An Algorithm for Solving the LPN Problem and Its Application to Security Evaluation of the HB Protocols for RFID Authentication

An algorithm for solving the “learning parity with noise” (LPN) problem is proposed and analyzed. The algorithm originates from the recently proposed advanced fast correlation attacks, and it employs the concepts of decimation, linear combining, hypothesizing and minimum distance decoding. However,...

Full description

Saved in:
Bibliographic Details
Published inLecture notes in computer science pp. 48 - 62
Main Authors Fossorier, Marc P. C., Mihaljević, Miodrag J., Imai, Hideki, Cui, Yang, Matsuura, Kanta
Format Book Chapter Conference Proceeding
LanguageEnglish
Published Berlin, Heidelberg Springer Berlin Heidelberg 2006
Springer
SeriesLecture Notes in Computer Science
Subjects
Applied sciences
Artificial intelligence
Computer science; control theory; systems
Computer systems and distributed systems. User interface
cryptanalysis
Cryptography
Exact sciences and technology
fast correlation attacks
HB protocols
Information, signal and communications theory
LPN problem
Memory and file management (including protection and security)
Memory organisation. Data processing
RFID authentication
Signal and communications theory
Software
Telecommunications and information theory
Correlation
Authentication
Transmission protocol
Minimal distance
Decoding
Safety
Cryptography
Learning algorithm
Artificial intelligence
Parity
Decimation
Radio frequency identification
Online AccessGet full text

Cover

More Information
Summary:An algorithm for solving the “learning parity with noise” (LPN) problem is proposed and analyzed. The algorithm originates from the recently proposed advanced fast correlation attacks, and it employs the concepts of decimation, linear combining, hypothesizing and minimum distance decoding. However, as opposed to fast correlation attacks, no preprocessing phase is allowed for the LPN problem. The proposed algorithm appears as more powerful than the best one previously reported known as the BKW algorithm proposed by Blum, Kalai and Wasserman. In fact the BKW algorithm is shown to be a special instance of the proposed algorithm, but without optimized parameters. An improved security evaluation, assuming the passive attacks, of Hopper and Blum HB and HB +  protocols for radio-frequency identification (RFID) authentication is then developed. Employing the proposed algorithm, the security of the HB protocols is reevaluated, implying that the previously reported security margins appear as overestimated.
ISBN:3540497676
9783540497677
ISSN:0302-9743
1611-3349
DOI:10.1007/11941378_5