Abstract
The strikingly simple HB∈+∈ protocol of Juels and Weis [11] has been proposed for the authentication of low-cost RFID tags. As well as being computationally efficient, the protocol is accompanied by an elegant proof of security. After its publication, Gilbert et al. [8] demonstrated a simple man-in-the-middle attack that allowed an attacker to recover the secret authentication keys. (The attack does not contradict the proof of security since the attacker lies outside the adversarial model.) Since then a range of schemes closely related to HB∈+∈ have been proposed and these are intended to build on the security of HB∈+∈ while offering resistance to the attack of [8]. In this paper we show that many of these variants can still be attacked using the techniques of [8] and the original HB∈+∈ protocol remains the most attractive member of the HB∈+∈ family. © 2008 Springer-Verlag Berlin Heidelberg.
Author supplied keywords
Cite
CITATION STYLE
Gilbert, H., Robshaw, M. J. B., & Seurin, Y. (2008). Good variants of HB∈+∈ are hard to find. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 5143 LNCS, pp. 156–170). https://doi.org/10.1007/978-3-540-85230-8_12
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
