Parallel and Concurrent Security of the HB and HB+ Protocols
نویسندگان
چکیده
منابع مشابه
Practical Attacks on HB and HB+ Protocols
HB and HB+ are a shared secret-key authentication protocols designed for low-cost devices such as RFID tags. HB+ was proposed by Juels and Weis at Crypto 2005. The security of the protocols relies on the learning parity with noise (LPN) problem, which was proven to be NP-hard. The best known attack on LPN by Levieil and Fouque [13] requires subexponential number of samples and sub-exponential n...
متن کاملVariants of Hb Protocols for Rfid Security
Radio Frequency Identification (RFID) has received recently a great attention from large organizations and researchers due to the dropping tag costs and vigorous RFID standardization. They are becoming more common in daily use to identify, locate and track people, assets, and animals. Number of protocols has been proposed in the literature for the security of RFID against passive attacks. One o...
متن کاملHB#: Increasing the Security and Efficiency of HB+
The innovative HB protocol of Juels and Weis [10] extends device authentication to low-cost RFID tags. However, despite the very simple on-tag computation there remain some practical problems with HB and despite an elegant proof of security against some limited active attacks, there is a simple man-in-the-middle attack due to Gilbert et al. [8]. In this paper we consider improvements to HB in t...
متن کاملUn-Trusted-HB: Security Vulnerabilities of Trusted-HB
With increased use of passive RFID tags, the need for secure lightweight identification protocols arose. HB+ is one such protocol, which was proven secure in the detection-based model, but shown breakable by man-in-the-middle attacks. Trusted-HB is a variant of HB+, specifically designed to resist man-in-the-middle attacks. In this paper, we discuss several weaknesses of Trusted-HB, show that t...
متن کاملAnalyzing the HB and HB+ Protocols in the "Large Error" Case
HB and HB are two shared-key, unidirectional authentication protocols whose extremely low computational cost makes them potentially well-suited for severely resource-constrained devices. Security of these protocols is based on the conjectured hardness of learning parity with noise; that is, learning a secret s given “noisy” dot products of s that are incorrect with probability ε. Although the p...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Journal of Cryptology
سال: 2010
ISSN: 0933-2790,1432-1378
DOI: 10.1007/s00145-010-9061-2