Skip to main content
SpringerLink
Log in

HB − MAC: Improving the Random − HB # Authentication Protocol

  • Conference paper
Trust, Privacy and Security in Digital Business (TrustBus 2009)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5695))

Abstract

The Random − HB # protocol is a significant improvement of the HB  +  protocol introduced by Juels and Weis for the authentication of low-cost RFID tags. Random − HB # improves HB  +  in terms of both security and practicality. It is provably resistant against man-in-the-middle attacks, where the adversary can modify messages send from the reader to the tag and performs significantly better than HB  + , since it reduces the transmission costs and provides more practical error rates. The only problem with Random − HB # is that the storage costs for the secret keys are insurmountable to low cost tags. The designers of the protocol have proposed also an enhanced variant which has less storage requirements, but it is not supported by a security proof. They call this variant just HB #. In this paper we propose a variant of the Random − HB #. The new proposal maintains the performance of the Random − HB #, but it requires significantly less storage for the key. To achieve that we add a lightweight message authentication code to protect the integrity of all the exchanged messages.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Bringer, J., Chabanne, H., Dottax, E.: HB  + + : a Lightweight Authentication Protocol Secure against Some Attacks. In: IEEE International Conference on Pervasive Sevices, Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing - SecPerU (2006)

    Google Scholar 

  2. Duc, D.N., Kim, K.: Securing HB  +  against GRS Man-in-the- Middle Attack. In: Proceedings of the Symposium on Cryptography and Information Security, SCIS 2007 (2007)

    Google Scholar 

  3. EPCGLOBAL, http://www.epcglobalinc.org/

  4. Feldhofer, M., Dominikus, S., Wolkerstorfer, J.: Strong authentication for RFID systems using the AES algorithm. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 357–370. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  5. Gilbert, H., Robshaw, M., Silbert, H.: An Active Attack against HB  + -a Provable Secure Lightweighted Authentication Protocol. Cryptology ePrint Archive, Report 2005/237 (2005) http://eprint.iacr.org

  6. Gilbert, H., Robshaw, M.J.B., Seurin, Y.: HB #: Increasing the security and efficiency of HB  + . In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 361–378. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  7. Hopper, N.J., Blum, M.: Secure human identification protocols. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 52–66. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  8. Juels, A., Weis, S.A.: Authenticating Pervasive Devices with Human Protocols. In: Proceedings of Crypto 2005. LNCS, vol. 3126, pp. 293–308. Springer, Heidelberg (2005)

    Google Scholar 

  9. Katz, J., Shin, J.S.: Parallel and concurrent security of the HB and HB +  protocols. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 73–87. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  10. Katz, J., Smith, A.: Analyzing the HB and HB  +  Protocols in the Large Error Case, http://eprint.iacr.org/2006/326.pdf

  11. Krawczyk, H.: LFSR-based hashing and authentication. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 129–139. Springer, Heidelberg (1994)

    Google Scholar 

  12. Munilla, J., Peinado, A.: HP-MP: A Further Step in the HB-family of Lightweight authentication protocols. Computer Networks 51, 2262–2267 (2007)

    Article  MATH  Google Scholar 

  13. Ouafi, K., Overbeck, R., Vaudenay, S.: On the security of HB# against a man-in-the-middle attack. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 108–124. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  14. Piramuthu, S.: HB and Related Lightweight Authentication Protocols for Secure RFID Tag/Reader Authentication. In: CollECTeR Europe Conference, Basel, Switzerland, June 9-10 (2006)

    Google Scholar 

  15. Piramuthu, S., Tu, Y.: Modified HB Authentication Protocol. In: Western European Workshop on Research in Cryptology, Germany (July 2007)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dep. of Inf. and Comm. Syst. Eng., University of the Aegean, Karlovassi, GR-83200, Samos, Greece

    Panagiotis Rizomiliotis

Authors
  1. Panagiotis Rizomiliotis
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, Karlstad University, Universitetsgatan 2, 651 88, Karlstad, Sweden

    Simone Fischer-Hübner

  2. Laboratory of Information and Communication Systems Security, Department of Information and Communication Systems Engineering, University of the Aegean, 83200, Karlovassi, Samos, Greece

    Costas Lambrinoudakis

  3. Department of Management Information Systems, University of Regensburg, Universitätsstraße 31, 93053, Regensburg, Germany

    Günther Pernul

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Rizomiliotis, P. (2009). HB − MAC: Improving the Random − HB # Authentication Protocol. In: Fischer-Hübner, S., Lambrinoudakis, C., Pernul, G. (eds) Trust, Privacy and Security in Digital Business. TrustBus 2009. Lecture Notes in Computer Science, vol 5695. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-03748-1_16

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-03748-1_16

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-03747-4

  • Online ISBN: 978-3-642-03748-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation