Abstract: A SAT-based security protocol formalization analysis method named SAT-LMC is proposed. The method introduces optimized the initial state and transformational rules with “lazy” idea. The efficiency of detection is significantly improved. Moreover, by adding support for strong type flaw attack defect, the attack detection becomes more comprehensive. A security protocol analysis tool is implemented based on the method; a type flaw attack is detected for protocol Otway-Rees. For OAuth2.0 protocol, analysis shows that there is a kind of man-in-the-middle attack of the authorization code in some application scenarios.