GHB#: A Provably Secure HB-Like Lightweight Authentication Protocol
Abstract
RFID technology constitutes a fundamental part of what is known as the Internet of Things; i.e. accessible and interconnected machines and everyday objects that form a dynamic and complex environment. In order to secure RFID tags in a cost-efficient manner, the last few years several lightweight cryptography-based tag management protocols have been proposed. One of the most promising proposals is the \(\textit{HB}^{+}\) protocol, a lightweight authentication protocol that is supported by an elegant security proof against all passive and a subclass of active attackers based on the hardness of the Learning Parity with Noise (LPN) problem. However, the \(\textit{HB}^{+}\) was shown to be weak against active man-in-the-middle (MIM) attacks and for that several variants have been proposed. Yet, the vast majority of them has been broken.
In this paper, we introduce a new variant of the \(\textit{HB}^+\) protocol that can provably resist MIM attacks. More precisely, we improve the security of another recently proposed variant, the \(\textit{HB}^\#\) protocol by taking advantage of the properties of the well studied Gold power functions. The new authentication protocol is called \(\textit{GHB}^\#\) and its security can be reduced to the LPN problem. Finally, we show that the \(\textit{GHB}^\#\) remains practical and lightweight.
Keywords
Boolean Function Authentication Protocol Message Authentication Code Almost Perfect Nonlinear Cryptology ePrint ArchivePreview
Unable to display preview. Download preview PDF.
References
- 1.Avoine, G.: RFID Security and Privacy Lounge, The list of papers is available at http://www.avoine.net/rfid/download/bib/bibliography-rfid.pdf
- 2.Bringer, J., Chabanne, H., Dottax, E.: \(\textit{HB}^{++}\): a Lightweight Authentication Protocol Secure against Some Attacks. In: Proceedings of the IEEE Int. Conference on Pervasive Sevices, Workshop - SecPerU (2006)Google Scholar
- 3.Bringer, J., Chabanne, H.: \(\textit{Trusted-HB}\): A Low-Cost Version of HB Secure Against Man-in-the-Middle Attack\(\textit{HB}^{++}\). IEEE Transactions on Information Theory 54, 4339–4342 (2008)MathSciNetCrossRefGoogle Scholar
- 4.Bosley, C., Haralambiev, K., Nicolosi, A.: HBN: An HB-like protocol secure against man-in-the-middle attacks. Cryptology ePrint Archive, Report 2011/350 (2011), http://eprint.iacr.org
- 5.Carlet, C.: Vectorial Boolean Functions for Cryptography. In: Crama, Y., Hammer, P.L. (eds.) Boolean Models and Methods in Mathematics, Computer Science, and Engineering, pp. 398–469. Cambridge University Press (2010)Google Scholar
- 6.Duc, D.N., Kim, K.: Securing \(\textit{HB}^+\) against GRS Man-in-the-Middle Attack. In: Proceedings of the Symp. on Cryptography and Information Security (2007)Google Scholar
- 7.Gilbert, H., Robshaw, M., Silbert, H.: An Active Attack against \(\textit{HB}^+\)-a Provable Secure Lightweighted Authentication Protocol. Cryptology ePrint Archive, Report 2005/237 (2005), http://eprint.iacr.org
- 8.Gilbert, H., Robshaw, M., Seurin, Y.: \(\textit{HB}^{\#}\): Increasing the Security and Efficiency of \(\textit{HB}^+\). In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 361–378. Springer, Heidelberg (2008)CrossRefGoogle Scholar
