Skip to main content
SpringerLink
Log in

A Formal Analysis of Complex Type Flaw Attacks on Security Protocols

  • Conference paper
Algebraic Methodology and Software Technology (AMAST 2008)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 5140))

Abstract

A simple type confusion attack occurs in a security protocol, when a principal interprets data of one type as data of another. These attacks can be successfully prevented by “tagging” types of each field of a message. Complex type confusions occur instead when tags can be confused with data and when fields or sub-segments of fields may be confused with concatenations of fields of other types. Capturing these kinds of confusions is not easy in a process calculus setting, where it is generally assumed that messages are correctly interpreted. In this paper, we model in the process calculus LySa only the misinterpretation due to the confusion of a concatenation of fields with a single field, by extending the notation of one-to-one variable binding to many-to-one binding. We further present a formal way of detecting these possible misinterpretations, based on a Control Flow Analysis for this version of the calculus. The analysis over-approximates all the possible behaviour of a protocol, including those effected by these type confusions. As an example, we considered the amended Needham-Schroeder symmetric protocol, where we succeed in detecting the type confusion that lead to a complex type flaw attacks it is subject to. Therefore, the analysis can capture potential type confusions of this kind on security protocols, besides other security properties such as confidentiality, freshness and message authentication.

This work has been partially supported by the project SENSORIA.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Abadi, M., Fournet, C.: Mobile values, new names, and secure communication. In: POPL, pp. 104–115 (2001)

    Google Scholar 

  2. Abadi, M., Gordon, A.D.: A Calculus for Cryptographic Protocols: The Spi Calculus. Information and Computation 148(1), 1–70 (1999)

    Article  MATH  MathSciNet  Google Scholar 

  3. Armando, A., et al.: The AVISPA tool for the automated validation of internet security protocols and applications. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576, pp. 281–285. Springer, Heidelberg (2005)

    Google Scholar 

  4. Bodei, C., Gao, H., Degano, P.: A Formal Analysis of Complex Type Flaw Attacks on Security Protocols. TR-08-03, Pisa University

    Google Scholar 

  5. Bodei, C., Buchholtz, M., Degano, P., Nielson, F., Riis Nielson, H.: Static Validation of Security Protocols. Journal of Computer Security 13(3), 347–390 (2005)

    Google Scholar 

  6. Bodei, C., Degano, P., Gao, H., Brodo, L.: Detecting and Preventing Type Flaws: a Control Flow Analysis with tags. In: Proc. of 5th International Workshop on Security Issues in Concurrency (SecCO). ENTCS (2007)

    Google Scholar 

  7. Bozzano, M.: A Logic-Based Approach to Model Checking of Parameterized and Infinite-State Systems. PhD Thesis, DISI, University of Genova (2002)

    Google Scholar 

  8. Burrows, M., Abadi, M., Needham, R.: A Logic of Authentication. TR 39, Digital Systems Research Center (February 1989)

    Google Scholar 

  9. Clark, J., Jacob, J.: A survey of authentication protocol literature: Version 1.0 (1997), http://www.cs.york.ac.uk/~jac/papers/drareviewps.ps

  10. Dolev, D., Yao, A.C.: On the Security of Public Key Protocols. IEEE TIT IT-29(12), 198–208 (1983)

    MathSciNet  Google Scholar 

  11. Gao, H., Bodei, C., Degano, P., Riis Nielson, H.: A Formal Analysis for Capturing Replay Attacks in Cryptographic Protocols. In: Cervesato, I. (ed.) ASIAN 2007. LNCS, vol. 4846, pp. 150–165. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  12. Gao, H., Riis Nielson, H.: Analysis of LySa calculus with explicit confidentiality annotations. In: Proc. of Advanced Information Networking and Applications (AINA), IEEE Computer Society, Los Alamitos (2005)

    Google Scholar 

  13. Heather, J., Lowe, G., Schneider, S.: How to prevent type flaw attacks on security protocols. In: Proc. of the 13th Computer Security Foundations Workshop (CSFW). IEEE Computer Society Press, Los Alamitos (2000)

