Verifying insecurity of cryptographic protocols under bounded session numbers and XOR operations remains challenging due to limitations in existing modeling and analysis techniques. Method: We propose a novel formal analysis framework grounded in typed terms and well-typed proofs. Unlike conventional approaches that restrict protocol classes syntactically, our model enforces semantic constraints: honest agents’ transmitted messages must be logically derivable from messages previously received within the same session. This enhances both semantic fidelity and verifiability. By integrating formal logic with a refined type system, we achieve mechanized insecurity deduction for XOR-based protocols. Contribution/Results: Our framework broadens applicability—supporting richer protocol structures and more general adversarial models—while significantly simplifying proofs. It improves both analytical efficiency and reliability, advancing automated protocol verification in algebraic settings with associative-commutative operators.

We present a different proof of the insecurity problem for XOR, solved in by Chevalier, Kuesters, Rusinowitch and Turuani (2005). Our proof uses the notion of typed terms and well-typed proofs, and removes a restriction on the class of protocols to which the [CKRT05] proof applies, by introducing a slightly different (but very natural) notion of protocols, where honest agent sends are derivable from previous receives in the same session.