PUF-HB: A Tamper-Resilient HB Based Authentication Protocol

  • Ghaith Hammouri
  • Berk Sunar
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5037)


We propose a light-weight protocol for authentication of low-power devices. Our construction PUF-HB merges the positive qualities of two families of authentication functions. PUF represents physically unclonable functions and fulfills the purpose of providing low-cost tamper-resilient challenge-response authentication. On the other hand, the Hopper Blum (HB) function provides provable cryptographic strength against passive adversaries. By building on an earlier proof of the security of HB +  by Katz et al. [1], we rigorously prove the security of the proposed scheme against active adversaries. While the active adversary model does not include man-in-the-middle attacks, we show that a previously successful man-in-the-middle attack proposed for HB + , does not carry to PUF-HB.


HB+ PUF tamper resilience provable security 


  1. 1.
    Katz, J., Shin, J.S.: Parallel and Concurrent Security of the HB and HB\(^{\mbox{+}}\) Protocols. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 73–87. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  2. 2.
    Want, R.: An Introduction to RFID Technology. IEEE Pervasive Computing 5(1), 25 (2006)CrossRefGoogle Scholar
  3. 3.
    Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M.J. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)Google Scholar
  4. 4.
    Kocher, P.C.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)Google Scholar
  5. 5.
    Kulikowski, K.J., Karpovsky, M.G., Taubin, A.: DPA on faulty cryptographic hardware and countermeasures. In: Breveglieri, L., Koren, I., Naccache, D., Seifert, J.-P. (eds.) FDTC 2006. LNCS, vol. 4236, pp. 211–222. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  6. 6.
    Gassend, B., Clarke, D., van Dijk, M., Devadas, S.: Delay-based Circuit Authentication and Applications. In: Proceedings of the 2003 ACM Symposium on Applied Computing, pp. 294–301 (2003)Google Scholar
  7. 7.
    Gassend, B., Clarke, D., van Dijk, M., Devadas, S.: Silicon physical random functions. In: CCS 2002: Proceedings of the 9th ACM conference on Computer and communications security, pp. 148–160. ACM Press, New York (2002)CrossRefGoogle Scholar
  8. 8.
    Lee, J.W., Daihyun, L., Gassend, B., S., G.E., van Dijk, M., Devadas, S.: A technique to build a secret key in integrated circuits for identification and authentication applications. In: Symposium of VLSI Circuits, pp. 176–179 (2004)Google Scholar
  9. 9.
    O’Donnell, C.W., Suh, G.E., Devadas, S.: PUF-based random number generation. Number 481 (November 2004)Google Scholar
  10. 10.
    Lim, D., Lee, J.W., Gassend, B., Suh, G.E., van Dijk, M., Devadas, S.: Extracting secret keys from integrated circuits. IEEE Trans. VLSI Syst. 13(10), 1200–1205 (2005)CrossRefGoogle Scholar
  11. 11.
    Ozturk, E., Hammouri, G., Sunar, B.: Physical unclonable function with tristate buffers. In: The Proceedings of The IEEE International Symposium on Circuits and Systems 2008 – ISCAS (to appear, 2008)Google Scholar
  12. 12.
    Ozturk, E., Hammouri, G., Sunar, B.: Towards robust low cost authentication for pervasive devices. In: PERCOM 2008: Proceedings of the Sixth IEEE International Conference on Pervasive Computing and Communications (2008)Google Scholar
  13. 13.
    Hopper, N.J., Blum, M.: Secure Human Identification Protocols. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 52–66. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  14. 14.
    Juels, A., Weis, S.A.: Authenticating Pervasive Devices with Human Protocols. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 293–308. Springer, Heidelberg (2005)Google Scholar
  15. 15.
    Munilla, J., Peinado, A.: HB-MP: A further step in the HB-family of lightweight authentication protocols. Comput. Networks 51(9), 2262–2267 (2007)zbMATHCrossRefGoogle Scholar
  16. 16.
    Bringer, J., Chabanne, H., Dottax, E.: HB + + : a Lightweight Authentication Protocol Secure against Some Attacks. In: SECPERU 2006: Proceedings of the Second International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing, Washington, DC, USA, 2006, pp. 28–33. IEEE Computer Society, Los Alamitos (2006)CrossRefGoogle Scholar
  17. 17.
    Katz, J., Smith, A.: Analyzing the HB and HB +  protocols in the “large error” case. In: Cryptology ePrint Archive, Report 2006/326 (2006),
  18. 18.
    Gilbert, H., Robshaw, M., Sibert, H.: An Active Attack Against HB +  - A Provably Secure Lightweight Authentication Protocol. IEE Electronic Letters 41,21, 1169–1170 (2005)CrossRefGoogle Scholar
  19. 19.
    Gilbert, H., Robshaw, M., Seurin, Y.: HB#: Increasing the Security and Efficiency of HB + . In: Advances in Cryptology: EUROCRYPT 2008. LNCS, vol. 4965, Springer, Heidelberg (2008)CrossRefGoogle Scholar
  20. 20.
    Blum, A., Kalai, A., Wasserman, H.: Noise-tolerant learning, the parity problem, and the statistical query model. In: STOC 2000: Proceedings of the thirty-second annual ACM symposium on Theory of computing, pp. 435–440. ACM Press, New York (2000)CrossRefGoogle Scholar
  21. 21.
    Fossorier, M., Mihaljevic, M., Imai, H., Cui, Y., Matsuura, K.: A Novel Algorithm for Solving the LPN Problem and its Application to Security Evaluation of the HB Protocol for RFID Authentication. In: Proc. of INDOCRYPT, vol. 6, pp. 48–62.Google Scholar
  22. 22.
    Levieil, E., Fouque, P.: An Improved LPN Algorithm. In: De Prisco, R., Yung, M. (eds.) SCN 2006. LNCS, vol. 4116, pp. 348–359. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  23. 23.
    Lyubashevsky, V.: The parity problem in the presence of noise, decoding random linear codes, and the subsetsum problem. In: Chekuri, C., Jansen, K., Rolim, J.D.P., Trevisan, L. (eds.) APPROX 2005 and RANDOM 2005. LNCS, vol. 3624, pp. 378–389. Springer, Heidelberg (2005)Google Scholar
  24. 24.
    Duc, D., Kim, K.: Securing HB +  Against GRS Man-in-the-Middle Attack. In: Institute of Electronics, Information and Communication Engineers, Symposium on Cryptography and Information Security, January 2007, pp. 23–26 (2007)Google Scholar
  25. 25.
    Berlekamp, E.R., Mceliece, R.J., van Tilborg, H.C.: On the Inherent Intractability of Certain Coding Problems. IEEE Transactions on Information Theory 24(3), 384–386 (1978)zbMATHCrossRefGoogle Scholar
  26. 26.
    Kearns, M.: Efficient Noise-Tolerant Learning from Statistical Queries. In: STOC 1993: Proceedings of the Twenty-Fifth Annual ACM Symposium on Theory of Computing, pp. 392–401. ACM Press, New York (1993)CrossRefGoogle Scholar
  27. 27.
    Roos, C., Terlaky, T., Vial, J.-P.: Interior Point Methods for Linear Optimization, 2nd edn. Springer, Heidelberg (2005)Google Scholar
  28. 28.
    Andersen, E.D., Andersen, K.D.: Presolving in linear programming. Mathematical Programming 71(2), 221–245 (1995)CrossRefMathSciNetGoogle Scholar
  29. 29.
    Agmon, S.: The relaxation method for linear inequalities. Canadian J. of Mathematics, 382–392 (1964)Google Scholar
  30. 30.
    Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. In: STOC 2005: Proceedings of the thirty-seventh annual ACM symposium on Theory of computing, pp. 84–93. ACM Press, New York (2005)CrossRefGoogle Scholar
  31. 31.
    Prudnikov, Y.A., Brychkov, A.P., Marichev: Integrals and Series, vol. 2: Special Functions. In: Gordon and Breach (1990)Google Scholar
  32. 32.
    Blum, A., Frieze, A.M., Kannan, R., Vempala, S.: A polynomial-time algorithm for learning noisy linear threshold functions. Algorithmica 22(1/2), 35–52 (1998)zbMATHCrossRefMathSciNetGoogle Scholar
  33. 33.
    Tiri, K., Akmal, M., Verbauwhede, I.: A dynamic and differential CMOS logic with signal independent power consumption to withstand differential power analysis on smart cards. In: Solid-State Circuits Conference, 2002. ESSCIRC 2002. Proceedings of the 28th European, pp. 403–406 (2002)Google Scholar
  34. 34.
    Toprak, Z., Leblebici, Y.: Low-power current mode logic for improved DPA-resistance in embedded systems. In: Circuits and Systems, 2005. ISCAS 2005. IEEE International Symposium, pp. 1059–1062 (2005)Google Scholar
  35. 35.
    Regazzoni, F., Badel, S., Eisenbarth, T., Grobschadl, J., Poschmann, A., Toprak, Z., Macchetti, M., Pozzi, L., Paar, C., Leblebici, Y., Ienne, P.: A Simulation-Based Methodology for Evaluating the DPA-Resistance of Cryptographic Functional Units with Application to CMOS and MCML Technologies. In: IC-SAMOS 2007, pp. 209–214 (2007)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Ghaith Hammouri
    • 1
  • Berk Sunar
    • 1
  1. 1.Worcester Polytechnic InstituteWorcester

Personalised recommendations