- 9.Gilbert, H., Robshaw, M., Seurin, Y.: Good Variants of HB + Are Hard to Find. In: Tsudik, G. (ed.) FC 2008. LNCS, vol. 5143, pp. 156–170. Springer, Heidelberg (2008)CrossRefGoogle Scholar
- 10.Gold, R.: Maximal recursive sequences with 3-valued recursive crosscorrelation functions. IEEE Transactions on Information Theory 14, 154–156 (1968)MATHCrossRefGoogle Scholar
- 11.Hopper, N.J., Blum, M.: Secure Human Identification Protocols. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 52–66. Springer, Heidelberg (2001)CrossRefGoogle Scholar
- 12.Juels, A., Weis, S.A.: Authenticating Pervasive Devices with Human Protocols. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 293–308. Springer, Heidelberg (2005)Google Scholar
- 13.Katz, J., Shin, J.S.: Parallel and Concurrent Security of the HB and HB + Protocols. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 73–87. Springer, Heidelberg (2006)CrossRefGoogle Scholar
- 14.Katz, J., Shin, J.: Analyzing the \(\textit{HB}\) and \(\textit{HB}^+\) Protocols in the Large Error Case. Cryptology ePrint Archive, Report 2006/326 (2006), http://eprint.iacr.org/
- 15.Kiltz, E., Pietrzak, K., Cash, D., Jain, A., Venturi, D.: Efficient Authentication from Hard Learning Problems. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 7–26. Springer, Heidelberg (2011)CrossRefGoogle Scholar
- 16.Leng, X., Mayes, K., Markantonakis, K.: \(\textit{HP-MP}^+\): An Improvement on the \(\textit{HB-MP}\) Protocol. In: Proceedings of the IEEE Int. Conference on RFID 2008, pp. 118–124. IEEE Press (2008)Google Scholar
- 17.Lidl, R., Niederreiter, H.: Introduction to Finite Fields and Their Applications. Cambridge University Press (1994)Google Scholar
- 18.Madhavan, M., Thangaraj, A., Sankarasubramaniam, Y., Viswanathan, K.: \(\textit{NLHB}\): A Non-Linear Hopper Blum Protocol. In: Proceedings of IEEE National Conference on Communications, NCC (2010), CoRR abs/1001.2140:2010.Google Scholar
- 19.Massey, J.L., Omura, J.K.: Computational Method and Apparatus for Finite Field Arithmetic. US Patent No. 4,587,627 (1986)Google Scholar
- 20.Munilla, J., Peinado, A.: \(\textit{HP-MP}\): A Further Step in the \(\textit{HB}\)-family of Lightweight authentication protocols. Computer Networks 51, 2262–2267 (2007)MATHCrossRefGoogle Scholar
- 21.Ouafi, K., Overbeck, R., Vaudenay, S.: On the Security of HB# against a Man-in-the-Middle Attack. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 108–124. Springer, Heidelberg (2008)CrossRefGoogle Scholar
- 22.Piramuthu, S.: \(\textit{HB}\) and Related Lightweight Authentication Protocols for Secure RFID Tag/Reader Authentication. In: Proceedings of CollECTeR Europe Conference, Basel, Switzerland, June 9-10 (2006)Google Scholar
- 23.Reza, M., Abyaneh, S., On, S.: the Security of Non-Linear \(\textit{HB}\) (\(\textit{NLHB}\)) Protocol Against Passive Attack. Cryptology ePrint Archive, Report 2010/402 (2010), http://eprint.iacr.org/
- 24.Rizomiliotis, P.: \(\textit{HB-MAC}\): Improving the Random - \(\textit{HB}^{\#}\) Authentication Protocol. In: Fischer-Hübner, S., Lambrinoudakis, C., Pernul, G. (eds.) TrustBus 2009. LNCS, vol. 5695, pp. 159–168. Springer, Heidelberg (2009)CrossRefGoogle Scholar
- 25.Yoon, B., Sung, M.Y., Yeon, S.H., Oh, S., Kwon, Y.: Kim, Ch., Kim, K.-H.: \(\textit{HB-MP}^{++}\) protocol: An ultra light-weight authentication protocol for RFID system. In: Proceedings of the IEEE Int. Conference on RFID, pp. 186–191 (2009)Google Scholar