On preventing type flaw attacks on security protocols with a simplified tagging scheme

L. I. Yafen; Wuu Yang; Huang Ching-Wei

doi:10.6688/JISE.2005.21.1.4

On preventing type flaw attacks on security protocols with a simplified tagging scheme

L. I. Yafen^*, Wuu Yang, Huang Ching-Wei

^*Corresponding author for this work

Department of Computer Science

Research output: Contribution to journal › Article › peer-review

9 Scopus citations

Abstract

A type flaw attack on a security protocol is an attack in which a field in a message that was originally intended to have one type is subsequently interpreted as having another type. Heather et al. proved that type flaw attacks can be prevented by tagging each field with the information that indicates its intended type. We simplify Heather et al.'s tagging scheme by combining all the tags inside each encrypted component into a single tag and by omitting the tags on the outermost level. The simplification process reduces the sizes of messages in the security protocol. We also formally prove that our simplified tagging scheme is as secure as Heather et al.' with the strand space method.

Original language	English
Pages (from-to)	59-84
Number of pages	26
Journal	Journal of Information Science and Engineering
Volume	21
Issue number	1
DOIs	https://doi.org/10.6688/JISE.2005.21.1.4
State	Published - Jan 2005

Keywords

Network security
Security protocol
Strand space
Tagging
Type flaw

Access to Document

10.6688/JISE.2005.21.1.4

Cite this

@article{9528f8ff40484c20b600e608d8237978,

title = "On preventing type flaw attacks on security protocols with a simplified tagging scheme",

abstract = "A type flaw attack on a security protocol is an attack in which a field in a message that was originally intended to have one type is subsequently interpreted as having another type. Heather et al. proved that type flaw attacks can be prevented by tagging each field with the information that indicates its intended type. We simplify Heather et al.'s tagging scheme by combining all the tags inside each encrypted component into a single tag and by omitting the tags on the outermost level. The simplification process reduces the sizes of messages in the security protocol. We also formally prove that our simplified tagging scheme is as secure as Heather et al.' with the strand space method.",

keywords = "Network security, Security protocol, Strand space, Tagging, Type flaw",

author = "Yafen, {L. I.} and Wuu Yang and Huang Ching-Wei",

year = "2005",

month = jan,

doi = "10.6688/JISE.2005.21.1.4",

language = "English",

volume = "21",

pages = "59--84",

journal = "Journal of Information Science and Engineering",

issn = "1016-2364",

publisher = "Institute of Information Science",

number = "1",

}

TY - JOUR

T1 - On preventing type flaw attacks on security protocols with a simplified tagging scheme

AU - Yafen, L. I.

AU - Yang, Wuu

AU - Ching-Wei, Huang

PY - 2005/1

Y1 - 2005/1

N2 - A type flaw attack on a security protocol is an attack in which a field in a message that was originally intended to have one type is subsequently interpreted as having another type. Heather et al. proved that type flaw attacks can be prevented by tagging each field with the information that indicates its intended type. We simplify Heather et al.'s tagging scheme by combining all the tags inside each encrypted component into a single tag and by omitting the tags on the outermost level. The simplification process reduces the sizes of messages in the security protocol. We also formally prove that our simplified tagging scheme is as secure as Heather et al.' with the strand space method.

AB - A type flaw attack on a security protocol is an attack in which a field in a message that was originally intended to have one type is subsequently interpreted as having another type. Heather et al. proved that type flaw attacks can be prevented by tagging each field with the information that indicates its intended type. We simplify Heather et al.'s tagging scheme by combining all the tags inside each encrypted component into a single tag and by omitting the tags on the outermost level. The simplification process reduces the sizes of messages in the security protocol. We also formally prove that our simplified tagging scheme is as secure as Heather et al.' with the strand space method.

KW - Network security

KW - Security protocol

KW - Strand space

KW - Tagging

KW - Type flaw

UR - http://www.scopus.com/inward/record.url?scp=12744277366&partnerID=8YFLogxK

U2 - 10.6688/JISE.2005.21.1.4

DO - 10.6688/JISE.2005.21.1.4

M3 - Article

AN - SCOPUS:12744277366

SN - 1016-2364

VL - 21

SP - 59

EP - 84

JO - Journal of Information Science and Engineering

JF - Journal of Information Science and Engineering

IS - 1

ER -

On preventing type flaw attacks on security protocols with a simplified tagging scheme

Abstract

Keywords

Access to Document

Other files and links

Fingerprint

Cite this