Securing HB against GRS Man-in-the-Middle Attack

In Crypto’05, Juels and Weis proposed an efficient and provably secure authentication protocol for RFID devices, namely HB. The protocol is adapted from a human authentication protocol called HB which was proposed earlier by Hopper and Blum. Although HB is more secure than HB in order to be secure in a RFID environment, HB still suffers from an inherent weakness of HB. That is HB+ is not shown to be provably secure against a stronger yet practical type of attack, e.g., man-in-the-middle attack. This problem was quickly demonstrated by Gilbert et al. They presented a man-in-the-middle-attack with linear complexity which can discover a secret information shared by a RFID tag and a RFID reader. Till then, an efficient variant of HB which is secure against active adversaries remains an open question. In this paper, our goal is to solve this open question. We propose an augmented version of HB and show that the new protocol is secure against man-in-themiddle attacks. Comparing to HB, our improved protocol requires only one more secret and minimal additional computation at tag and reader’s side. Therefore, HB∗ is still usable for RFID devices.