Abstract: HB-like protocols are such a kind of authentication protocols that require low computational resource and promise to resist quantum attacks. They are especially suitable for mobile applications and the Internet of Things (IoT). However, the wireless communications in these environments have compelled that HB-like protocols should be able to resist the man-in-the-middle (MIM) attacks. In this vein, this paper proposes an algebraic MIM attack to a recently presented HB# authentication protocol which is claimed to resist MIM attacks. During this attack, the authentication keys can be totally recovered efficiently. The proposed attacking method is based on the solutions to a system of quadratic equations of multi-variables over . Hence, the necessary and sufficient conditions for this system of equations being solvable have been found in advance. Then, an algebraic attack to HB# protocol has been presented accordingly.