Detecting and Preventing Type flaws: a Control Flow Analysis with Tags

Authors:
Chiara Bodei;Pierpaolo Degano;Han Gao;Linda Brodo
Affiliations:
Dipartimento di Informatica, Università di Pisa, Via Pontecorvo, I-56127 Pisa - Italia;Dipartimento di Informatica, Università di Pisa, Via Pontecorvo, I-56127 Pisa - Italia;Informatics and Mathematical Modelling, Technical University of Denmark, Richard Petersens Plads bldg 321, DK-2800 Kongens Lyngby - Denmark;Dipartimento di Scienze dei Linguaggi, Università di Sassari, via Tempio,9, I-07100 Sassari - Italia
Venue:
Electronic Notes in Theoretical Computer Science (ENTCS)
Year:
2007

Citing 13
Cited 6

Integrating security in a large distributed system

ACM Transactions on Computer Systems (TOCS)
A logic of authentication

ACM Transactions on Computer Systems (TOCS)
A lesson on authentication protocol design

ACM SIGOPS Operating Systems Review
A calculus for cryptographic protocols

Information and Computation
Communicating and mobile systems: the &pgr;-calculus

Communicating and mobile systems: the &pgr;-calculus
How to Prevent Type Flaw Attacks on Security Protocols

CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
Types and Effects for Asymmetric Cryptographic Protocols

CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Flow logic: a multi-paradigmatic approach to static analysis

The essence of computation
Roles in Cryptographic Protocols

SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
A calculus for control flow analysis of security protocols

International Journal of Information Security - Special issue on security in global computing
Analysis of LYSA-calculus with explicit confidentiality annotations

AINA '06 Proceedings of the 20th International Conference on Advanced Information Networking and Applications - Volume 02
Static validation of security protocols

Journal of Computer Security
Cryptographic Pattern Matching

Electronic Notes in Theoretical Computer Science (ENTCS)

A Formal Analysis of Complex Type Flaw Attacks on Security Protocols

AMAST 2008 Proceedings of the 12th international conference on Algebraic Methodology and Software Technology
A formal analysis for capturing replay attacks in cryptographic protocols

ASIAN'07 Proceedings of the 12th Asian computing science conference on Advances in computer science: computer and network security
Detecting and preventing type flaws at static time

Journal of Computer Security - Security Issues in Concurrency (SecCo'07)
Non-repudiation analysis using LySa with annotations

Computer Languages, Systems and Structures
Flow Logic for Process Calculi

ACM Computing Surveys (CSUR)
Trusted multiplexing of cryptographic protocols

FAST'09 Proceedings of the 6th international conference on Formal Aspects in Security and Trust

Quantified Score

Hi-index	0.00

Visualization

Abstract

A type flaw attack on a security protocol is an attack where an honest principal is cheated on interpreting a field in a message as the one with a type other than the intended one. In this paper, we shall present an extension of the LySa calculus with tags attached to each field, indicating the intended types. We developed a control flow analysis for analysing the extended LySa, which over-approximates all the possible behaviour of a protocol and hence is able to capture any type confusion that may happen during the protocol execution. The control flow analysis has been applied to a number of security protocols, either subject to type flaw attacks or not. The results show that it is able to capture type flaw attacks on those security protocols.