[Resource Topic] 2006/326: Analyzing the HB and HB+ Protocols in the ``Large Error'' Case

Welcome to the resource topic for 2006/326

Analyzing the HB and HB+ Protocols in the ``Large Error’’ Case

Authors: Jonathan Katz, Adam Smith


HB and HB+ are two shared-key, unidirectional authentication protocols whose extremely low computational cost makes them potentially well-suited for severely resource-constrained devices. Security of these protocols is based on the conjectured hardness of learning parity with noise; that is, learning a secret s given ``noisy’’ dot products of s that are incorrect with probability \epsilon. Although the problem of learning parity with noise is meaningful for any constant \epsilon < 1/2, existing proofs of security for HB and HB+ only imply security when \epsilon < 1/4. In this note, we show how to extend these proofs to the case of arbitrary \epsilon < 1/2.

ePrint: https://eprint.iacr.org/2006/326

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .