International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Paper: Analyzing the HB and HB+ Protocols in the ``Large Error'' Case

Authors:
Jonathan Katz
Adam Smith
Download:
URL: http://eprint.iacr.org/2006/326
Search ePrint
Search Google
Abstract: HB and HB+ are two shared-key, unidirectional authentication protocols whose extremely low computational cost makes them potentially well-suited for severely resource-constrained devices. Security of these protocols is based on the conjectured hardness of learning parity with noise; that is, learning a secret $s$ given ``noisy'' dot products of $s$ that are incorrect with probability $\epsilon$. Although the problem of learning parity with noise is meaningful for any constant $\epsilon < 1/2$, existing proofs of security for HB and HB+ only imply security when $\epsilon < 1/4$. In this note, we show how to extend these proofs to the case of arbitrary $\epsilon < 1/2$.
BibTeX
@misc{eprint-2006-21817,
  title={Analyzing the HB and HB+ Protocols in the ``Large Error'' Case},
  booktitle={IACR Eprint archive},
  keywords={cryptographic protocols / RFID},
  url={http://eprint.iacr.org/2006/326},
  note={ jkatz@cs.umd.edu 13418 received 26 Sep 2006},
  author={Jonathan Katz and Adam Smith},
  year=2006
}