Efficient and timely mutual authentication
ACM SIGOPS Operating Systems Review
A calculus for cryptographic protocols
Information and Computation
Communicating and mobile systems: the &pgr;-calculus
Communicating and mobile systems: the &pgr;-calculus
Mobile values, new names, and secure communication
POPL '01 Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Constraint solving for bounded-process cryptographic protocol analysis
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Validating firewalls using flow logics
Theoretical Computer Science
Software Development with Z: A Practical Approach to Formal Methods in Software Engineering
Software Development with Z: A Practical Approach to Formal Methods in Software Engineering
Analyzing the Needham-Schroeder Public-Key Protocol: A Comparison of Two Approaches
ESORICS '96 Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security
Nordic Journal of Computing
How to Prevent Type Flaw Attacks on Security Protocols
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
Roles in Cryptographic Protocols
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
On Message Integrity in Cryptographic Protocols
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
Protocol Design for Integrity Protection
SP '93 Proceedings of the 1993 IEEE Symposium on Security and Privacy
Analysis of LYSA-calculus with explicit confidentiality annotations
AINA '06 Proceedings of the 20th International Conference on Advanced Information Networking and Applications - Volume 02
Static validation of security protocols
Journal of Computer Security
Cross-layer verification of type flaw attacks on security protocols
ACSC '07 Proceedings of the thirtieth Australasian conference on Computer science - Volume 62
Detecting and Preventing Type flaws: a Control Flow Analysis with Tags
Electronic Notes in Theoretical Computer Science (ENTCS)
A formal analysis for capturing replay attacks in cryptographic protocols
ASIAN'07 Proceedings of the 12th Asian computing science conference on Advances in computer science: computer and network security
The AVISPA tool for the automated validation of internet security protocols and applications
CAV'05 Proceedings of the 17th international conference on Computer Aided Verification
Formal verification of a type flaw attack on a security protocol using object-z
ZB'05 Proceedings of the 4th international conference on Formal Specification and Development in Z and B
| Hi-index | 0.00 |
A simple type confusion attack occurs in a security protocol, when a principal interprets data of one type as data of another. These attacks can be successfully prevented by "tagging" types of each field of a message. Complex type confusions occur instead when tags can be confused with data and when fields or sub-segments of fields may be confused with concatenations of fields of other types. Capturing these kinds of confusions is not easy in a process calculus setting, where it is generally assumed that messages are correctly interpreted. In this paper, we model in the process calculus LySaonly the misinterpretation due to the confusion of a concatenation of fields with a single field, by extending the notation of one-to-one variable binding to many-to-one binding. We further present a formal way of detecting these possible misinterpretations, based on a Control Flow Analysis for this version of the calculus. The analysis over-approximates all the possible behaviour of a protocol, including those effected by these type confusions. As an example, we considered the amended Needham-Schroeder symmetric protocol, where we succeed in detecting the type confusion that lead to a complex type flaw attacks it is subject to. Therefore, the analysis can capture potential type confusions of this kind on security protocols, besides other security properties such as confidentiality, freshness and message authentication.