgenya Pergament, Michael Riabzev, Mark Silberstein, Eran Tromer, Madars Virza,

    Computational integrity with a public random string from quasi-linear PCPs

    proc. Eurocrypt 2017, to appear.

  • Eli Ben-Sasson, Alessandro Chiesa, Eran Tromer, Madars Virza,

    Scalable zero knowledge via cycles of elliptic curves (extended version),

    Algorithmica, Springer, to appear

  • Assa Naveh, Eran Tromer,

    PhotoProof: cryptographic image authentication for any set of permissible transformations,

    proc. IEEE Symposium on Security & Privacy (Oakland) 2016, 255-271, IEEE, 2016

  • Nir Bitansky, Ran Canetti, Alessandro Chiesa, Shafi Goldwasser, Huijia Lin, Aviad Rubinstein, Eran Tromer,

    The hunting of the SNARK,

    Journal of Cryptology, Springer, to appear

  • Eli Ben-Sasson, Alessandro Chiesa, Matthew Green, Eran Tromer, Madars Virza,

    Secure sampling of public parameters for succinct zero knowledge proofs,

    proc. IEEE Symposium on Security & Privacy (Oakland) 2015, 287-304, IEEE, 2015

  • Alessandro Chiesa, Eran Tromer, Madars Virza,

    Cluster computing in zero knowledge,

    proc. Eurocrypt 2015, vol. 2, LNCS 9057, 371-403, 2015

  • Eli Ben-Sasson, Alessandro Chiesa, Eran Tromer, Madars Virza,

    Scalable zero knowledge via cycles of elliptic curves,

    proc. CRYPTO 2014, part II, LNCS 8617, 276-294, Springer, 2014

  • Eli Ben-Sasson, Alessandro Chiesa, Eran Tromer, Madars Virza,

    Succinct non-interactive zero knowledge for a von Neumann architecture,

    proc. USENIX Security 2014, 781-796, USENIX, 2014

  • Stephen Chong, Eran Tromer, Jeffrey A. Vaughan,

    Enforcing language semantics using proof-carrying data,

    preprint

  • Eli Ben-Sasson, Alessandro Chiesa, Daniel Genkin, Eran Tromer, Madars Virza,

    SNARKs for C: verifying program executions succinctly and in zero knowledge,

    proc. CRYPTO 2013, vol. 2, LNCS 8043, 90-108, Springer, 2013

  • Eli Ben-Sasson, Alessandro Chiesa, Daniel Genkin, Eran Tromer,

    On the concrete efficiency of probabilistically-checkable proofs,

    proc. Symposium on Theory of Computing (STOC) 2013, 585-594, ACM, 2013

    • [ECCC] (title: On the concrete-efficiency threshold of probabilistically-checkable proofs)
  • Nir Bitansky, Ran Canetti, Alessandro Chiesa, Eran Tromer,

    Recursive composition and bootstrapping for SNARKs and proof-carrying data,

    proc. Symposium on Theory of Computing (STOC) 2013, 111-120, ACM, 2013

  • Eli Ben-Sasson, Alessandro Chiesa, Daniel Genkin, Eran Tromer,

    Fast reductions from RAMs to delegatable succinct constraint satisfaction problems,

    proc. Innovations in Theoretical Computer Science (ITCS) 2013, 401-414, ACM, 2013

  • Alessandro Chiesa, Eran Tromer,

    Proof-carrying data: secure computation on untrusted platforms,

    The Next Wave, vol. 19 no. 2, National Security Agency, 2012

  • Nir Bitansky, Ran Canetti, Alessandro Chiesa, Eran Tromer,

    From extractable collision resistance to succinct non-interactive arguments of knowledge, and back again,

    proc. Innovations in Computer Science (ITCS) 2012, 326-349, ACM, 2012

  • Alessandro Chiesa, Eran Tromer,

    Proof-carrying data and hearsay arguments from signature cards,

    proc. Innovations in Theoretical Computer Science (ITCS) 2010, 310-331, Tsinghua University Press, 2010

Side-channel attacks
extracting secret keys by eavesdropping on program execution

  • Daniel Genkin, Lev Pachmanov, Itamar Pipman, Adi Shamir, Eran Tromer, Yuval Yarom,

