On the Relation Between Security Models for HB-like Symmetric Key Authentication Protocols

  • Miaomiao ZhangEmail author
Conference paper
Part of the Lecture Notes in Networks and Systems book series (LNNS, volume 70)


The purpose of this paper is to provide a basis and comprehensive view for evaluating security models in the context of HB-like symmetric key authentication protocol development. We consider the man-in-the-middle security in the concurrent setting and proposed a new security notion, c2MIM, which we believe is simple and nature. A number of existing security models including our c2MIM are summarized and compared. Some general considerations for designing and using security models are presented.


Man-in-the-Middle Security models Authentication HB 


  1. 1.
    Angluin, D., Laird, P.D.: Learning from noisy examples. Mach. Learn. 2(4), 343–370 (1987)Google Scholar
  2. 2.
    Bellare, M., Rompel, J.: Randomness-efficient oblivious sampling. In: 35th Annual Symposium on Foundations of Computer Science, pp. 276–287. IEEE (1994)Google Scholar
  3. 3.
    Bellare, M., Fischlin, M., Goldwasser, S., Micali, S.: Identification protocols secure against reset attacks. In: Pfitzmann, B. (ed.) Advances in Cryptology, EUROCRYPT 2001: International Conference on the Theory and Application of Cryptographic Techniques, pp. 495–511. Springer, Berlin, Heidelberg (2001)Google Scholar
  4. 4.
    Bellare, M., Palacio, A.: GQ and Schnorr identification schemes: Proofs of security against impersonation under active and concurrent attacks. In: Yung, M. (ed.) Advances in Cryptology—CRYPTO 2002, pp. 162–177. Springer, Berlin, Heidelberg (2002)CrossRefGoogle Scholar
  5. 5.
    Bernstein, D.J., Lange, T.: Never trust a bunny. IACR Cryptology ePrint Archive, vol. 2012, 355 (2012)Google Scholar
  6. 6.
    Blum, A., Kalai, A., Wasserman, H.: Noise-tolerant learning, the parity problem, and the statistical query model. J. ACM (JACM) 50(4), 519 (2003)MathSciNetCrossRefGoogle Scholar
  7. 7.
    Blum, A., Furst, M.L., Kearns, M.J., Lipton, R.J.: Cryptographic primitives based on hard learning problems. In: Proceedings of the 13th Annual International Cryptology Conference on Advances in Cryptology, CRYPTO ’93, pp. 278–291. Springer, London, UK (1993)Google Scholar
  8. 8.
    Bosley, C., Haralambiev, K., Nicolosi, A.: \({\sf HB^N}\): a variant of HB secure against man-in-the-middle attacks (2011)Google Scholar
  9. 9.
    Bringer, J., Chabanne, H.: Trusted-HB: HB against man-in-the-middle attacks. EPrintGoogle Scholar
  10. 10.
    Bringer, J., Chabanne, H.: Trusted-HB: a low-cost version of HB secure against man-in-the-middle attacks. arXiv (2008)Google Scholar
  11. 11.
    Bringer, J., Chabanne, H., Dottax, E.: HB\(^{\text{++}}\): a lightweight authentication protocol secure against some attacks. In: Second International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing (SecPerU 2006), pp. 28–33. IEEE Computer Society (2006)Google Scholar
  12. 12.
    Cash, D., Kiltz, E., Tessaro, S.: Two-round man-in-the-middle security from LPN. In:Theory of Cryptography: 13th International Conference. TCC 2016-A, Tel Aviv, Israel, 10–13 Jan 2016, Proceedings, Part I, pp. 225–248. Springer, Berlin, Heidelberg (2016)Google Scholar
  13. 13.
    Damgård, I., Park, S.: Towards optimally efficient secret-key authentication from PRG. Cryptology ePrint Archive, Report 2014/426 (2014)Google Scholar
  14. 14.
    Dodis, Y., Kiltz, E., Pietrzak, K., Wichs, D.: Message authentication, revisited. In: Advances in Cryptology—EUROCRYPT 2012—31st Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings, pp. 355–374, Cambridge, UK, 15–19 Apr 2012Google Scholar
  15. 15.
    Duc, D., Kim, K.: Securing HB against GRS man-in-the-middle attack. (2008)Google Scholar
  16. 16.
