Universite Bordeaux 1
Leakage-resilient constructions have attracted significant attention over the last couple of years. In practice, pseudorandom functions are among the most important such primitives, because they are state-less and do not require a secure initialization as, e.g. stream ciphers. However, their deployment in actual applications is still limited by security and efficiency concerns. This paper contributes to solve these issues in two directions. On the one hand, the authors highlight that the condition of bounded data complexity that is guaranteed by previous leakage-resilient constructions may not be enough to obtain practical security. They show experimentally that, if implemented in an 8-bit microcontroller, such constructions can actually be broken.