A Novel Algorithm for Solving the LPN Problem and its Application to Security Evaluation of the HB Protocol for RFID Authentication

A novel algorithm for solving the LPN problem is proposed and analyzed. The algorithm originates from the recently proposed advanced fast correlation attacks, and it employs the concepts of decimation, linear combining, hypothesizing and minimum distance decoding. The proposed algorithm appears as more powerful than the best one previously reported known as the BKW algorithm. In fact the BKW algorithm is shown to be a special instance of the proposed algorithm, but without optimized parameters. An improved security evaluation of the HB protocol for RFID authentication is then developed. Employing the proposed algorithm, the security of the HB protocol is reevaluated, implying that the previously reported security margins appear as overestimated. keywords: cryptanalysis, LPN problem, fast correlation attacks, HB protocol, RFID authentication.

[1]  Elwyn R. Berlekamp,et al.  On the inherent intractability of certain coding problems (Corresp.) , 1978, IEEE Trans. Inf. Theory.

[2]  Thomas Siegenthaler,et al.  Decrypting a Class of Stream Ciphers Using Ciphertext Only , 1985, IEEE Transactions on Computers.

[3]  Manuel Blum,et al.  Secure Human Identification Protocols , 2001, ASIACRYPT.

[4]  Richard J. Lipton,et al.  Cryptographic Primitives Based on Hard Learning Problems , 1993, CRYPTO.

[5]  Hideki Imai,et al.  A unified analysis for the fast correlation attack , 2005, Proceedings. International Symposium on Information Theory, 2005. ISIT 2005..

[6]  Willi Meier,et al.  Fast correlation attacks on certain stream ciphers , 1989, Journal of Cryptology.

[7]  Jonathan Katzand,et al.  Parallel and Concurrent Security of the HB and HB + Protocols , 2006 .

[8]  David A. Wagner,et al.  A Generalized Birthday Problem , 2002, CRYPTO.

[9]  Hideki Imai,et al.  A General Formulation of Algebraic and Fast Correlation Attacks Based on Dedicated Sample Decimation , 2006, AAECC.

[10]  Antoine Joux,et al.  Fast Correlation Attacks: An Algorithmic Point of View , 2002, EUROCRYPT.

[11]  Florent Chabaud,et al.  On the Security of Some Cryptosystems Based on Error-correcting Codes , 1994, EUROCRYPT.

[12]  Oded Regev,et al.  On lattices, learning with errors, random linear codes, and cryptography , 2005, STOC '05.

[13]  Ari Juels,et al.  Authenticating Pervasive Devices with Human Protocols , 2005, CRYPTO.

[14]  Hideki Imai,et al.  Cryptanalysis of Keystream Generator by Decimated Sample Based Algebraic and Fast Correlation Attacks , 2005, INDOCRYPT.

[15]  Hideki Imai,et al.  Fast Correlation Attack Algorithm with List Decoding and an Application , 2001, FSE.