HB+DB: Mitigating Man-in-the-Middle Attacks against HB+ with Distance Bounding.
Paper i proceeding, 2015

Authentication for resource-constrained devices is seen as one of the major challenges in current wireless communication networks. The HB+ protocol performs device authentication based on the learning parity with noise (LPN) problem and simple computational steps, that renders it suitable for resource-constrained devices such as radio frequency identification (RFID) tags. However, it has been shown that the HB+ protocol as well as many of its variants are vulnerable to a simple man-in-the-middle attack. We demonstrate that this attack could be mitigated using physical layer measures from distance-bounding and simple modifications to devices’ radio receivers. Our hybrid solution (HB+DB) is shown to provide both effective distance-bounding using a lightweight HB+-based response function, and resistance against the man-in-the-middle attack to HB+. We provide experimental evaluation of our results as well as a brief discussion on practical requirements for secure implementation.

HB protocol


physical layer security



Elena Pagnin

Chalmers, Data- och informationsteknik, Nätverk och system

Anjia Yang

City University of Hong Kong

G. Hancke

City University of Hong Kong

Aikaterini Mitrokotsa

Chalmers, Data- och informationsteknik, Nätverk och system

Proceedings of the 8th ACM Conference on Security and Privacy in Wireless and Mobile Networks (ACM WiSec 2015), New York, United States, 22-26 June



Informations- och kommunikationsteknik


Data- och informationsvetenskap


Datavetenskap (datalogi)