Converting the Strand Spaces'''' Algebraic Flaws to Actual Attacks
串空间代数缺陷到实际攻击的转换

We can conclude whether a protocol is defective according to the algebraic result after proving the protocol's security. But the algebraic result doesn't tell us explicitly how the actual attack takes place. In this paper, we propose four heuristic rules for converting the algebraic result to actual attack, and use them in Needham-Schroed- er public protocol as well as Otway-Rees symmetrical protocol. Practical evidences indicate that these four rules are very efficient in converting Strand Spaces' algebraic flaws to actual attacks.