Previous [ 1] [ 2] [ 3] [ 4] [ 5] [ 6] [ 7] [ 8] [ 9] [ 10] [ 11] [ 12]


Journal of Information Science and Engineering, Vol. 21 No. 1, pp. 59-84 (January 2005)

On Preventing Type Flaw Attacks on Security Protocols
With a Simplified Tagging Scheme*

Yafen Li, Wuu Yang and Ching-Wei Huang
Department of Computer and Information Science
National Chiao Tung University
Hsinchu, 300 Taiwan

A type flaw attack on a security protocol is an attack in which a field in a message that was originally intended to have one type is subsequently interpreted as having another type. Heather et al. proved that type flaw attacks can be prevented by tagging each field with the information that indicates its intended type. We simplify Heather et al.'s tagging scheme by combining all the tags inside each encrypted component into a single tag and by omitting the tags on the outermost level. The simplification process reduces the sizes of messages in the security protocol. We also formally prove that our simplified tagging scheme is as secure as Heather et al. with the strand space method.

Keywords: network security, security protocol, type flaw, strand space, tagging

Full Text () Retrieve PDF document (200501_04.pdf)

Received November 13, 2003; revised June 29, 2004; accepted July 9, 2004.
Communicated by Ten-Hwang Lai.
* This work reported here was supported by National Science Council, Taiwan, R.O.C., under grant NSC 92-2213-E-009-070. A short summary of this paper was presented at the 4th International Symposium on Information and Communication Technologies, Las Vegas, Nevada, June 16-18, 2004.