Paper 2006/326

Analyzing the HB and HB+ Protocols in the ``Large Error'' Case

Jonathan Katz and Adam Smith

Abstract

HB and HB+ are two shared-key, unidirectional authentication protocols whose extremely low computational cost makes them potentially well-suited for severely resource-constrained devices. Security of these protocols is based on the conjectured hardness of learning parity with noise; that is, learning a secret s given ``noisy'' dot products of s that are incorrect with probability ϵ. Although the problem of learning parity with noise is meaningful for any constant ϵ<1/2, existing proofs of security for HB and HB+ only imply security when ϵ<1/4. In this note, we show how to extend these proofs to the case of arbitrary .

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Unknown where it was published
Keywords
RFID
Contact author(s)
jkatz @ cs umd edu
History
2006-09-28: received
Short URL
https://ia.cr/2006/326
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2006/326,
      author = {Jonathan Katz and Adam Smith},
      title = {Analyzing the {HB} and {HB}+ Protocols in the ``Large Error'' Case},
      howpublished = {Cryptology {ePrint} Archive, Paper 2006/326},
      year = {2006},
      url = {https://eprint.iacr.org/2006/326}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.