We present a very simple probabilistic, passive attack against the protocols HB and HB~+. Our attack presents some interesting features: it requires less captured transcripts of protocol executions when compared to previous results; It makes possible to trade the amount of required transcripts for computational complexity; the value of noise used in the protocols HB and HB~+ need not be known.
展开▼