    Physical key extraction attacks on PCs

    Communications of the ACM, vol. 59 no. 6, 70-79, 2016

  • Daniel Genkin, Lev Pachmanov, Itamar Pipman, Eran Tromer, Yuval Yarom,

    ECDSA key extraction from mobile devices via nonintrusive physical side channels,

  • Daniel Genkin, Lev Pachmanov, Itamar Pipman, Eran Tromer,

    ECDH key-extraction via low-bandwidth electromagnetic attacks on PCs,

    proc. RSA Conference Cryptographers' Track (CT-RSA) 2016, LNCS 9610, 219-235, Springer, 2016

  • Daniel Genkin, Lev Pachmanov, Itamar Pipman, Eran Tromer,

    Stealing keys from PCs using a radio: cheap electromagnetic attacks on windowed exponentiation,

    proc. Workshop on Cryptographic Hardware and Embedded Systems (CHES) 2015, LNCS 9293, 207--228, Springer, 2015

  • Daniel Genkin, Itamar Pipman, Eran Tromer,

    Get your hands off my laptop: physical side-channel key-extraction attacks on PCs (extended version),

    Journal of Cryptographic Engineering, vol. 5 no. 2, 95--112, 2015

  • Daniel Genkin, Itamar Pipman, Eran Tromer,

    Get your hands off my laptop: physical side-channel key-extraction attacks on PCs,

    proc. Workshop on Cryptographic Hardware and Embedded Systems (CHES) 2014, LNCS 8731, 242-260, Springer, 2014

  • Daniel Genkin, Adi Shamir, Eran Tromer,

    RSA key extraction via low-bandwidth acoustic cryptanalysis,

    proc. CRYPTO 2014, part I, LNCS 8616, 444-461, Springer, 2014

  • Eran Tromer, Dag Arne Osvik, Adi Shamir,

    Efficient cache attacks on AES, and countermeasures,

    Journal of Cryptology, vol. 23 no. 1, 37-71, Springer, 2010

  • Thomas Ristenpart, Eran Tromer, Hovav Shacham, Stefan Savage,

    Hey, you, get off of my cloud! Exploring information leakage in third-party compute clouds,

    proc. ACM Conference on Computer and Communications Security (CCS) 2009, 199-212, ACM, 2009

  • Dag Arne Osvik, Adi Shamir, Eran Tromer,

    Cache attacks and countermeasures: the case of AES,

    proc. RSA Conference Cryptographers' Track (CT-RSA) 2006, LNCS 3860, 1-20, Springer, 2006

Leakage resilience, tamper resilience and homomorphic encryption
protecting computation from leakage and corruption

  • Sebastian Faust, Tal Rabin, Leonid Reyzin, Eran Tromer, Vinod Vaikuntanathan,

    Protecting circuits from computationally bounded and noisy leakage,

    SIAM Journal on Computing (SICOMP), vol. 43 no. 5 pp. 1564-1614, 2014

  • Daniel Genkin, Yuval Ishai, Manoj M. Prabhakaran, Amit Sahai, Eran Tromer,

    Circuits resilient to additive attacks with applications to secure computation,

    proc. Symposium on Theory of Computing (STOC) 2014, 495-504, ACM, 2014

  • Adriana López-Alt, Eran Tromer, Vinod Vaikuntanathan,

    On-the-fly multiparty computation on the cloud via multikey fully homomorphic encryption,

    proc. Symposium on Theory of Computing (STOC) 2012, 1219-1234, ACM, 2012

  • Gilad Asharov, Abhishek Jain, Adriana López-Alt, Eran Tromer, Vinod Vaikuntanathan, Daniel Wichs,

    Multiparty computation with low communication, computation and interaction via threshold FHE,

    proc. Eurocrypt 2012, LNCS 7237, 483-501, 2012

  • Sebastian Faust, Tal Rabin, Leonid Reyzin, Eran Tromer, Vinod Vaikuntanathan,

    Protecting circuits from leakage: the computationally-bounded and noisy cases,

    proc. Eurocrypt 2010, LNCS 6110, 135-156, Springer, 2010

  • Boaz Barak, Ronen Shaltiel, Eran Tromer,

    True random number generators secure in a changing environment,

    proc. Workshop on Cryptographic Hardware and Embedded Systems (CHES) 2003, LNCS 2779, 166-180, Springer, 2003

