Publications

Patents

• Co-inventor of Efficient real-time authentication of arbitrary segments of live and non-live video stream, US 10361865 · Issued Aug 29, 2017
• Co-inventor of Automatic computer program obfuscation system, US 2014/0229517 A1 · Issued Aug 14, 2014

CVE

• CVE-2024-53845: AES/CBC Constant IV Vulnerability in ESPTouch v2: Discovered and reported a security vulnerability (CVE-2024-53845) in the ESP-Touch V2 protocol (SmartConfig), where AES128/CBC was implemented with a constant IV. This could potentially impact the security of device provisioning. The vulnerability has been officially acknowledged and documented in the ESP-IDF security advisory.

Other blog posts

• Packaging Native Code with Prefab: A Solution for Imported Prebuilt Binaries, As part of my job at Lightricks in March 2023, we transitioned from using a monorepo to standalone AAR components for our Android applications, and while encountering challenges with packaging native libraries, specifically imported prebuilt binaries, we successfully found a solution using Google’s Prefab plugin.
• ­The Promise of Intel SGX — Have You Read the Fine Print?, This research was conducted with Prof. Danny Dolev and Dr. Yaron Weinsberg (IBM Research, Israel) as part of the course “Advanced Operating Systems & Cloud technologies” at The Hebrew University of Jerusalem, Spring Semester 2016.