- 期刊
- OpenAccess
On Preventing Type Flaw Attacks on Security Protocols with a Simplified Tagging Scheme
並列摘要
A type flaw attack on a security protocol is an attack in which a field in a message that was originally intended to have one type is subsequently interpreted as having another type. Heather et al. proved that type flaw attacks can be prevented by tagging each field with the information that indicates its intended type. We simplify Heather et al.'s tagging scheme by combining all the tags inside each encrypted component into a single tag and by omitting the tags on the outermost level. The simplification process reduces the sizes of messages in the security protocol. We also formally prove that our simplified tagging scheme is as secure as Heather et al.' with the strand space method.
延伸閱讀
- Issac, B. (2009). Secure ARP and Secure DHCP Protocols to Mitigate Security Attacks. International Journal of Network Security, 8(2), 107-118. https://doi.org/10.6633/IJNS.200903.8(2).02
- Sobh, T. S., Elgohary, A., & Zaki, M. (2008). Performance Improvements on the Network Security Protocols. International Journal of Network Security, 6(1), 103-115. https://doi.org/10.6633/IJNS.200801.6(1).13
- Zou, J., Tao, D., & Yu, J. (2017). A Hybrid Intrusion Detection Model for Web Log-Based Attacks. 網際網路技術學刊, 18(4), 887-895. https://doi.org/10.6138/JIT.2017.18.4.20170518
- Chen, T. Y. (2006). An Effective Intrusion Prevention System to Protect Multi-Services against TCP SYN Flooding DDoS Attacks [master's thesis, National Tsing Hua University]. Airiti Library. https://doi.org/10.6843/NTHU.2006.00507
- Wu, T. Y., Tseng, Y. M., & Yu, C. W. (2011). A Secure ID-Based Authenticated Group Key Exchange Protocol Resistant to Insider Attacks. Journal of Information Science and Engineering, 27(3), 915-932. https://doi.org/10.6688/JISE.2011.27.3.7