Never Trust a Bunny

Lapin is a lightweight "RFID authentication" system introduced at FSE 2012. The system is claimed to be "Provably Secure Against Active Attacks". This claim is qualified elsewhere in: attacking Lapin-n is provably as difficult as attacking an n-bit "Ring-LPN" problem introduced in the same paper. "Lapin" is a new RFID authentication protocol proposed at FSE 2012. "Ring-LPN" (Ring-Learning-Parity-with-Noise) is a new computational problem proposed in the same paper; there is a proof relating the security of Lapin to the difficulty of Ring-LPN. This paper presents an attack against Ring-LPN-512 and Lapin-512. The attack is not practical but nevertheless violates specific security claims in the FSE 2012 paper.