Hidden Bits Approach for Authentication in RFID Systems

  • Marek Klonowski
  • Krzysztof Majcher
  • Wojciech Macyna
  • Filip Zagórski
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7739)


We present an authentication scheme designed for tiny and strictly constrained devices like RFID-tags. Authentication is based on the symmetric key shared between a tag and a reader. While a tag needs to perform only simple operations in order to authenticate: to pick n/2 + b random values and then to compute XORs of some values, a reader needs to try 2b possible values to check if a tag replied correctly (b is small). At the same time eavesdropping adversary after r executions of the protocol needs to solve a system of rk-multivariate quadratic equations over GF(2) with nk + rb variables.

We present a security discussion of proposed solutions.


RFID lightweight cryptography authentication 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Ars, G., Faugère, J.-C., Imai, H., Kawazoe, M., Sugita, M.: Comparison Between XL and Gröbner Basis Algorithms. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 338–353. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  2. 2.
    Bardet, M.T.: Etude des systèmes algébriques surdéterminés (2004)Google Scholar
  3. 3.
    Berlekamp, E.R., McEliece, R.J., van Tilborg, H.C.A.: On the inherent intractability of certain coding problems. IEEE Trans. Info. Theory, 384–386 (1978)Google Scholar
  4. 4.
    Blum, A., Kalai, A., Wasserman, H.: Noise-tolerant learning, the parity problem, and the statistical query model. Journal of the ACM 50(4), 506–519 (2003)MathSciNetCrossRefGoogle Scholar
  5. 5.
    Bringer, J., Chabanne, H., Kevenaar, T.A.M., Kindarji, B.: Extending Match-On-Card to Local Biometric Identification. In: Fierrez, J., Ortega-Garcia, J., Esposito, A., Drygajlo, A., Faundez-Zanuy, M. (eds.) BioID MultiComm 2009. LNCS, vol. 5707, pp. 178–186. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  6. 6.
    Cichoń, J., Klonowski, M., Kutyłowski, M.: Privacy Protection for RFID with Hidden Subset Identifiers. In: Indulska, J., Patterson, D.J., Rodden, T., Ott, M. (eds.) PERVASIVE 2008. LNCS, vol. 5013, pp. 298–314. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  7. 7.
    Courtois, N., Goubin, L., Meier, W., Tacier, J.-D.: Solving Underdefined Systems of Multivariate Quadratic Equations. In: Naccache, D., Paillier, P. (eds.) PKC 2002. LNCS, vol. 2274, pp. 211–227. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  8. 8.
    Diem, C.: The XL-Algorithm and a Conjecture from Commutative Algebra. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 323–337. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  9. 9.
    Fraenkel, A.S., Yesha, Y.: Complexity of solving algebraic equations. Inf. Process. Lett., 178–179 (1980)Google Scholar
  10. 10.
    Frumkin, D., Shamir, A.: Un-trusted-hb: Security vulnerabilities of trusted-hb. Cryptology ePrint Archive, Report 2009/044 (2009)Google Scholar
  11. 11.
    Garey, M.R., Johnson, D.S.: Computers and Intractability: A Guide to the Theory of NP-Completeness. W.H. Freeman (1979)Google Scholar
  12. 12.
    Gilbert, H., Sibert, H., Robshaw, M.: An active attack against a provably secure lightweight authentication protocol. IEEE Electronic Letters 41, 1169–1170 (2005)CrossRefGoogle Scholar
  13. 13.
    Gilbert, H., Robshaw, M.J.B., Seurin, Y.: Good Variants of HB +  Are Hard to Find. In: Tsudik, G. (ed.) FC 2008. LNCS, vol. 5143, pp. 156–170. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  14. 14.
    Gilbert, H., Robshaw, M.J.B., Seurin, Y.: HB# Increasing the Security and Efficiency of HB + . In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 361–378. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  15. 15.
    Gołębiewski, Z., Majcher, K., Zagórski, F.: Attacks on CKK Family of RFID Authentication Protocols. In: Coudert, D., Simplot-Ryl, D., Stojmenovic, I. (eds.) ADHOC-NOW 2008. LNCS, vol. 5198, pp. 241–250. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  16. 16.
    Gołębiewski, Z., Majcher, K., Zagórski, F., Zawada, M.: Practical Attacks on HB and HB+ Protocols. In: Ardagna, C.A., Zhou, J. (eds.) WISTP 2011. LNCS, vol. 6633, pp. 244–253. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  17. 17.
    Hopper, N.J., Blum, M.: Secure Human Identification Protocols. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 52–66. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  18. 18.
    Juels, A., Weis, S.A.: Authenticating Pervasive Devices with Human Protocols. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 293–308. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  19. 19.
    Krause, M., Stegemann, D.: More on the Security of Linear RFID Authentication Protocols. In: Jacobson Jr., M.J., Rijmen, V., Safavi-Naini, R. (eds.) SAC 2009. LNCS, vol. 5867, pp. 182–196. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  20. 20.
    Levieil, É., Fouque, P.-A.: An Improved LPN Algorithm. In: De Prisco, R., Yung, M. (eds.) SCN 2006. LNCS, vol. 4116, pp. 348–359. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  21. 21.
    Lyubashevsky, V.: The Parity Problem in the Presence of Noise, Decoding Random Linear Codes, and the Subset Sum Problem. In: Chekuri, C., Jansen, K., Rolim, J.D.P., Trevisan, L. (eds.) APPROX 2005 and RANDOM 2005. LNCS, vol. 3624, pp. 378–389. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  22. 22.
    Munilla, J., Peinado, A.: Hb-mp: A further step in the hb-family of lightweight authentication protocols. Comput. Netw. 51(9), 2262–2267 (2007)MATHCrossRefGoogle Scholar
  23. 23.
    Ouafi, K., Overbeck, R., Vaudenay, S.: On the Security of HB# against a Man-in-the-Middle Attack. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 108–124. Springer, Heidelberg (2008)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Marek Klonowski
    • 1
  • Krzysztof Majcher
    • 1
  • Wojciech Macyna
    • 1
  • Filip Zagórski
    • 1
  1. 1.Institute of Mathematics and Computer ScienceWroclaw University of TechnologyPoland

Personalised recommendations