SQUASH - A New MAC with Provable Security Properties for Highly Constrained Devices Such as RFID Tags

We describe a new function called SQUASH(which is short for SQUare-hASH), which is ideally suited to challenge-response MAC applications in highly constrained devices such as RFID tags. It is exceptionally simple, requires no source of random bits, and can be efficiently implemented on processors with arbitrary word sizes. Unlike other ad-hoc proposals which have no security analysis, SQUASH is provably at least as secure as Rabin's public key encryption scheme in this application.

[1]  Alfredo De Santis,et al.  Advances in Cryptology — EUROCRYPT'94 , 1994, Lecture Notes in Computer Science.

[2]  Serge Vaudenay,et al.  Advances in Cryptology - EUROCRYPT 2006 , 2006, Lecture Notes in Computer Science.

[3]  Adi Shamir,et al.  Memory Efficient Variants of Public-Key Schemes for Smart Card Applications , 1994, EUROCRYPT.

[4]  Tanja Lange,et al.  Progress in Cryptology - INDOCRYPT 2006, 7th International Conference on Cryptology in India, Kolkata, India, December 11-13, 2006, Proceedings , 2006, INDOCRYPT.

[5]  Hideki Imai,et al.  An Algorithm for Solving the LPN Problem and Its Application to Security Evaluation of the HB Protocols for RFID Authentication , 2006, INDOCRYPT.

[6]  Jacques Patarin,et al.  QUAD: A Practical Stream Cipher with Provable Security , 2006, EUROCRYPT.

[7]  Martin Hell,et al.  A Stream Cipher Proposal: Grain-128 , 2006, 2006 IEEE International Symposium on Information Theory.

[8]  M. Rabin DIGITALIZED SIGNATURES AND PUBLIC-KEY FUNCTIONS AS INTRACTABLE AS FACTORIZATION , 1979 .

[9]  Éric Levieil,et al.  An Improved LPN Algorithm , 2006, SCN.

[10]  Jorge Munilla,et al.  HB-MP: A further step in the HB-family of lightweight authentication protocols , 2007, Comput. Networks.

[11]  Ari Juels,et al.  Authenticating Pervasive Devices with Human Protocols , 2005, CRYPTO.

[12]  Matthew J. B. Robshaw,et al.  An Active Attack Against HB +-A Provably Secure Lightweight Authentication Protocol , 2022 .

[13]  Julien Bringer,et al.  HB^+^+: a Lightweight Authentication Protocol Secure against Some Attacks , 2006, Second International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing (SecPerU'06).

[14]  Victor Shoup Advances in Cryptology - CRYPTO 2005: 25th Annual International Cryptology Conference, Santa Barbara, California, USA, August 14-18, 2005, Proceedings , 2005, CRYPTO.

[15]  Manuel Blum,et al.  A Secure Human-Computer Authentication Scheme , 2000 .