hHB: A Harder HB+ Protocol

Ahmad Khoureich Ka

2015

Abstract

In 2005, Juels and Weis proposed HB+, a perfectly adapted authentication protocol for resource-constrained devices such as RFID tags. The HB+ protocol is based on the Learning Parity with Noise (LPN) problem and is proven secure against active adversaries. Since a man-in-the-middle attack on HB+ due to Gilbert et al. was published, many proposals have been made to improve the HB+ protocol. But none of these was formally proven secure against general man-in-the-middle adversaries. In this paper we present a solution to make the HB+ protocol resistant to general man-in-the-middle adversaries without exceeding the computational and storage capabilities of the RFID tag.

References

  1. Berlekamp, E. R., McEliece, R. J., and Van Tilborg, H. C. (1978). On the inherent intractability of certain coding problems. IEEE Transactions on Information Theory, 24(3):384-386.
  2. Blum, A., Furst, M., Kearns, M., and Lipton, R. J. (1994). Cryptographic primitives based on hard learning problems. In Advances in cryptologyCRYPTO93, pages 278-291. Springer.
  3. Blum, A., Kalai, A., and Wasserman, H. (2003). Noisetolerant learning, the parity problem, and the statistical query model. Journal of the ACM (JACM), 50(4):506-519.
  4. Bringer, J. and Chabanne, H. (2008). Trusted-HB: a lowcost version of HB+ secure against man-in-the-middle attacks. arXiv preprint arXiv:0802.0603.
  5. Bringer, J., Chabanne, H., and Dottax, E. (2006). HB++: a lightweight authentication protocol secure against some attacks. In Security, Privacy and Trust in Pervasive and Ubiquitous Computing, 2006. SecPerU 2006. Second International Workshop on, pages 28- 33. IEEE.
  6. Duc, D. N. and Kim, K. (2007). Securing HB+ against GRS man-in-the-middle attack. In Institute of Electronics, Information and Communication Engineers, Symposium on Cryptography and Information Security.
  7. Fossorier, M. P., Mihaljevic, M. J., Imai, H., Cui, Y., and Matsuura, K. (2006). An algorithm for solving the LPN problem and its application to security evaluation of the HB protocols for RFID authentication. In Progress in Cryptology-INDOCRYPT 2006, pages 48-62. Springer.
  8. Frumkin, D. and Shamir, A. (2009). Un-trusted-HB: Security vulnerabilities of trusted-HB. IACR Cryptology ePrint Archive, 2009:44.
  9. Gilbert, H., Robshaw, M., and Sibert, H. (2005). Active attack against HB+: a provably secure lightweight authentication protocol. Electronics Letters, 41(21):1169-1170.
  10. Gilbert, H., Robshaw, M. J., and Seurin, Y. (2008a). : Increasing the security and efficiency of HB+. In Advances in Cryptology-EUROCRYPT 2008, pages 361-378. Springer.
  11. Gilbert, H., Robshaw, M. J., and Seurin, Y. (2008b). Good variants of HB+ are hard to find. In Financial Cryptography and Data Security, pages 156-170. Springer.
  12. Hopper, N. J. and Blum, M. (2000). A secure humancomputer authentication scheme. In Technical Report CMU-CS-00-139. Carnegie Mellon University.
  13. Hopper, N. J. and Blum, M. (2001). Secure human identification protocols. In Advances in cryptologyASIACRYPT 2001, pages 52-66. Springer.
  14. Juels, A. and Weis, S. A. (2005). Authenticating pervasive devices with human protocols. In Advances in Cryptology-CRYPTO 2005, pages 293-308. Springer.
  15. Katz, J. and Shin, J. S. (2006). Parallel and concurrent security of the HB and HB+ protocols. In Advances in Cryptology-EUROCRYPT 2006, pages 73- 87. Springer.
  16. Kearns, M. (1998). Efficient noise-tolerant learning from statistical queries. Journal of the ACM (JACM), 45(6):983-1006.
  17. Leng, X., Mayes, K., and Markantonakis, K. (2008). HBMP+ protocol: An improvement on the HB-MP protocol. In RFID, 2008 IEEE International Conference on, pages 118-124. IEEE.
  18. Levieil, Ó. and Fouque, P. A. (2006). An improved LPN algorithm. In Security and Cryptography for Networks, pages 348-359. Springer.
  19. Munilla, J. and Peinado, A. (2007). HB-MP: A further step in the HB-family of lightweight authentication protocols. Computer Networks, 51(9):2262-2267.
  20. Ouafi, K., Overbeck, R., and Vaudenay, S. (2008). On the security of HB# against a man-in-the-middle attack. In Advances in Cryptology-ASIACRYPT 2008, pages 108-124. Springer.
  21. Regev, O. (2009). On lattices, learning with errors, random linear codes, and cryptography. Journal of the ACM (JACM), 56(6):34.
Download


Paper Citation


in Harvard Style

Khoureich Ka A. (2015). hHB: A Harder HB+ Protocol . In Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015) ISBN 978-989-758-117-5, pages 163-169. DOI: 10.5220/0005500001630169


in Bibtex Style

@conference{secrypt15,
author={Ahmad Khoureich Ka},
title={hHB: A Harder HB+ Protocol},
booktitle={Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015)},
year={2015},
pages={163-169},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005500001630169},
isbn={978-989-758-117-5},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015)
TI - hHB: A Harder HB+ Protocol
SN - 978-989-758-117-5
AU - Khoureich Ka A.
PY - 2015
SP - 163
EP - 169
DO - 10.5220/0005500001630169