Digital currency and auctions

Operating systems and communication security

  • Roei Schuster, Eran Tromer,

    DroidDisintegrator: intra-application information flow control in Android apps,

    proc. ACM Asia Conference on Computer and Communications Security (ASIACCS) 2016, 401-412, ACM, 2016

  • Almog Benin, Sivan Toledo, Eran Tromer,

    Secure association for the Internet of Things,

    proc. International Workshop on Secure Internet of Things (SIoT) 2015, 25-34, IEEE, 2015

  • Sharon Goldberg, David Xiao, Eran Tromer, Boaz Barak, Jennifer Rexford,

    Path-quality monitoring in the presence of adversaries: the secure sketch protocol,

    IEEE/ACM Transactions on Networking, vol. 23 no. 6, 1729--1741, 2015

  • Maxwell Krohn, Eran Tromer,

    Non-interference for a practical DIFC-based operating system,

    proc. IEEE Symposium on Security and Privacy (Oakland) 2009, 61-76, IEEE, 2009

  • Sharon Goldberg, David Xiao, Eran Tromer, Boaz Barak, Jennifer Rexford,

    Path-quality monitoring in the presence of adversaries,

    proc. SIGMETRICS 2008, 193-204, ACM, 2008

Cryptographic hardware and code-breaking machines

  • Eli Ben Sasson, Matan Hamilis, Mark Silberstein, Eran Tromer,

    Fast multiplication in binary fields on GPUs via register cache,

    International Conference on Supercomputing (ICS) 2016, ACM, 2016

  • Willi Geiselmann, Adi Shamir, Rainer Steinwandt, Eran Tromer,

    Fault-tolerance in hardware for sparse systems of linear equations, with applications to integer factorization,

    Chapter 8 in N. Nedjah, L. de Macedo Mourelle (Eds.), New Trends in Cryptographic Systems, Nova Science Publishers, 2006

  • Willi Geiselmann, Adi Shamir, Rainer Steinwandt, Eran Tromer,

    Scalable Hardware for Sparse Systems of Linear Equations, with Applications to Integer Factorization,

    proc. Workshop on Cryptographic Hardware and Embedded Systems (CHES) 2005, LNCS 3659, 131-146, Springer, 2005

  • Willi Geiselmann, Adi Shamir, Rainer Steinwandt, Eran Tromer,

    A systolic design for supporting Wiedemann's algorithm,

    invited paper, proc. Workshop on Special Purpose Hardware for Attacking Cryptographic Systems (SHARCS), 13-17, 2005

    • See revised CHES 2005 version above.
  • Adi Shamir, Eran Tromer,

    Special-purpose hardware for factoring: the NFS sieving step,

    proc. Workshop on Special Purpose Hardware for Attacking Cryptographic Systems (SHARCS), 1-12, 2005

  • Willi Geiselmann, Hubert Köpfer, Rainer Steinwandt, Eran Tromer,

    Improved routing-based linear algebra for the number field sieve,

    proc. International Conference on Information Technology: Coding and Computing (ITCC'05), Volume 1, 636-641, IEEE, 2005

  • Arjen K. Lenstra, Eran Tromer, Adi Shamir, Wil Kortsmit, Bruce Dodson, James Hughes, Paul Leyland,

    Factoring estimates for a 1024-bit RSA modulus, proc. Asiacrypt 2003, LNCS 2894, 331-346, Springer, 2003

  • Adi Shamir, Eran Tromer,

    On the cost of factoring RSA-1024,

    RSA CryptoBytes, vol. 6 no. 2, 10-19, 2003

  • Adi Shamir, Eran Tromer,

    Factoring large numbers with the TWIRL device,

    proc. CRYPTO 2003, LNCS 2729, 1-26, Springer, 2003

  • Arjen K. Lenstra, Adi Shamir, Jim Tomlinson, Eran Tromer,

    Analysis of Bernstein's factorization circuit,

    proc. Asiacrypt 2002, LNCS 2501, 1-26, Springer, 2002

Hash functions

  • Ronald L. Rivest, Benjamin Agre, Daniel V. Bailey, Christopher Crutchfield, Yevgeniy Dodis, Kermin Elliott Fleming, Asif Khan, Jayant Krishnamurthy, Yuncheng Lin, Leo Reyzin, Emily Shen, Jim Sukha, Drew Sutherland, Eran Tromer, Yiqun Lisa Yin,

