|
|
- 2017
对HB#协议的代数分析*
|
Abstract:
HB协议是一类对计算要求极低的认证协议,并且能够抵抗量子攻击. 因此,它非常适合于移动和物联网环境,而这种无线通信环境要求HB协议应该具有抗中间人攻击的能力. 基于此,设计了一种对HB#协议进行中间人攻击的代数分析方法,在这种代数攻击中,认证密钥可以被快速地恢复出来. 这一攻击方法建立在 中一类多元二次方程组的解的基础之上. 因此,首先找到了这类方程组有解的充分必要条件和求解算法,然后利用这一结果来对HB#协议进行中间人攻击.
: HB-like protocols are such a kind of authentication protocols that require low computational resource and promise to resist quantum attacks. They are especially suitable for mobile applications and the Internet of Things (IoT). However, the wireless communications in these environments have compelled that HB-like protocols should be able to resist the man-in-the-middle (MIM) attacks. In this vein, this paper proposes an algebraic MIM attack to a recently presented HB# authentication protocol which is claimed to resist MIM attacks. During this attack, the authentication keys can be totally recovered efficiently. The proposed attacking method is based on the solutions to a system of quadratic equations of multi-variables over . Hence, the necessary and sufficient conditions for this system of equations being solvable have been found in advance. Then, an algebraic attack to HB# protocol has been presented accordingly
| [1] | Hopper N J and Blum M. Secure human identification protocols [C], ASIACRYPT, Lecture Notes in Computer Science, 2001,vol.2248, 52-66. |
| [2] | Gilbert H, Robshaw M.J.B and Seurin Y. HB#:Increasing the security and efficiency of HB+ [C]. EUROCRYPT, Lecture Notes in Computer Science, 2008, Vol.4965, 361-378. |
| [3] | Kiltz E, Pietrzak K and Cash D. Efficient Authentication from Hard Learning Problems [C]. EUROCRYPT, Lecture Notes in Computer Science, 2011, Vol 6632, 7-26. |
| [4] | Avoine G, Coisel I and Martin T. Untraceability Model for RFID [J]. IEEE Transactions on Mobile Computing, 2014,13 (10): 2397-2405. |
| [5] | Ouafi K,Overback R and Vaudenay S. On the Security of HB# Against a Man-in-the-Middle Attack [C]. ASIACRYPT, Lecture Notes in Computer Science, 2008, Vol.5350, 108-124. |
| [6] | Courtois N, Klimov A and Patarin J, et al.. Efficient Algorithms for Solving Overdefined Systems of Multivariate Polynomial Equations [C], EUROCRYPT, Lecture Notes in Computer Science, 2000, Vol. 1807, 392–407. |
| [7] | Ma Chang-She and Weng Jian. Radio Frequency Identification System Security-Proceedings of RFIDSec Asia Workshop [M]. 2013, IOS press, 2013:56-62. |
| [8] | Guo Qian, Johansson T and L?ndahl C. Solving LPN Using Covering Codes [C],ASIACRYPT, Lecture Notes in Computer Science, 2014,Vol.8873, 1-20. |
| [9] | Lyubashevsky V and Masny D. Man-in-the-Middle Secure Authentication Schemes from LPN and Weak PRFs [C]. CRYPTO, Lecture Notes in Computer Science, 2013, Vol. 8043, 308-325. |
| [10] | 唐静,姬东耀.基于LPN问题的RFID安全协议设计与分析[J].电子与信息学报,2009, 31 (2):439-443. |
| [11] | Brualdi R.A and Feng Su. Introductory Combinatorics [M], Fifth Edition, Beijing, China Machine Press, 2012:53-56. |
| [12] | Blum A, Kalai A and Wasserman H. Noise-tolerant learning, the parity problem and the statistical query model [C], STOC, 2000, 435-440. |
| [13] | Gilbert H, Robshaw M J.B and Seurin Y . How to Encrypt with the LPN Problem [C], ICALP , 2008, pp. 679-690. |
| [14] | Kiltz E, Masn D and Pietrzak K. Simple Chosen-Ciphertext Security from Low-Noise LPN [C], PKC , Lecture Notes in Computer Science, 2014, Vol.8383, 1-18. |
| [15] | 周世杰,张文清,罗嘉庆.射频识别(RFID)隐私保护技术综述[J]. 软件学报, 2015, 26 (4):960?976. |
| [16] | Juels A and Weis S. Authenticating pervasive devices with human protocols [C], CRYPTO, Lecture Notes in Computer Science, 2005, vol.3621, 293-308. |
| [17] | 马昌社.前向隐私安全的低成本RFID认证协议[J]. 计算机学报,2011,34 (8) :1387-1398. |
| [18] | Li Ying-Jiu, Robert D and Ma Chang-She. On Two RFID Privacy Notions and Their Relations [J]. ACM Transaction and System Security, 2011, 14 (4):68-85. |
| [19] | Gilbert H, Robshaw M.J.B. and Sibert H. An Active Attack Against HB+ -A Provably Secure Lightweight Authentication Protocol[J]. IEEE Electronics Letters, 2005, 41 (21), 1169-1170. |
| [20] | Courtois N and Meier W. Algebraic Attacks on Stream Ciphers with Linear Feedback [C], EUROCRYPT, Lecture Notes in Computer Science, 2003, Vol. 2656, 345–359 . |
| [21] | Blum A, Furst M and Kearns M, et al.. Cryptographic primitives based on hard learning pronlems [C]. CRYPTO, Lecture Notes in Computer Science, 1993, Vol.773, 278-291. |
| [22] | Kosei E and Noboru K. Security Analysis on AUTH Protocol and Its Variant against the Man-in-the-Middle Attack [C]. IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences, 2015, Vol. E98-A, 153-161. |
