Parallel and concurrent security of the HB and HB + protocols

Jonathan Katz, Ji Sun Shin, Adam Smith

Research output: Contribution to journalArticlepeer-review

57 Scopus citations


Hopper and Blum (Asiacrypt 2001) and Juels and Weis (Crypto 2005) recently proposed two shared-key authentication protocols-HB and HB +, respectively-whose extremely low computational cost makes them attractive for low-cost devices such as radio-frequency identification (RFID) tags. The security of these protocols is based on the conjectured hardness of the "learning parity with noise" (LPN) problem, which is equivalent to the problem of decoding random binary linear codes. The HB protocol is proven secure against a passive (eavesdropping) adversary, while the HB + protocol is proven secure against active attacks.

Original languageEnglish (US)
Pages (from-to)402-421
Number of pages20
JournalJournal of Cryptology
Issue number3
StatePublished - Jul 2010

All Science Journal Classification (ASJC) codes

  • Software
  • Computer Science Applications
  • Applied Mathematics


Dive into the research topics of 'Parallel and concurrent security of the HB and HB + protocols'. Together they form a unique fingerprint.

Cite this