A nonce-based protocol for multiple authentications
ACM SIGOPS Operating Systems Review
Constraint solving for bounded-process cryptographic protocol analysis
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Communications of the ACM - Ontology: different ways of representing the same concept
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR
TACAs '96 Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems
The AVISS Security Protocol Analysis Tool
CAV '02 Proceedings of the 14th International Conference on Computer Aided Verification
Some new attacks upon security protocols
CSFW '96 Proceedings of the 9th IEEE workshop on Computer Security Foundations
How to prevent type flaw attacks on security protocols
Journal of Computer Security - CSFW13
An Efficient Cryptographic Protocol Verifier Based on Prolog Rules
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Formal Verification of Type Flaw Attacks in Security Protocols
APSEC '03 Proceedings of the Tenth Asia-Pacific Software Engineering Conference Software Engineering Conference
Security properties: two agents are sufficient
Science of Computer Programming - Special issue on 12th European symposium on programming (ESOP 2003)
Protocol Composition Logic (PCL)
Electronic Notes in Theoretical Computer Science (ENTCS)
Cross-layer verification of type flaw attacks on security protocols
ACSC '07 Proceedings of the thirtieth Australasian conference on Computer science - Volume 62
Operational semantics of security protocols
SMTT'03 Proceedings of the 2003 international conference on Scenarios: models, Transformations and Tools
RTA'06 Proceedings of the 17th international conference on Term Rewriting and Applications
Towards the attacker's view of protocol narrations (or, how to compile security protocols)
Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security
Hi-index | 0.00 |
In the context of Dolev-Yao style analysis of security protocols, we consider the capability of an intruder to dynamically choose and assign names to agents. This capability has been overlooked in all significant protocol verification frameworks based on formal methods. We identify and classify new type-flaw attacks arising from this capability. Several examples of protocols that are vulnerable to this type of attack are given, including Lowe's modification of KSL. The consequences for automatic verification tools are discussed.