Detecting and preventing type flaws at static time

Authors:
Chiara Bodei;Linda Brodo;Pierpaolo Degano;Han Gao
Affiliations:
(Correspd.) Dipartimento di Informatica, Università di Pisa, Via Pontecorvo, I-56127 Pisa, Italia. E-mails: {chiara, degano}@di.unipi.it;Dipartimento di Scienze dei Linguaggi, Università di Sassari, via Tempio, 9, I-07100 Sassari, Italia. E-mail: brodo@uniss.it;Dipartimento di Informatica, Università di Pisa, Via Pontecorvo, I-56127 Pisa, Italia. E-mails: {chiara, degano}@di.unipi.it;Informatics and Mathematical Modelling, Technical University of Denmark, Richard Petersens Plads bldg 321, DK-2800 Kongens Lyngby, Denmark. E-mail: hg@imm.dtu.dk
Venue:
Journal of Computer Security - Security Issues in Concurrency (SecCo'07)
Year:
2010

Citing 29
Cited 2

Integrating security in a large distributed system

ACM Transactions on Computer Systems (TOCS)
A logic of authentication

ACM Transactions on Computer Systems (TOCS)
Soft typing

PLDI '91 Proceedings of the ACM SIGPLAN 1991 conference on Programming language design and implementation
A lesson on authentication protocol design

ACM SIGOPS Operating Systems Review
A calculus for cryptographic protocols

Information and Computation
Communicating and mobile systems: the &pgr;-calculus

Communicating and mobile systems: the &pgr;-calculus
A key distribution protocol using event markers

ACM Transactions on Computer Systems (TOCS)
Authentication tests and the structure of bundles

Theoretical Computer Science
Protocol Interactions and the Chosen Protocol Attack

Proceedings of the 5th International Workshop on Security Protocols
A succinct solver for ALFP

Nordic Journal of Computing
Towards a Completeness Result for Model Checking of Security Protocols

CSFW '98 Proceedings of the 11th IEEE workshop on Computer Security Foundations
Protocol Independence through Disjoint Encryption

CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
How to Prevent Type Flaw Attacks on Security Protocols

CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
Types and Effects for Asymmetric Cryptographic Protocols

CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Flow logic: a multi-paradigmatic approach to static analysis

The essence of computation
Roles in Cryptographic Protocols

SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
A calculus for control flow analysis of security protocols

International Journal of Information Security - Special issue on security in global computing
Secure protocol composition

Proceedings of the 2003 ACM workshop on Formal methods in security engineering
Analysis of LYSA-calculus with explicit confidentiality annotations

AINA '06 Proceedings of the 20th International Conference on Advanced Information Networking and Applications - Volume 02
Feasibility of Multi-Protocol Attacks

ARES '06 Proceedings of the First International Conference on Availability, Reliability and Security
Information-theoretically secure protocols and security under composition

Proceedings of the thirty-eighth annual ACM symposium on Theory of computing
Static validation of security protocols

Journal of Computer Security
Cryptographic Pattern Matching

Electronic Notes in Theoretical Computer Science (ENTCS)
Detecting and Preventing Type flaws: a Control Flow Analysis with Tags

Electronic Notes in Theoretical Computer Science (ENTCS)
Tags for Multi-Protocol Authentication

Electronic Notes in Theoretical Computer Science (ENTCS)
A formal analysis for capturing replay attacks in cryptographic protocols

ASIAN'07 Proceedings of the 12th Asian computing science conference on Advances in computer science: computer and network security
Safely composing security protocols

FSTTCS'07 Proceedings of the 27th international conference on Foundations of software technology and theoretical computer science
Model checking the security of multi-protocol systems

CTS'05 Proceedings of the 2005 international conference on Collaborative technologies and systems
Formal methods for cryptographic protocol analysis: emerging issues and trends

IEEE Journal on Selected Areas in Communications

Choreography rehearsal

WS-FM'09 Proceedings of the 6th international conference on Web services and formal methods
Static analysis techniques for session-oriented calculi

Rigorous software engineering for service-oriented systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

A type flaw attack on a security protocol is an attack where an honest principal is cheated on interpreting a field in a message as the one with a type other than the intended one. In this paper, we shall present an extension of the LYSA calculus to cope with types, by using tags to represent the intended types of terms. We develop a Control Flow Analysis for this calculus which soundly over-approximates all the possible behaviour of a protocol and, in particular, is able to capture any type confusion that may occur during the protocol execution. The analysis acts in a descriptive way: it describes which violations may occur. In the same setting, our approach also offers a prescriptive usage: we can impose a type discipline, by forcing some data to be of the expected types. At this point, the analysis may statically check that type violations are not possible any longer. In other words, we instrument the code with the only checks necessary to enforce type security. Finally, we apply our framework to a multi-protocol setting, where the risk of having type flaw attacks is higher. Our analysis has been implemented and successfully applied to a number of security protocols, showing it is able to capture type flaw attacks. The implementation complexity of the analysis is low polynomial.