These are the proceedings of CHES 2001, the third Workshop on Cryptographic Hardware and Embedded Systems. The ?rst two CHES Workshops were held in Massachusetts, and this was the ?rst Workshop to be held in Europe. There was a large number of submissions this year, and in response the technical program was extended to 2 1/2 days. As is evident by the papers in these proceedings, many excellent submissions were made. Selecting the papers for this year’s CHES was not an easy task, and weregretthatwehadtorejectseveralveryinterstingpapersduetotheac l kof time. There were 66 submitted contributions this year, of which 31, or 47%, were selected for presentation. If we look at the number of submitted papers at CHES ’99 (42 papers) and CHES 2001 (51 papers), we observe a steady increase. We interpret this as a continuing need for a workshop series which combines theory and practice for integrating strong security features into modern communications and computer applications. In addition to the submitted contributions, Ross Anderson from Cambridge University, UK, and Adi Shamir from The Weizmann Institute, Israel, gave invited talks. As in previous years, the focus of the workshop is on all aspects of cryp- graphichardwareandembeddedsystemdesign.Ofspecialinterestwerecont- butions that describe new methods for e?cient hardware implementations and high-speed software for embedded systems, e.g., smart cards, microprocessors, DSPs, etc. CHES also continues to be an important forum for new theoretical andpractical?ndingsintheimportantandgrowing?eldofside-channelattacks.
Table of ContentsInvited Talk.- Protecting Embedded Systems The Next Ten Years.- Side Channel Attacks I.- A Sound Method for Switching between Boolean and Arithmetic Masking.- Fast Primitives for Internal Data Scrambling in Tamper Resistant Hardware.- Random Register Renaming to Foil DPA.- Randomized Addition-Subtraction Chains as a Countermeasure against Power Attacks.- Rijndael Hardware Implementations.- Architectural Optimization for a 1.82Gbits/sec VLSI Implementation of the AES Rijndael Algorithm.- High Performance Single-Chip FPGA Rijndael Algorithm Implementations.- Two Methods of Rijndael Implementation in Reconfigurable Hardware.- Random Number Generators.- Pseudo-random Number Generation on the IBM 4758 Secure Crypto Coprocessor.- Efficient Online Tests for True Random Number Generators.- Elliptic Curve Algorithms.- The Hessian Form of an Elliptic Curve.- Efficient Elliptic Curve Cryptosystems from a Scalar Multiplication Algorithm with Recovery of the y-Coordinate on a Montgomery-Form Elliptic Curve.- Generating Elliptic Curves of Prime Order.- Invited Talk.- New Directions in Croptography.- Arithmetic Architectures.- A New Low Complexity Parallel Multiplier for a Class of Finite Fields.- Efficient Rijndael Encryption Implementation with Composite Field Arithmetic.- High-Radix Design of a Scalable Modular Multiplier.- A Bit-Serial Unified Multiplier Architecture for Finite Fields GF(p) and GF(2m).- Cryptanalysis.- Attacks on Cryptoprocessor Transaction Sets.- Bandwidth-Optimal Kleptographic Attacks.- Electromagnetic Analysis: Concrete Results.- Embedded Implementations and New Ciphers.- NTRU in Constrained Devices.- Transparent Harddisk Encryption.- Side Channel Attacks II.- Sliding Windows Succumbs to Big Mac Attack.- Universal Exponentiation Algorithm A First Step towards Provable SPA-Resistance.- An Implementation of DES and AES, Secure against Some Attacks.- Hardware Implementations of Ciphers.- Efficient Implementation of “Large” Stream Cipher Systems.- Tradeoffs in Parallel and Serial Implementations of the International Data Encryption Algorithm IDEA.- A Scalable GF(p) Elliptic Curve Processor Architecture for Programmable Hardware.- Implementation of RSA Algorithm Based on RNS Montgomery Multiplication.- Side Channel Attacks on Elliptic Curve Cryptosystems.- Protections against Differential Analysis for Elliptic Curve Cryptography An Algebraic Approach .- Preventing SPA/DPA in ECC Systems Using the Jacobi Form.- Hessian Elliptic Curves and Side-Channel Attacks.