GHB #: A provably secure HB-like lightweight authentication protocol

Abstract

RFID technology constitutes a fundamental part of what is known as the Internet of Things; i.e. accessible and interconnected machines and everyday objects that form a dynamic and complex environment. In order to secure RFID tags in a cost-efficient manner, the last few years several lightweight cryptography-based tag management protocols have been proposed. One of the most promising proposals is the HB + protocol, a lightweight authentication protocol that is supported by an elegant security proof against all passive and a subclass of active attackers based on the hardness of the Learning Parity with Noise (LPN) problem. However, the HB + was shown to be weak against active man-in-the-middle (MIM) attacks and for that several variants have been proposed. Yet, the vast majority of them has been broken. In this paper, we introduce a new variant of the HB + protocol that can provably resist MIM attacks. More precisely, we improve the security of another recently proposed variant, the HB # protocol by taking advantage of the properties of the well studied Gold power functions. The new authentication protocol is called GHB # and its security can be reduced to the LPN problem. Finally, we show that the GHB # remains practical and lightweight. © 2012 Springer-Verlag.