"Modern cryptographic security definitions do not capture real worldadversaries who can attack the algorithm's physical implementation, asthey do not take into account so called side-channel attacks wherethe adversary learns information about the internal state of thecryptosystem during execution, for example by measuring the runningtime or the power consumption of a smart-card.Current research on side-channels security resembles a cat and mousegame. New attacks are discovered, and then heuristic countermeasuresare proposed to prevent this particular new attacks. This isfundamentally different from the ""provable security"" approach followedby modern cryptography, where one requires that a cryptosystem isproven secure against all adversaries in a broad and well-definedattack scenario. Clearly, this situation is unsatisfactory: what isprovable security good for, if ultimately the security of acryptosystem hinges on some ad-hoc side-channel countermeasure?Despite this, until recently the theory community did not give muchattention to this problem as it was believed that side-channels are apractical problem, and theory can only be of limited use to preventthem. But recently results indicate that this view is much too pessimistic.On a high level, the goal of this project is to bring research onside-channels from the realm of engineering and security research tomodern cryptography. One aspect of this proposal it to furtherinvestigate the framework of leakage-resilience which adapts themethodology of provable security to the physical world. If acryptosystem is leakage-resilient, then this implies that itsimplementation is secure against every side-channel attack, makingonly some mild (basically minimal) assumptions on the underlyinghardware."