Good variants of HB+ are hard to find

被引:0
|
作者
Gilbert, Henri [1 ]
Robshaw, Matthew J. B. [1 ]
Seurin, Yannick [1 ]
机构
[1] Orange Labs, Issy Les Moulineaux, France
来源
FINANCIAL CRYPTOGRAPHY AND DATA SECURITY | 2008年 / 5143卷
关键词
HB+; RFID tags; authentication; LPN;
D O I
暂无
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
The strikingly simple HB+ protocol of Juels and Weis [11] has been proposed for the authentication of low-cost RFID tags. As well as being computationally efficient, the protocol is accompanied by ail elegant proof of security. After its publication, Gilbert et al. [8] demonstrated a simple man-in-the-middle attack that allowed ail attacker to recover the secret authentication keys. (The attack does not contradict the proof of security since the attacker lies outside the adversarial model.) Since then a range of schemes closely related to H+ have been proposed and these are intended to build on the security of HB+ while offering resistance to the attack of [8]. In this paper we show that many of these variants can still be attacked using the techniques of [8] and the original HB+ protocol remains the most attractive member of the HB+ family.
引用
收藏
页码:156 / 170
页数:15
相关论文
共 50 条