Rethinking About Type-Flaw Attacks

Many security protocols are vulnerable to type flaw attacks, in which a protocol message may be forged from another message. The previous approaches focus on heuristic schemes to protect specific protocols but fail to expose the enabling factors of such attacks. In this paper, the authors investigate the relationship between the type flaw attacks on the security protocols and the knowledge of the principals. They formalize the notion of recognizability that characterizes the fact that a message could not be type-flawed. The approach helps one better understand security protocols and gives insights into the detection and prevention of type-flaw attacks.