Abstract
A simple type confusion attack occurs in a security protocol, when a principal interprets data of one type as data of another. These attacks can be successfully prevented by “tagging” types of each field of a message. Complex type confusions occur instead when tags can be confused with data and when fields or sub-segments of fields may be confused with concatenations of fields of other types. Capturing these kinds of confusions is not easy in a process calculus setting, where it is generally assumed that messages are correctly interpreted. In this paper, we model in the process calculus LySa only the misinterpretation due to the confusion of a concatenation of fields with a single field, by extending the notation of one-to-one variable binding to many-to-one binding. We further present a formal way of detecting these possible misinterpretations, based on a Control Flow Analysis for this version of the calculus. The analysis over-approximates all the possible behaviour of a protocol, including those effected by these type confusions. As an example, we considered the amended Needham-Schroeder symmetric protocol, where we succeed in detecting the type confusion that lead to a complex type flaw attacks it is subject to. Therefore, the analysis can capture potential type confusions of this kind on security protocols, besides other security properties such as confidentiality, freshness and message authentication.
This work has been partially supported by the project SENSORIA.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Abadi, M., Fournet, C.: Mobile values, new names, and secure communication. In: POPL, pp. 104–115 (2001)
Abadi, M., Gordon, A.D.: A Calculus for Cryptographic Protocols: The Spi Calculus. Information and Computation 148(1), 1–70 (1999)
Armando, A., et al.: The AVISPA tool for the automated validation of internet security protocols and applications. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576, pp. 281–285. Springer, Heidelberg (2005)
Bodei, C., Gao, H., Degano, P.: A Formal Analysis of Complex Type Flaw Attacks on Security Protocols. TR-08-03, Pisa University
Bodei, C., Buchholtz, M., Degano, P., Nielson, F., Riis Nielson, H.: Static Validation of Security Protocols. Journal of Computer Security 13(3), 347–390 (2005)
Bodei, C., Degano, P., Gao, H., Brodo, L.: Detecting and Preventing Type Flaws: a Control Flow Analysis with tags. In: Proc. of 5th International Workshop on Security Issues in Concurrency (SecCO). ENTCS (2007)
Bozzano, M.: A Logic-Based Approach to Model Checking of Parameterized and Infinite-State Systems. PhD Thesis, DISI, University of Genova (2002)
Burrows, M., Abadi, M., Needham, R.: A Logic of Authentication. TR 39, Digital Systems Research Center (February 1989)
Clark, J., Jacob, J.: A survey of authentication protocol literature: Version 1.0 (1997), http://www.cs.york.ac.uk/~jac/papers/drareviewps.ps
Dolev, D., Yao, A.C.: On the Security of Public Key Protocols. IEEE TIT IT-29(12), 198–208 (1983)
Gao, H., Bodei, C., Degano, P., Riis Nielson, H.: A Formal Analysis for Capturing Replay Attacks in Cryptographic Protocols. In: Cervesato, I. (ed.) ASIAN 2007. LNCS, vol. 4846, pp. 150–165. Springer, Heidelberg (2007)
Gao, H., Riis Nielson, H.: Analysis of LySa calculus with explicit confidentiality annotations. In: Proc. of Advanced Information Networking and Applications (AINA), IEEE Computer Society, Los Alamitos (2005)
Heather, J., Lowe, G., Schneider, S.: How to prevent type flaw attacks on security protocols. In: Proc. of the 13th Computer Security Foundations Workshop (CSFW). IEEE Computer Society Press, Los Alamitos (2000)
Long, B.W.: Formal verification of a type flaw attack on a security protocol using Object-Z. In: Treharne, H., King, S., C. Henson, M., Schneider, S. (eds.) ZB 2005. LNCS, vol. 3455, pp. 319–333. Springer, Heidelberg (2005)
Long, B.W., Fidge, C.J., Carrington, D.A.: Cross-layer verification of type flaw attacks on security protocols. In: Proc. of the 30th Australasian conference on Computer science, vol. 62 (2007)
Meadows, C.: Analyzing the Needham-Schroeder public key protocol: A comparison of two approaches. In: Proc. of European Symposium on Research in Computer Security. Springer, Heidelberg (2006)
Meadows, C.: Identifying potential type confusion in authenticated messages. In: Proc. of Workshop on Foundation of Computer Security (FCS), Copenhagen, Denmark, DIKU TR 02/12, pp. 75–84 (2002)
Meadows, C.: A procedure for verifying security against type confusion attacks. In: Proc. of the 16th Workshop on Foundation of Computer Security (CSFW) (2003)
Millen, J., Shmatikov, V.: Constraint Solving for Bounded-Process Cryptographic Protocol Analysis. In: ACM Conference on Computer and Communications Security, pp. 166–175 (2001)
Milner, R.: Communicating and mobile systems: the π-calculus. Cambridge University Press, Cambridge (1999)
Nielson, F., Riis Nielson, H., Hansen, R.R.: Validating firewalls using flow logics. Theor. Comput. Sci. 283(2), 381–418 (2002)
Nielson, F., Seidl, H., Nielson, H.R.: A Succinct Solver for ALFP. Nordic Journal of Computing 9, 335–372 (2002)
Otway, D., Rees, O.: Efficient and timely mutual authentication. ACM Operating Systems Review 21(1), 8–10 (1987)
Snekkenes, E.: Roles in cryptographic protocols. In: Proc. of the Computer Security Symposium on Research in Security and Privacy, pp. 105–119. IEEE Computer Society Press, Los Alamitos (1992)
Stubblebine, S., Gligor, V.: On Message Integrity in Cryptographic Protocols. In: IEEE Computer Society Symposium on Research in Security and Privacy, pp. 85–104 (1992)
Stubblebine, S., Gligor, V.: Protocol Design for Integrity Protection. In: IEEE Computer Society Symposium on Research in Security and Privacy, pp. 41–53 (1993)
Syverson, P., Meadows, C.: Formal requirements for key distribution protocols. In: Advances in Cryptology - EUROCRYPT. LNCS, vol. 950, pp. 320–331. Springer, Heidelberg (1994)
Wordsworth, J.B.: Software development with Z - A practical approach to formal methods in software engineering. International Computer Science Series. Addison-Wesley Publishers Ltd., London (1992)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Gao, H., Bodei, C., Degano, P. (2008). A Formal Analysis of Complex Type Flaw Attacks on Security Protocols. In: Meseguer, J., Roşu, G. (eds) Algebraic Methodology and Software Technology. AMAST 2008. Lecture Notes in Computer Science, vol 5140. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-79980-1_14
Download citation
DOI: https://doi.org/10.1007/978-3-540-79980-1_14
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-79979-5
Online ISBN: 978-3-540-79980-1
eBook Packages: Computer ScienceComputer Science (R0)