HB+DB: Mitigating Man-in-the-Middle Attacks against HB+ with Distance Bounding.
Paper in proceedings, 2015

Authentication for resource-constrained devices is seen as one of the major challenges in current wireless communication networks. The HB+ protocol performs device authentication based on the learning parity with noise (LPN) problem and simple computational steps, that renders it suitable for resource-constrained devices such as radio frequency identification (RFID) tags. However, it has been shown that the HB+ protocol as well as many of its variants are vulnerable to a simple man-in-the-middle attack. We demonstrate that this attack could be mitigated using physical layer measures from distance-bounding and simple modifications to devices’ radio receivers. Our hybrid solution (HB+DB) is shown to provide both effective distance-bounding using a lightweight HB+-based response function, and resistance against the man-in-the-middle attack to HB+. We provide experimental evaluation of our results as well as a brief discussion on practical requirements for secure implementation.

HB protocol


physical layer security



Elena Pagnin

Chalmers, Computer Science and Engineering (Chalmers), Networks and Systems (Chalmers)

Anjia Yang

City University of Hong Kong

G. Hancke

City University of Hong Kong

Aikaterini Mitrokotsa

Chalmers, Computer Science and Engineering (Chalmers), Networks and Systems (Chalmers)

Proceedings of the 8th ACM Conference on Security and Privacy in Wireless and Mobile Networks (ACM WiSec 2015), New York, United States, 22-26 June


Areas of Advance

Information and Communication Technology

Subject Categories

Computer and Information Science

Information Science

Computer Science





More information

Latest update