An Improved LPN Algorithm

  • Éric Levieil
  • Pierre-Alain Fouque
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4116)


HB +  is a shared-key authentication protocol, proposed by Juels and Weis at Crypto 2005, using prior work of Hopper and Blum. Its very low computational cost makes it attractive for low-cost devices such as radio-frequency identification(RFID) tags. Juels and Weis gave a security proof, relying on the hardness of the “learning parity with noise” (LPN) problem. Here, we improve the previous best known algorithm proposed by Blum, Kalai, and Wasserman for solving the LPN problem. This new algorithm yields an attack for HB +  in the detection-based model with work factor 252.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Berlekamp, E.R., McEliece, R.J., Tilborg, V.: On the Inherent Intractability of Certain Coding Problem. IEEE Transactions on Information Theory 24, 384–386 (1978)zbMATHCrossRefGoogle Scholar
  2. 2.
    Blum, A., Furst, M., Kearns, M., Lipton, R.J.: Cryptographic Primitives Based on Hard Learning Problems. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 278–291. Springer, Heidelberg (1994)Google Scholar
  3. 3.
    Blum, A., Kalai, A., Wasserman, H.: Noise-tolerant Learning, the Parity Problem, and the Statistical Query Problem. Journal of the ACM 50(4), 506–519 (2003)CrossRefMathSciNetGoogle Scholar
  4. 4.
    Bringer, J., Chabanne, H., Dottax, E.: HB++: A Lightweight Authentication Protocol Secure againt Some Attacks. In: IEEE International Conference on Pervasive Services, Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing, SecPerU (2006), Available at:
  5. 5.
    Gilbert, H., Robshaw, M., Sibert, H.: An Active Attack Against HB+ - A Provably Secure Lightweight Authentication Protocol, Available at:
  6. 6.
    Goldreich, O., Levin, L.: A Hard Predicate for all one-way functions. In: STOC 1989, pp. 25–32. ACM, New York (1998)Google Scholar
  7. 7.
    Hastad, J.: Some Optimal Inapproximability Results. In: STOC 1997, pp. 1–10. ACM, New York (1997)CrossRefGoogle Scholar
  8. 8.
    Hopper, N.J., Blum, M.: Secure Human Identification Protocols. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 52–66. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  9. 9.
    Juels, A., Weis, S.A.: Authenticating Pervasive Devices with Human Protocols. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 293–308. Springer, Heidelberg (2005), Updated version available at: Google Scholar
  10. 10.
    Katz, J., Shin, J.S.: Parallel and Concurrent Security of the HB and HB +  Protocols. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 73–87. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  11. 11.
    Kearns, M.: Efficient Noise-Tolerant Learning from Statistical Queries. J. ACM 45(6), 983–1006 (1998)zbMATHMathSciNetGoogle Scholar
  12. 12.
    Mitzenmacher, M., Upfal, E.: Probability and computing. Cambridge University Press, Cambridge (2005)zbMATHGoogle Scholar
  13. 13.
    Regev, O.: On Lattices, Learning with Errors, Random Linear Codes, and Cryptography. In: STOC 2005, pp. 84–93. ACM, New York (2005)CrossRefGoogle Scholar
  14. 14.
    Wagner, D.: A Generalized Birthday Problem. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 288–303. Springer, Heidelberg (2002)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Éric Levieil
    • 1
  • Pierre-Alain Fouque
    • 1
  1. 1.École normale supérieureParisFrance

Personalised recommendations