scyther/gui/Protocols/MultiProtocolAttacks/yahalom-ban-paulson.spdl

48 lines
844 B
Plaintext
Raw Normal View History

// BAN modified version of the yahalom protocol
//
// Modeled as version in Paulson's paper:
// "Relations Between Secrets: Two Formal Analyses of the Yahalom
// Protocol"
usertype Server;
usertype SessionKey;
protocol yahalom-BAN-Paulson(A,B,S)
{
role A
{
fresh na: Nonce;
var nb: Nonce;
var ticket: Ticket;
var kab: SessionKey;
send_1(A,B, A,na);
2012-04-26 15:40:01 +01:00
recv_3(S,A, {B,kab,na,nb}k(A,S), ticket );
send_4(A,B, ticket, {nb}kab );
claim_5(A, Secret,kab);
}
role B
{
fresh nb: Nonce;
var na: Nonce;
var ticket: Ticket;
var kab: SessionKey;
2012-04-26 15:40:01 +01:00
recv_1(A,B, A,na);
send_2(B,S, B, {A,na,nb}k(B,S) );
2012-04-26 15:40:01 +01:00
recv_4(A,B, {A,kab}k(B,S) , {nb}kab );
claim_6(B, Secret,kab);
}
role S
{
fresh kab: SessionKey;
var na,nb: Nonce;
2012-04-26 15:40:01 +01:00
recv_2(B,S, B, {A,na,nb}k(B,S) );
send_3(S,A, {B,kab,na,nb}k(A,S), {A,kab}k(B,S) );
}
}