diff --git a/spdl/andrew-ban.spdl b/spdl/andrew-ban.spdl
new file mode 100644
index 0000000..6308610
--- /dev/null
+++ b/spdl/andrew-ban.spdl
@@ -0,0 +1,50 @@
+usertype SessionKey;
+const pk: Function;
+secret sk: Function;
+secret k: Function;
+inversekeys (pk,sk);
+
+protocol andrewBan(I,R)
+{
+	role I
+	{
+		const ni: Nonce;
+		var nr: Nonce;
+		var kir: SessionKey;
+
+		send_1(I,R, I,ni );
+		read_2(R,I, {ni,kir,I}k(I,R) );
+		send_3(I,R, {ni}kir );
+		read_4(R,I, nr );
+		claim_5(I,Nisynch);
+		claim_6(I,Secret, kir);
+		claim_7(I,Secret, k(I,R));
+	}	
+	
+	role R
+	{
+		var ni: Nonce;
+		const nr: Nonce;
+		const kir: SessionKey;
+
+		read_1(I,R, I,ni );
+		send_2(R,I, {ni,kir,I}k(I,R) );
+		read_3(I,R, {ni}kir );
+		send_4(R,I, nr );
+		claim_8(R,Nisynch);
+		claim_9(R,Secret, kir);
+		claim_10(R,Secret, k(I,R));
+	}
+}
+
+const Alice,Bob,Eve: Agent;
+
+untrusted Eve;
+const ne: Nonce;
+const kee: SessionKey;
+compromised sk(Eve);
+
+run andrewBan.I(Agent,Agent);
+run andrewBan.R(Agent,Agent);
+run andrewBan.I(Agent,Agent);
+run andrewBan.R(Agent,Agent);