Trusted-HB: a low-cost version of HB+ secure against Man-in-The-Middle attacks

Since the introduction at Crypto'05 by Juels and Weis of the protocol HB+, a lightweight protocol secure against active attacks but only in a detection based-model, many works have tried to enhance its security. We propose here a new approach to achieve resistance against Man-in-The-Middle attacks. Our requirements - in terms of extra communications and hardware - are surprisingly low.

💡 Research Summary

The paper addresses a critical vulnerability of the lightweight RFID authentication protocol HB+, originally introduced by Juels and Weis in 2005. While HB+ offers protection against passive and active attacks based on the hardness of the Learning Parity with Noise (LPN) problem, it remains susceptible to a Man‑in‑the‑Middle (MiTM) attack described by Gilber, Robshaw, and Sibert. In that attack, an adversary positioned between the reader and the tag can modify each challenge vector a by XOR‑ing a secret delta δ, thereby learning the inner product δ·x bit‑by‑bit and eventually recovering the secret key x. This breaks the protocol because the attacker gains exactly the information needed to solve the underlying LPN instance.

To remedy this, the authors propose “Trusted‑HB”, a two‑phase augmentation of HB+ that adds only minimal communication and hardware overhead. In the first phase, the standard HB+ rounds are executed unchanged. The tag and reader share two secret vectors x (≈80 bits) and y (≈512 bits) and perform r iterations of the classic HB+ exchange, generating a sequence of noise bits ν_i. The reader can recover each ν_i by recomputing z_i ⊕ a_i·x ⊕ b_i·y. The second phase uses this noise vector to derive a one‑time pad e via a randomness extractor E, and then authenticates the entire transcript (a₀,b₀,z₀,…,a_{r‑1},b_{r‑1},z_{r‑1}) with a linear hash function h chosen from an ε‑balanced family H. The final authentication tag sent by the tag is

 t = h(a₀,b₀,z₀,…,a_{r‑1},b_{r‑1},z_{r‑1}) ⊕ e.

The hash family H is instantiated using the Toeplitz construction based on a linear‑feedback shift register (LFSR), as described by Kra​wczyk (1994). This construction is attractive for RFID tags because it requires only a few XOR gates and an LFSR, allowing the hash to be computed incrementally with a single accumulator register, independent of the message length m. The family is ε‑balanced (ε ≤ m/2ⁿ) and thus provides an ε‑secure message‑authentication code (MAC) when the one‑time pad e is uniformly random.

Security analysis hinges on two assumptions: (1) the MAC derived from H is ε‑secure, and (2) the extractor E produces a pseudorandom pad e that is unknown to the adversary. Under these conditions, any MiTM adversary who tampers with challenges or responses can succeed in forging a valid tag with probability at most ε (Theorem 1). The proof observes that to forge a valid tag the adversary must produce a noise vector ν′ consistent with the modified transcript; however, recovering ν′ requires solving the LPN instance for (x, y), which is assumed to be computationally infeasible. Consequently, the attacker’s advantage collapses to the negligible ε of the MAC.

Implementation considerations are carefully discussed. The Toeplitz hash can be realized with an LFSR of degree n, where each output bit is the dot product of the input block with the current LFSR state. This yields a hardware footprint of only a few dozen gates, well within the constraints of typical RFID tags. The extractor E can be instantiated with the von Neumann procedure, which converts a biased source (the noise bits with bias η≈0.25) into an unbiased bitstream. For the parameters chosen in the paper (η=0.25, k₁=80, k₂=512, r=1164, u=0.34), the probability of falsely rejecting a legitimate tag is about 2⁻⁴⁰, while the probability of a random guess passing authentication is about 2⁻⁸⁰. The final MAC length after extraction averages 218 bits; the protocol can be configured to use the first 101 bits, achieving ε ≤ 2⁻⁸⁰. The extra communication consists of a single additional round (the same number of rounds as the original HB+), and the computational cost per round is essentially unchanged.

In summary, Trusted‑HB preserves the ultra‑lightweight nature of HB+ while providing a formal defense against MiTM attacks. By coupling a low‑cost LFSR‑based Toeplitz hash with a noise‑derived one‑time pad, the scheme adds only one extra round of communication and a handful of simple logic gates. The authors demonstrate that this modest augmentation yields a provably secure MAC with negligible forgery probability, making it a practical solution for low‑cost RFID tags that require resistance to active network adversaries.