Cryptology ePrint Archive: Report 2008/028
HB#: Increasing the Security and Efficiency of HB+
Henri Gilbert and Matthew J.B. Robshaw and Yannick Seurin
Abstract: The innovative HB+ protocol of Juels and Weis  extends device authentication to low-cost RFID tags. However, despite the very simple on-tag computation there remain some practical problems with HB+ and despite an elegant proof of security against some limited active attacks, there is a simple man-in-the-middle attack due to Gilbert et al. . In this paper we consider improvements to HB+ in terms of both security and practicality. We introduce a new protocol that we denote random-HB#. This proposal avoids many practical drawbacks of HB+, remains provably resistant to attacks in the model of Juels and Weis, and at the same time is provably resistant to a broader class of active attacks that includes the attack of . We then describe an enhanced variant called HB# which offers practical advantages over HB+.
Category / Keywords: cryptographic protocols / HB+, RFID tags, authentication, LPN, Toeplitz matrix
Publication Info: Published at Eurocrypt 2008
Date: received 22 Jan 2008
Contact author: yannick seurin at orange-ftgroup com
Available formats: Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation
Note: This is the full version with appendices of the EUROCRYPT 2008 paper.
Version: 20080122:133006 (All versions of this report)
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]