Is Cryptyc Able to Detect Insider Attacks?

  • Behnam Sattarzadeh
  • Mehran S. Fallah
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7140)


The use of type checking for analyzing security protocols has been recognized for several years. A state-of-the-art type checker based on such an idea is Cryptyc. It has been proven that if an authentication protocol is well-typed in Cryptyc, it provides authenticity in any environment containing external adversaries. The type system implemented by Cryptyc, however, is such that one may hope to be able to detect insider attacks as well. The lack of any report of a well-typed protocol being vulnerable to insider attacks has strengthened such a conjecture. This has been an open question from the last version of Cryptyc. In this paper, we show that the answer to this question is “No”. More precisely, we first introduce a public-key authentication protocol which is vulnerable to a man-in-the-middle attack mounted by a legitimate principal. Then, it is shown that this protocol is typable in Cryptyc. We also make slight changes in Cryptyc so that it can trap the protocols being vulnerable to this kind of insider attacks. The new type system is sound.


Authentication protocols insider attacks language-based security type-based analysis 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Abadi, M.: Secrecy by typing in security protocols. Journal of the ACM (JACM) 46(5), 749–786 (1999)MathSciNetzbMATHCrossRefGoogle Scholar
  2. 2.
    Abadi, M., Gordon, A.D.: A calculus for cryptographic protocols: the spi calculus. Information and Computation 148(1), 1–70 (1999)MathSciNetzbMATHCrossRefGoogle Scholar
  3. 3.
    Dolev, D., Yao, A.: On the security of public key protocols. IEEE Transactions on Information Theory 29(2), 198–208 (1983)MathSciNetzbMATHCrossRefGoogle Scholar
  4. 4.
    Focardi, R., Maffei, M.: Types for security protocols. In: Cortier, V., Kremer, S. (eds.) Formal Models and Techniques for Analyzing Security Protocols. Cryptology and Information Security Series, vol. 5, ch. 7, pp. 143–181. IOS Press (2011)Google Scholar
  5. 5.
    Gordon, A.D., Haack, C., Jeffrey, A.: Cryptyc: Cryptographic protocol type checker,
  6. 6.
    Gordon, A.D., Jeffrey, A.: Authenticity by typing for security protocols. Journal of Computer Security 11(4), 451–519 (2003)Google Scholar
  7. 7.
    Gordon, A.D., Jeffrey, A.: Typing One-to-One and One-to-Many Correspondences in Security Protocols. In: Okada, M., Babu, C. S., Scedrov, A., Tokuda, H. (eds.) ISSS 2002. LNCS, vol. 2609, pp. 263–282. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  8. 8.
    Gordon, A.D., Jeffrey, A.: Types and effects for asymmetric cryptographic protocols. Journal of Computer Security 12(3), 435–483 (2004)Google Scholar
  9. 9.
    Haack, C., Jeffrey, A.: Pattern-matching spi-calculus. Information and Computation 204(8), 1195–1263 (2006)MathSciNetzbMATHCrossRefGoogle Scholar
  10. 10.
    Heather, J., Lowe, G., Schneider, S.: How to prevent type flaw attacks on security protocols. Journal of Computer Security 11(2), 217–244 (2003)Google Scholar
  11. 11.
    Lowe, G.: An attack on the Needham-Schroeder public-key authentication protocol. Information Processing Letters 56(3), 131–133 (1995)zbMATHCrossRefGoogle Scholar
  12. 12.
    Lowe, G.: Breaking and Fixing the Needham-Schroeder Public-Key Protocol using FDR. In: Margaria, T., Steffen, B. (eds.) TACAS 1996. LNCS, vol. 1055, pp. 147–166. Springer, Heidelberg (1996)CrossRefGoogle Scholar
  13. 13.
    Lowe, G.: A hierarchy of authentication specifications. In: Proceedings of the 10th IEEE Computer Security Foundations Workshop (CSFW 1997), pp. 31–43. IEEE Computer Society (1997)Google Scholar
  14. 14.
    Needham, R.M., Schroeder, M.D.: Using encryption for authentication in large networks of computers. Communications of the ACM 21(12), 993–999 (1978)zbMATHCrossRefGoogle Scholar
  15. 15.
    Sattarzadeh, B., Fallah, M.S.: Cryptyc + ,
  16. 16.
    Woo, T.Y.C., Lam, S.S.: A semantic model for authentication protocols. In: Proceedings of the 1993 IEEE Computer Society Symposium on Research in Security and Privacy, pp. 178–194. IEEE Computer Society (1993)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Behnam Sattarzadeh
    • 1
  • Mehran S. Fallah
    • 1
    • 2
  1. 1.Department of Computer Engineering and Information TechnologyAmirkabir University of Technology (Tehran Polytechnic)TehranIran
  2. 2.School of MathematicsInstitute for Research in Fundamental Sciences (IPM)TehranIran

Personalised recommendations