论文信息 - Using HB Family of Protocols for Privacy-Preserving Authentication of RFID Tags in a Population

Using HB Family of Protocols for Privacy-Preserving Authentication of RFID Tags in a Population

In this paper, we propose an HB-like protocol for privacy-preserving authentication of RFID tags, whereby a tag can remain anonymous and untraceable to an adversary during the authentication process. Previous proposals of such protocols were based on PRF computations. Our protocol can instead be used on low-cost tags that may be incapable of computing standard PRFs. Moreover, since the underlying computations in HB protocols are very efficient, our protocol also reduces reader load compared to PRF-based protocols. We suggest a tree-based approach that replaces the PRF-based authentication from prior work with a procedure such as HB+ or HB#. We optimize the tree- traversal stage through usage of a "light version" of the underlying protocol and shared random challenges across all levels of the tree. This provides significant reduction of the communication resources, resulting in a privacy-preserving protocol almost as efficient as the underlying HB+ or HB#

Shai Halevi | Nitesh Saxena | Tzipora Halevi

[1] Ari Juels,et al. Authenticating Pervasive Devices with Human Protocols , 2005, CRYPTO.

[2] Yannick Seurin,et al. HB#: Increasing the Security and Efficiency of HB+ , 2008, EUROCRYPT.

[3] Jonathan Katzand,et al. Parallel and Concurrent Security of the HB and HB + Protocols , 2006 .

[4] Manuel Blum,et al. Secure Human Identification Protocols , 2001, ASIACRYPT.

[6] Hugo Krawczyk,et al. The Shrinking Generator , 1994, CRYPTO.

[7] David A. Wagner,et al. A Scalable, Delegatable Pseudonym Protocol Enabling Ownership Transfer of RFID Tags , 2005, IACR Cryptol. ePrint Arch..

[8] Éric Levieil,et al. An Improved LPN Algorithm , 2006, SCN.

[9] Jonathan Katz,et al. Parallel and Concurrent Security of the HB and HB+ Protocols , 2006, EUROCRYPT.

[10] Mike Burmester,et al. Robust, anonymous RFID authentication with constant key-lookup , 2008, ASIACCS '08.

[11] Matthew J. B. Robshaw,et al. An Active Attack Against HB +-A Provably Secure Lightweight Authentication Protocol , 2022 .

[12] Phillip Rogaway,et al. How to Encipher Messages on a Small Domain , 2009, CRYPTO.

[13] Jonathan Katz,et al. Analyzing the HB and HB+ Protocols in the "Large Error" Case , 2006, IACR Cryptol. ePrint Arch..

[14] Serge Vaudenay,et al. On the Security of HB# against a Man-in-the-Middle Attack , 2008, ASIACRYPT.