Paper 2008/028

HB#: Increasing the Security and Efficiency of HB+

Henri Gilbert, Matthew J. B. Robshaw, and Yannick Seurin

Abstract

The innovative HB+ protocol of Juels and Weis [10] extends device authentication to low-cost RFID tags. However, despite the very simple on-tag computation there remain some practical problems with HB+ and despite an elegant proof of security against some limited active attacks, there is a simple man-in-the-middle attack due to Gilbert et al. [8]. In this paper we consider improvements to HB+ in terms of both security and practicality. We introduce a new protocol that we denote random-HB#. This proposal avoids many practical drawbacks of HB+, remains provably resistant to attacks in the model of Juels and Weis, and at the same time is provably resistant to a broader class of active attacks that includes the attack of [8]. We then describe an enhanced variant called HB# which offers practical advantages over HB+.

Note: This is the full version with appendices of the EUROCRYPT 2008 paper.

Metadata
Available format(s)
PDF PS
Category
Cryptographic protocols
Publication info
Published elsewhere. Published at Eurocrypt 2008
Keywords
HB+RFID tagsauthenticationLPNToeplitz matrix
Contact author(s)
yannick seurin @ orange-ftgroup com
History
2008-01-22: received
Short URL
https://ia.cr/2008/028
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2008/028,
      author = {Henri Gilbert and Matthew J. B.  Robshaw and Yannick Seurin},
      title = {HB#: Increasing the Security and Efficiency of HB+},
      howpublished = {Cryptology ePrint Archive, Paper 2008/028},
      year = {2008},
      note = {\url{https://eprint.iacr.org/2008/028}},
      url = {https://eprint.iacr.org/2008/028}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.