Abstract
HB and HB+ are a shared secret-key authentication protocols designed for low-cost devices such as RFID tags. HB+ was proposed by Juels and Weis at Crypto 2005. The security of the protocols relies on the “learning parity with noise” (LPN) problem, which was proven to be NP-hard.
The best known attack on LPN by Levieil and Fouque [13] requires sub-exponential number of samples and sub-exponential number of operations, which makes that attack impractical for the RFID scenario (one cannot assume to collect exponentially-many observations of the protocol execution).
We present a passive attack on HB protocol in detection-based model which requires only linear (in the length of a secret key) number of samples. Number of performed operations is exponential, but attack is efficient for some real-life values of the parameters, i. e. noise \(\frac{1}{8}\) and key length 152-bits. Passive attack on HB can be transformed into active one on HB+.
This paper was supported by funds from Polish Ministry of Science and Higher Education – grant No. N N206 2573 35.
Chapter PDF
References
Chekuri, C., Jansen, K., Rolim, J.D.P., Trevisan, L. (eds.): APPROX 2005 and RANDOM 2005. LNCS, vol. 3624. Springer, Heidelberg (2005)
Berlekamp, E.R., McEliece, R.J., van Tilborg, H.C.A.: On the inherent intractability of certain coding problems. IEEE Trans. Info. Theory, 384–386 (1978)
Blum, A., Kalai, A., Wasserman, H.: Noise-tolerant learning, the parity problem, and the statistical query model. Journal of the ACM 50(4), 506–519 (2003)
Bringer, J., Chabanne, H., Kevenaar, T.A.M., Kindarji, B.: Extending match-on-card to local biometric identification. In: Fierrez, J., Ortega-Garcia, J., Esposito, A., Drygajlo, A., Faundez-Zanuy, M. (eds.) BioID MultiComm2009. LNCS, vol. 5707, pp. 178–186. Springer, Heidelberg (2009)
Cichon, J., Klonowski, M., Kutylowski, M.: Privacy protection for rfid with hidden subset identifiers. Pervasive Computing (2008)
Frumkin, D., Shamir, A.: Un-trusted-hb: Security vulnerabilities of trusted-hb. Cryptology ePrint Archive, Report 2009/044 (2009)
Gilbert, H., Sibert, H., Robshaw, M.: An active attack against a provably secure lightweight authentication protocol. IEEE Electronic Letters 41, 1169–1170 (2005)
Gilbert, H., Robshaw, M.J.B., Seurin, Y.: Good variants of hB + are hard to find. In: Tsudik, G. (ed.) FC 2008. LNCS, vol. 5143, pp. 156–170. Springer, Heidelberg (2008)
Gilbert, H., Robshaw, M.J.B., Seurin, Y.: Hb# Increasing the security and efficiency of hb + . In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 361–378. Springer, Heidelberg (2008)
Golebiewski, Z., Majcher, K., Zagórski, F.: Attacks on CKK family of RFID authentication protocols. In: Coudert, D., Simplot-Ryl, D., Stojmenovic, I. (eds.) ADHOC-NOW 2008. LNCS, vol. 5198, pp. 241–250. Springer, Heidelberg (2008)
Hopper, N.J., Blum, M.: Secure human identification protocols. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, p. 52. Springer, Heidelberg (2001)
Juels, A., Weis, S.A.: Authenticating pervasive devices with human protocols. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 293–308. Springer, Heidelberg (2005)
Levieil, É., Fouque, P.-A.: An improved LPN algorithm. In: De Prisco, R., Yung, M. (eds.) SCN 2006. LNCS, vol. 4116, pp. 348–359. Springer, Heidelberg (2006)
Lyubashevsky, V.: The parity problem in the presence of noise, decoding random linear codes, and the subset sum problem. In: APPROX-RANDOM [1], pp. 378–389
Munilla, J., Peinado, A.: Hb-mp: A further step in the hb-family of lightweight authentication protocols. Comput. Netw. 51(9), 2262–2267 (2007)
Ouafi, K., Overbeck, R., Vaudenay, S.: On the security of hB# against a man-in-the-middle attack. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 108–124. Springer, Heidelberg (2008)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 IFIP International Federation for Information Processing
About this paper
Cite this paper
Gołębiewski, Z., Majcher, K., Zagórski, F., Zawada, M. (2011). Practical Attacks on HB and HB+ Protocols. In: Ardagna, C.A., Zhou, J. (eds) Information Security Theory and Practice. Security and Privacy of Mobile Devices in Wireless Communication. WISTP 2011. Lecture Notes in Computer Science, vol 6633. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-21040-2_17
Download citation
DOI: https://doi.org/10.1007/978-3-642-21040-2_17
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-21039-6
Online ISBN: 978-3-642-21040-2
eBook Packages: Computer ScienceComputer Science (R0)