How to Prevent Type-Flaw Guessing Attacks on Password Protocols

摘要

A message in a protocol is said to have a type-flaw if it was created with an intended type, but is later received and treated as a different type. A type-flaw guessing attack is an attack in which a type-flaw is induced in a protocol to enable a password guessing attack to occur. Heather, Lowe, and Schneider in 'How to Prevent Type Flaw Attacks on Security Protocols' (July 2000) prove that attacks that use type-flaws can be prevented if honest agents tag messages with their intended types. However, their tagging scheme cannot be used in a password protocol since it allows a guess to be directly verified using the tags inside password encryptions. In this paper, the authors prove that following a modification of Heather et al.'s scheme, most type-flaw guessing attacks can still be prevented.