Abstract
The limited computational resources available in RFID tags implied an intensive search for lightweight authentication protocols in the last years. The most promising suggestions were those of the HB-familiy (HB + , HB #, TrustedHB, ...) initially introduced by Juels and Weis, which are provably secure (via reduction to the Learning Parity with Noise (LPN) problem) against passive and some kinds of active attacks. Their main drawbacks are large amounts of communicated bits and the fact that all known HB-type protocols have been proven to be insecure with respect to certain types of active attacks. As a possible alternative, authentication protocols based on choosing random elements from L secret linear n-dimensional subspaces of GF(2)n + k (so called CKK-protocols) were introduced by Cichoń, Klonowski, and Kutyłowski. These protocols are special cases of (linear) (n,k,L)-protocols which we investigate in this paper. We present several active and passive attacks against (n,k,L)-protocols and propose (n,k,L) + + -protocols which we can prove to be secure against certain types of active attacks. We obtain some evidence that the security of (n,k,L)-protocols can be reduced to the hardness of the learning unions of linear subspaces (LULS) problem. We then present a learning algorithm for LULS based on solving overdefined systems of degree L in Ln variables. Under the hardness assumption that LULS-problems cannot be solved significantly faster, linear (n,k,L)-protocols (with properly chosen n,k,L) could be interesting for practical applications.
Chapter PDF
Similar content being viewed by others
References
Blass, E.-O., Kurmus, A., Molva, R., Noubir, G., Shikfa, A.: The F f -family of protocols for RFID-privacy and authentication, http://eprint.iacr.org/2008/476
Bosma, W., Cannon, J., Playoust, C.: The magma algebra system. i. the user language. J. Symbolic Comput. 24, 235–265 (1997)
Bringer, J., Chabanne, H.: Trusted-HB: A low cost version of HB + secure against a man-in-the-middle attack. IEEE Trans. Inform. Theor. 54, 4339–4342 (2008)
Cichoń, J., Klonowski, M., Kutyłowski, M.: Privacy protection for RFID with hidden subset identifiers. In: Indulska, J., Patterson, D.J., Rodden, T., Ott, M. (eds.) PERVASIVE 2008. LNCS, vol. 5013, pp. 298–314. Springer, Heidelberg (2008)
Dinur, I., Shamir, A.: Cube attacks on tweakable black box polynomials. Cryptology ePrint Archive, Report 2008/385 (2008), http://eprint.iacr.org
Dinur, I., Shamir, A.: Cube attacks on tweakable black box polynomials. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 278–299. Springer, Heidelberg (2009)
Gołębiewski, Z., Majcher, K., Zagórski, F.: Attacks on CKK family of RFID authentication protocols. In: Coudert, D., Simplot-Ryl, D., Stojmenovic, I. (eds.) ADHOC-NOW 2008. LNCS, vol. 5198, pp. 241–250. Springer, Heidelberg (2008)
Faugère, J.-C.: A new efficient algorithm for computing Gröbner bases (F4). J. Pure Appl. Algebra 139, 61–68 (1999)
Faugère, J.-C.: A new efficient algorithm for computing Gröbner basis without reduction to zero (F5). In: Mora, T. (ed.) ISSAC 2002, pp. 75–83. ACM Press, New York (2002)
Frumkin, D., Shamir, A.: Untrusted-HB: Security vulnerabilities of Trusted-HB. Cryptology ePrint Archive, Report 2009/044 (2009), http://eprint.iacr.org
Gilbert, H., Robshaw, M.J.B., Seurin, Y.: HB#: Increasing the security and efficiency of HB + . In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 361–378. Springer, Heidelberg (2008)
Gilbert, H., Robshaw, M.J.B., Sibert, H.: Active attack against HB + : A provable secure lightweight authentication protocol. Electronic Letters 41, 1169–1170 (2005)
Juels, A.: RFID privacy: A technical primer for the non-technical reader. In: Strandburg, K., Raicu, D.S. (eds.) Privacy and Technologies of Identity: A Cross-Disciplinary Conversation. Springer, Heidelberg (2005)
Juels, A., Weis, S.A.: Authenticating pervasive devices with human protocols. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 293–308. Springer, Heidelberg (2005)
Langheinrich, M.: A survey of RFID privacy approaches. J. Personal and Ubiquitous Comp. 13, 413–421 (2009)
Ouafi, K., Overbeck, R., Vaudenay, S.: On the security of HB# against a man-in-the-middle attack. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 108–124. Springer, Heidelberg (2008)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Krause, M., Stegemann, D. (2009). More on the Security of Linear RFID Authentication Protocols. In: Jacobson, M.J., Rijmen, V., Safavi-Naini, R. (eds) Selected Areas in Cryptography. SAC 2009. Lecture Notes in Computer Science, vol 5867. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-05445-7_12
Download citation
DOI: https://doi.org/10.1007/978-3-642-05445-7_12
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-05443-3
Online ISBN: 978-3-642-05445-7
eBook Packages: Computer ScienceComputer Science (R0)