HB♭ protocol for lightweight authentication; Its information theoretic indistinguishability against MITM attack watching reader's response

A lightweight authentication protocol, based on the hardness of the Learning Parity with Noise (LPN) problem, was first designed by Hopper and Blum (HB) in 2001. The protocol is practical for low-cost pervasive devices like RFID, and a lot of varieties were investigated for further improvements about communication complexity and about security. In this paper, on HBb protocol recently proposed as an augmented version avoiding many practical drawbacks in the previously existing versions, we show that the information theoretic indistinguishability can be safely proven against MITM attack in which the attacker can utilize information obtained by watching response of the RFID reader to the communication signals intervened by the attacker. Through the proof, we find that the property holds for rather wide parameter range whereas very tiny range of parameter was indicated as an concrete example in the previous paper where the protocol was originally proposed.

[1]  Adi Shamir,et al.  Un-Trusted-HB: Security Vulnerabilities of Trusted-HB , 2009, IACR Cryptol. ePrint Arch..

[2]  Julien Bringer,et al.  Trusted-HB: A Low-Cost Version of HB $^+$ Secure Against Man-in-the-Middle Attacks , 2008, IEEE Transactions on Information Theory.

[3]  Xuefei Leng,et al.  HB-MP+ Protocol: An Improvement on the HB-MP Protocol , 2008, 2008 IEEE International Conference on RFID.

[4]  Manuel Blum,et al.  Secure Human Identification Protocols , 2001, ASIACRYPT.

[5]  Serge Vaudenay,et al.  On the Security of HB# against a Man-in-the-Middle Attack , 2008, ASIACRYPT.

[6]  Kristiyan Haralambiev,et al.  HBN: An HB-like protocol secure against man-in-the-middle attacks , 2011, IACR Cryptol. ePrint Arch..

[7]  Yannick Seurin,et al.  Good Variants of HB+ Are Hard to Find , 2008, Financial Cryptography.

[8]  Matthew J. B. Robshaw,et al.  An Active Attack Against HB +-A Provably Secure Lightweight Authentication Protocol , 2022 .

[9]  Ari Juels,et al.  Authenticating Pervasive Devices with Human Protocols , 2005, CRYPTO.

[10]  Yannick Seurin,et al.  HB#: Increasing the Security and Efficiency of HB+ , 2008, EUROCRYPT.

[11]  Kwangjo Kim,et al.  Securing HB+ against GRS Man-in-the-Middle Attack , 2007 .

[12]  Jorge Munilla,et al.  HB-MP: A further step in the HB-family of lightweight authentication protocols , 2007, Comput. Networks.

[13]  Julien Bringer,et al.  HB^+^+: a Lightweight Authentication Protocol Secure against Some Attacks , 2006, Second International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing (SecPerU'06).