论文信息 - How to prevent type flaw attacks on security protocols

How to prevent type flaw attacks on security protocols

A type flaw attack on a security protocol is an attack where a field that was originally intended to have one type is subsequently interpreted as having another type. A number of type flaw attacks have appeared in the academic literature. In this paper we prove that type flaw attacks can be prevented using a simple technique of tagging each field with some information indicating its intended type.

Gavin Lowe | James Heather | Steve Schneider

[1] F. Javier Thayer Fábrega,et al. Strand spaces: proving security protocols correct , 1999 .

[2] Gavin Lowe,et al. Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR , 1996, Softw. Concepts Tools.

[3] Steve A. Schneider. Verifying Authentication Protocols in CSP , 1998, IEEE Trans. Software Eng..

[4] Gavin Lowe,et al. Fault-Preserving Simplifying Transformations for Security Protocols , 2001, J. Comput. Secur..

[5] Martín Abadi,et al. Prudent Engineering Practice for Cryptographic Protocols , 1994, IEEE Trans. Software Eng..

[6] Lawrence C. Paulson,et al. The Inductive Approach to Verifying Cryptographic Protocols , 2021, J. Comput. Secur..

[7] Catherine A. Meadows,et al. Analyzing the Needham-Schroeder Public-Key Protocol: A Comparison of Two Approaches , 1996, ESORICS.

[8] Roger M. Needham,et al. Using encryption for authentication in large networks of computers , 1978, CACM.

[9] Simon S. Lam,et al. A lesson on authentication protocol design , 1994, OPSR.

[10] Joshua D. Guttman,et al. Mixed strand spaces , 1999, Proceedings of the 12th IEEE Computer Security Foundations Workshop.