    Google Scholar 

  14. Long, B.W.: Formal verification of a type flaw attack on a security protocol using Object-Z. In: Treharne, H., King, S., C. Henson, M., Schneider, S. (eds.) ZB 2005. LNCS, vol. 3455, pp. 319–333. Springer, Heidelberg (2005)

    Google Scholar 

  15. Long, B.W., Fidge, C.J., Carrington, D.A.: Cross-layer verification of type flaw attacks on security protocols. In: Proc. of the 30th Australasian conference on Computer science, vol. 62 (2007)

    Google Scholar 

  16. Meadows, C.: Analyzing the Needham-Schroeder public key protocol: A comparison of two approaches. In: Proc. of European Symposium on Research in Computer Security. Springer, Heidelberg (2006)

    Google Scholar 

  17. Meadows, C.: Identifying potential type confusion in authenticated messages. In: Proc. of Workshop on Foundation of Computer Security (FCS), Copenhagen, Denmark, DIKU TR 02/12, pp. 75–84 (2002)

    Google Scholar 

  18. Meadows, C.: A procedure for verifying security against type confusion attacks. In: Proc. of the 16th Workshop on Foundation of Computer Security (CSFW) (2003)

    Google Scholar 

  19. Millen, J., Shmatikov, V.: Constraint Solving for Bounded-Process Cryptographic Protocol Analysis. In: ACM Conference on Computer and Communications Security, pp. 166–175 (2001)

    Google Scholar 

  20. Milner, R.: Communicating and mobile systems: the π-calculus. Cambridge University Press, Cambridge (1999)

    Google Scholar 

  21. Nielson, F., Riis Nielson, H., Hansen, R.R.: Validating firewalls using flow logics. Theor. Comput. Sci. 283(2), 381–418 (2002)

    Article  MATH  Google Scholar 

  22. Nielson, F., Seidl, H., Nielson, H.R.: A Succinct Solver for ALFP. Nordic Journal of Computing 9, 335–372 (2002)

    MATH  MathSciNet  Google Scholar 

  23. Otway, D., Rees, O.: Efficient and timely mutual authentication. ACM Operating Systems Review 21(1), 8–10 (1987)

    Article  Google Scholar 

  24. Snekkenes, E.: Roles in cryptographic protocols. In: Proc. of the Computer Security Symposium on Research in Security and Privacy, pp. 105–119. IEEE Computer Society Press, Los Alamitos (1992)

    Chapter  Google Scholar 

  25. Stubblebine, S., Gligor, V.: On Message Integrity in Cryptographic Protocols. In: IEEE Computer Society Symposium on Research in Security and Privacy, pp. 85–104 (1992)

    Google Scholar 

  26. Stubblebine, S., Gligor, V.: Protocol Design for Integrity Protection. In: IEEE Computer Society Symposium on Research in Security and Privacy, pp. 41–53 (1993)

    Google Scholar 

  27. Syverson, P., Meadows, C.: Formal requirements for key distribution protocols. In: Advances in Cryptology - EUROCRYPT. LNCS, vol. 950, pp. 320–331. Springer, Heidelberg (1994)

    Chapter  Google Scholar 

  28. Wordsworth, J.B.: Software development with Z - A practical approach to formal methods in software engineering. International Computer Science Series. Addison-Wesley Publishers Ltd., London (1992)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Informatics and Mathematical Modelling, Technical University of Denmark, Richard Petersens Plads bldg 322, DK-2800, Kongens Lyngby, Denmark

    Han Gao

  2. Dipartimento di Informatica, Università di Pisa, Largo B. Pontecorvo, 3, I-56127, Pisa, Italy

    Chiara Bodei & Pierpaolo Degano

Authors
  1. Han Gao
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Chiara Bodei
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Pierpaolo Degano
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

José Meseguer Grigore Roşu

Rights and permissions

Reprints and permissions

Copyright information

© 2008 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Gao, H., Bodei, C., Degano, P. (2008). A Formal Analysis of Complex Type Flaw Attacks on Security Protocols. In: Meseguer, J., Roşu, G. (eds) Algebraic Methodology and Software Technology. AMAST 2008. Lecture Notes in Computer Science, vol 5140. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-79980-1_14

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-79980-1_14

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-79979-5

  • Online ISBN: 978-3-540-79980-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation