**Hovav Shacham** ![ ](hovav-bessell.jpg width="240px") Professor,
[Department of Computer Science](https://www.cs.utexas.edu/),
[The University of Texas at Austin](https://www.utexas.edu/). E-mail: : hovav@cs.utexas.edu Address: : 2317 Speedway, Stop D9500
Austin, TX 78712 Office: : GDC 6.510 Phone: : (512) 471-9792 Professional activities ======================================================================== Before retiring from program chairing, I was co-program chair (with [Alexandra Boldyreva](https://www.cc.gatech.edu/~aboldyre/)) of [Crypto 2018](https://crypto.iacr.org/2018/), co-program chair (with [Jonathan Katz](https://www.cs.umd.edu/~jkatz/)) of [Crypto 2017](https://www.iacr.org/conferences/crypto2017/), co-program chair (with [Christopher Kruegel](https://www.cs.ucsb.edu/~chris/)) of [IEEE Security and Privacy ("Oakland") 2019](https://www.ieee-security.org/TC/SP2019/), and co-program chair (with [Alina Oprea](https://www.ccs.neu.edu/home/alina/)) of [IEEE Security and Privacy ("Oakland") 2020](https://www.ieee-security.org/TC/SP2020/). In November, 2020, I joined 58 other election security experts in stating that there is "no credible evidence of computer fraud in the 2020 election outcome." Read [our statement](dist/election-statement.pdf) and [Nicole Perlroth's article about it](https://www.nytimes.com/2020/11/16/business/election-security-letter-trump.html). In February, 2016, I submitted, along with other security researchers, a [brief of _amici curiae_](https://www.courtlistener.com/docket/4154125/82/united-states-v-in-the-matter-of-the-search-of-an-apple-iphone-seized/) in support of Apple, organized by [Stanford’s Center for Internet and Society](https://cyberlaw.stanford.edu/). Publications ======================================================================== Recent publications include: > S. O'Connell, L. Aben Sour, R. Magen, D. Genkin, Y. Oren, > H. Shacham, and Y. Yarom. “[Pixel Thief: Exploiting SVG Filter > Leakage in Firefox and > Chrome](https://www.usenix.org/conference/usenixsecurity24/presentation/oconnell).” > In D. Balzarotti and W. Xu, eds., _Proceedings of USENIX Security > 2024_. USENIX, Aug. 2024. To appear. > Y. Wang, R. Paccagnella, Z. Gang, W.R. Vasquez, D. Kohlbrenner, > H. Shacham, and C.W. Fletcher. “[GPU.zip: On the Side-Channel > Implications of Hardware-Based Graphical Data > Compression](https://www.hertzbleed.com/gpu.zip).” In > P. Traynor and W. Enck, eds., _Proceedings of IEEE Security and > Privacy ("Oakland") 2024_. IEEE Computer Society, May 2024. To > appear. > A. Kwong, W. Wang, J. Kim, J. Berger, D. Genkin, E. Ronen, > H. Shacham, R. Wahby, and Y. Yarom. “[Checking Passwords on > Leaky Computers: A Side Channel Analysis of Chrome’s Password > Leak Detection > Protocol](https://www.usenix.org/conference/usenixsecurity23/presentation/kwong).” > In J. Calandrino and C. Troncoso, eds., _Proceedings of USENIX > Security 2023_. USENIX, Aug. 2023. > W.R. Vasquez, S. Checkoway, and H. Shacham. “[The Most > Dangerous Codec in the World: Finding and Exploiting Vulnerabilities > in H.264 Decoders](dist/h26forge.pdf).” In J. Calandrino and > C. Troncoso, eds., _Proceedings of USENIX Security 2023_. USENIX, > Aug. 2023. > Y. Wang, R. Paccagnella, E.T. He, H. Shacham, C.W. Fletcher, and D. > Kohlbrenner. “[Hertzbleed: Turning Power Side-Channel Attacks > Into Remote Timing Attacks on > x86](https://ieeexplore.ieee.org/document/10122602)” (top > pick). _IEEE Micro_ 43(4):19–27, Jul.–Aug. 2023. > Y. Wang, R. Paccagnella, A. Wandke, Z. Gang, G. Garrett-Grossman, > C.W. Fletcher, D. Kohlbrenner, and H. Shacham. “[DVFS > Frequently Leaks Secrets: Hertzbleed Attacks Beyond SIKE, > Cryptography, and CPU-Only > Data](https://www.hertzbleed.com/2h2b.pdf).” In T. Ristenpart > and P. Traynor, eds., _Proceedings of IEEE Security and Privacy > ("Oakland") 2023_. IEEE Computer Society, May 2023. All my publications are [available online](publications.html). Teaching ======================================================================== * CS 361s, Computer Security: Spring 2024, Fall 2022, Spring 2022, Spring 2019. * CS 378h, Computer Security (honors): Fall 2023, Fall 2020, Fall 2019. * CS 380s, Graduate Computer Security: Spring 2023, Spring 2021, Spring 2020, Fall 2018. Students ======================================================================== Ph.D. students ------------------------------------------------------------------------ * [Willy Vasquez](https://wrv.github.io/) * [Yingchen Wang](/~yingchen/) Former students ------------------------------------------------------------------------ * [David Kohlbrenner](https://dkohlbre.com/) (Ph.D. 2018) -> UC Berkeley (postdoc) -> UW * [Wilson Lian](https://cseweb.ucsd.edu/~wlian/) (Ph.D. 2016) -> Google * [Jacob Maskiewicz](https://jakemask.com/) (M.S. 2016) -> Facebook * [Keaton Mowery](https://cseweb.ucsd.edu/~kmowery/) (Ph.D. 2015) -> Apple * [Daniel Cashman](https://www.linkedin.com/in/daniel-cashman-892a1328) (M.S. 2013) -> Google * [Stephen Checkoway](https://checkoway.net/) (Ph.D. 2012) -> Johns Hopkins -> UI Chicago -> Oberlin * [Aishwarya Venkataraman](https://www.linkedin.com/in/aishwarya-venkataraman-5b7b1310) (M.S. 2012) -> Stack iQ * [Grace Wang](https://www.linkedin.com/in/grace-wang-93b87417) (M.S. 2010) -> Qualcomm Brief biography ======================================================================== Hovav Shacham joined the University of Texas at Austin in 2018. His research interests are in applied cryptography, systems security, privacy-enhancing technologies, and technology policy. Shacham was a student at Stanford and a postdoctoral fellow at the Weizmann Institute. From 2007 to 2018, he was on the faculty at the University of California, San Diego. His work has been recognized with three "test-of-time" awards, including one at ACM CCS 2017 for his 2007 paper that introduced return-oriented programming. Shacham took part in California’s 2007 "Top-to-Bottom" voting systems review and served on the advisory committee for California’s 2011–13 post-election risk-limiting audit pilot program. His work has been cited by the National Academies, the Federal Trade Commission, the National Highway Traffic Safety Administration, and the RAND Corporation. (#) (Un)professional activities I used to be on Twitter (as `@hovav`), and am now trying the fediverse. (#) Photo credits Portrait copyright 2011 by Natalie Bessell. All rights reserved.