    Endo, K., Kunihiro, N.: On the security proof of an authentication protocol from eurocrypt 2011. In: Yoshida, M., Mouri, K. (eds.) Advances in Information and Computer Security: 9th International Workshop on Security, IWSEC 2014, Proceedings, pp. 187–203, Hirosaki, Japan, 27–29 Aug 2014. Springer International Publishing (2014)zbMATHGoogle Scholar
  17. 17.
    Frumkin, D., Shamir, A.: Un-Trusted-HB: Security Vulnerabilities of Trusted-HB. EPrint (2009)Google Scholar
  18. 18.
    Gilbert, H., Robshaw, M., Seurin, Y.: Good variants of HB\(^{+}\) are hard to find. In: Proceedings of Financial Cryptography and Data Security, pp. 156–170 (2008)Google Scholar
  19. 19.
    Gilbert, H., Robshaw, M., Seurin, Y.: HB\(^{\#}\): increasing the security and efficiency of HB. In: Proceedings of EUROCRYPT, vol. 4965, pp. 361–378 (2008)Google Scholar
  20. 20.
    Gilbert, H., Robshaw, M., Sibert, H.: Active attack against HB\(^{+}\): a provably secure lightweight authentication protocol. Electron. Lett. 4(21), 1169–1170 (2005)CrossRefGoogle Scholar
  21. 21.
    Heyse, S., Kiltz, E., Lyubashevsky, V., Paar, C., Pietrzak, K.: Lapin: an efficient authentication protocol based on ring-LPN. In: FSE, pp. 346–365 (2012)CrossRefGoogle Scholar
  22. 22.
    Hopper, N., Blum, M.: Secure human identification protocols. In: Proceedings of ASIACRYPT (2001)CrossRefGoogle Scholar
  23. 23.
    Juels, A., Weis, S.: Authenticating pervasive devices with human protocols. In: Proceedings of CRYPTO, pp. 293–308 (2005)CrossRefGoogle Scholar
  24. 24.
    Katz, J., Shin, J.S.: Parallel and concurrent security of the HB and HB\(^{+}\) protocols. Eurocrypt (2006)Google Scholar
  25. 25.
    Katz, J., Shin, J.S., Smith, A.: Parallel and concurrent security of the HB and HB\(^{+}\) protocols. J. Cryptology 23(3), 402–421 (2010)MathSciNetCrossRefGoogle Scholar
  26. 26.
    Kearns, M.: Efficient noise-tolerant learning from statistical queries. In: Proceedings of the 25th ACM Symposium on Theory of Computing, pp. 392–401. ACM (1993)Google Scholar
  27. 27.
    Kiltz, E., Pietrzak, K., Cash, D., Jain, A., Venturi, D.: Efficient authentication from hard learning problems. In: Proceedings of Eurocrypt, pp. 7–26 (2011)CrossRefGoogle Scholar
  28. 28.
    Leng, X., Mayes, K., Markantonakis, K.: HB-MP+ protocol: an improvement on the HB-MP protocol. In: 2008 IEEE International Conference on RFID (2008)Google Scholar
  29. 29.
    Lyubashevsky, V., Masny, D.: Man-in-the-middle secure authentication schemes from LPN and weak PRFs. In: Advances in Cryptology—CRYPTO 2013—33rd Annual Cryptology Conference, Santa Barbara, CA, USA, 18–22 Aug 2013. Proceedings, Part II, pp. 308–325 (2013)Google Scholar
  30. 30.
    Munilla, J., Peinado, A.: HB-MP: a further step in the HB-family of lightweight authentication protocols. Comput. Netw. 51(9), 2262–2267 (2007)CrossRefGoogle Scholar
  31. 31.
    Ouafi, K., Overbeck, R., Vaudenay, S.: On the security of HB\(^{\#}\) against a man-in-the-middle attack. In: Proceedings of ASIACRYPT (2008)Google Scholar
  32. 32.
    Pietrzak, K.: Subspace LWE (2010), manuscript available at
  33. 33.
    Rizomiliotis, P., Gritzalis, S.: GHB#: A Provably Secure HB-Like Lightweight Authentication Protocol, pp. 489–506. Springer, Berlin, Heidelberg (2012)CrossRefGoogle Scholar
  34. 34.
    Rizomiliotis, P., Gritzalis, S.: Revisiting lightweight authentication protocols based on hard learning problems. In: Proceedings of the Sixth ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec’13, pp. 125–130. ACM, New York, NY, USA (2013)Google Scholar
  35. 35.
    Yao, D.D.A.: On the security of public key protocols. IEEE Trans. Inf. Theor. 29(2), 198–208 (1983)MathSciNetCrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  1. 1.Manhattan CollegeNew YorkUSA

Personalised recommendations