论文信息 - How to prevent type flaw attacks on security protocols

How to prevent type flaw attacks on security protocols

A type flaw attack on a security protocol is an attack where a field that was originally intended to have one type is subsequently interpreted as having another type. A number of type flaw attacks have appeared in the academic literature. In this paper we prove that type flaw attacks can be prevented using a simple technique of tagging each field with some information indicating its intended type.

Gavin Lowe | Steve A. Schneider | James Heather

[1] Steve A. Schneider. Verifying Authentication Protocols in CSP , 1998, IEEE Trans. Software Eng..

[2] Catherine A. Meadows,et al. Analyzing the Needham-Schroeder Public-Key Protocol: A Comparison of Two Approaches , 1996, ESORICS.

[3] Joshua D. Guttman,et al. Mixed strand spaces , 1999, Proceedings of the 12th IEEE Computer Security Foundations Workshop.

[4] Dimacs. DIMACS Workshop on Design and Formal Verification of Security Protocols , 1997 .

[5] Gavin Lowe,et al. Fault-Preserving Simplifying Transformations for Security Protocols , 2001, J. Comput. Secur..

[6] Martín Abadi,et al. Prudent Engineering Practice for Cryptographic Protocols , 1994, IEEE Trans. Software Eng..

[7] Gavin Lowe,et al. Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR , 1996, Softw. Concepts Tools.

[8] Joshua D. Guttman,et al. Strand Spaces: Proving Security Protocols Correct , 1999, J. Comput. Secur..

[9] Simon S. Lam,et al. A lesson on authentication protocol design , 1994, OPSR.

[10] Lawrence C. Paulson,et al. The Inductive Approach to Verifying Cryptographic Protocols , 2021, J. Comput. Secur..

[11] Somesh Jha,et al. A model checker for authentication protocols , 1997 .

[12] Roger M. Needham,et al. Using encryption for authentication in large networks of computers , 1978, CACM.