    The MD6 hash function — a proposal to NIST for SHA-3,

    submission to the National Institute of Standards and Technology hash function competition, 2008

  • Ran Canetti, Ron Rivest, Eran Tromer,

    Comments on NIST draft requirements and criteria for hash algorithm,

    letter to the National Institute of Standards and Technology, April 2007

Theoretical computer science

  • Shai Shalev-Shwartz, Ohad Shamir, Eran Tromer,

    Using more data to speed-up training time,

    proc. International Conference on Artificial Intelligence and Statistics (AISTATS) 2012, Journal of Machine Learning Research, vol. 22, 1019-1027, Microtome Publishing, 2012

  • Moni Naor, Asaf Nussboim, Eran Tromer,

    Efficiently constructible huge graphs that preserve first order properties of random graphs,

    proc. Theory of Cryptography Conference (TCC) 2005, LNCS 3378, 66-85, Springer, 2005

Dissertation

  • Eran Tromer,

    Hardware-Based Cryptanalysis,

    Ph.D. dissertation, 2007

Presentations

(Partial)

  • Just a little of that human touch,

    Presented together with Daniel Genkin,
    CRYPTO 2014 rump session, August 2014

    • [pdf] (without the live demos)
  • Integrity in car-computing: a cryptographic vision for integrity in vehicle networks,

    Transportation CyberSecurity, Tel Aviv 2014, Feb 2014

  • C: there's a SNARK for that,

    Presenting joint work with Eli Ben-Sasson, Alessandro Chiesa, Daniel Genkin, Madars Virza,
    USENIX Security 2013 rump session, August 2013

  • The dread, deed and dream of cyber-security,

    Kavli Frontiers of Science Israeli-American Symposium, organized by the Israel Academy of Science and Humanities and U.S. National Academy of Sciences, June 2013

  • The hunting of the SNARK,

    Presenting joint work with Nir Bitansky, Ran Canetti, Alessandro Chiesa,
    CRYPTO 2011 rump session, August 2011

  • Architectural attacks and their mitigation by binary transformation,

    ACM Symposium on Operating Systems Principles (SOSP) 2009 work-in-progress session, 2009

  • Architectural side channels in cloud computing, invited talk, Crypto in the Cloud workshop, MIT, August 2009

  • Protecting circuits from computationally-bounded leakage,

    invited talk, Crypto in the Cloud workshop, MIT, August 2009

  • Cloud Computing and Virtualization panel,

    MIT CSAIL Industry Affiliates Program, MIT, May 2009

  • Cache-based side channel attacks and their implications, invited talk at the Quo Vadis Cryptography workshop, Warsaw, May 2007

  • Invited talks at Microsoft Research Summer School, Indian Institute of Science, 2006
  • Cryptanalytic applications of the PlayStation 3: the case of DES,

    SHARCS 2006 rump session, April 2006

  • Special-purpose hardware for factoring,

    invited talk at the Quo Vadis Cryptography workshop, Warsaw, May 2005

  • Other people's cache: hyper attacks on HyperThreaded processors,

    FSE 2005 rump session, February 2005

  • Full AES key extraction in 65 milliseconds using cache attacks,

    CRYPTO 2005 rump session, August 2005

  • Special-purpose hardware for factoring: the NFS sieving step,

    invited talk at SHARCS 2005, February 2005

  • Acoustic cryptanalysis: on nosy people and noisy machines, Eurocrypt 2004 rump session, May 2004

  • Hardware-based implementations of factoring algorithms,

    invited talk at ECC 2003, August 2003

Humor

  • On the design and cryptanalysis of a one-way hash, Journal of Craptology volume 5, 2008
    • Presented with Carl Ellison, Victor Miller and Rebecca Wright, CRYPTO 2007 rump session, August 2007
    • [pdf]