UnissResearch

Logo Universitàegli studi di Sassari
titoli, abstracts, parole chiave >>>
Statically detecting message confusions in a multi-protocol setting

Bodei, Chiara and Brodo, Linda and Degano, Pierpaolo and Gao, Han (2008) Statically detecting message confusions in a multi-protocol setting. In: Proceedings of the International Workshop on Issues in the Theory of Security (WITS'08), 2008, Pittsburgh (PA), USA. [1-18]. Conference or Workshop Item.

[img]
Preview
Full text disponibile come PDF Richiede visualizzatore di PDF come GSview, Xpdf o Adobe Acrobat Reader
512Kb

Abstract

In a multi-protocol setting, different protocols are concurrently executed, and each principal can participate in more than one. The possibilities of attacks therefore increase, often due to the presence of similar patterns in messages. Messages coming from one protocol can be confused with similar messages coming from another protocol. As a consequence, data of one type may be interpreted as data of another, and it is also possible that the type is the expected one, but the message is addressed to another protocol. In this paper, we shall present an extension of the LySa calculus [7, 4] that decorates encryption with tags including the protocol identifier, the protocol step identifier and the intended types of the encrypted terms. The additional information allows us to find the messages that can be confused and therefore to have hints to reconstruct the attack. We extend accordingly the standard static Control Flow Analysis for LySa, which over-approximates all the possible behaviour of the studied protocols, included the possible message confusions that may occur at run-time. Our analysis has been implemented and successfully applied to small sets of protocols. In particular, we discovered an undocumented family of attacks, that may arise when Bauer-Berson-Feiertag and the Woo-Lam authentication protocols are running in parallel. The implementation complexity of the analysis is low polynomial.

Item Type:Conference or Workshop Item (Paper)
ID Code:2228
Status:Published
Uncontrolled Keywords:Multi-protocol attacks, type flaw attacks, control flow analysis, LySa
Subjects:Area 01 - Scienze matematiche e informatiche > INF/01 Informatica
Divisions:001 Università di Sassari > 01 Dipartimenti > Scienze dei linguaggi
Deposited On:18 Aug 2009 10:07

I documenti depositati in UnissResearch sono protetti dalle leggi che regolano il diritto d'autore

Repository Staff Only: item control page