Large pass on protocol specification files to get rid of deprecated constructions.

This commit is contained in:
Cas Cremers 2012-04-23 15:53:28 +02:00
parent 30006b732a
commit 755c4519c6
83 changed files with 165 additions and 940 deletions

View File

@ -37,9 +37,4 @@ protocol bke(I,R)
}
}
// An untrusted agent, with leaked information
const Eve: Agent;
untrusted Eve;
compromised sk(Eve);

View File

@ -65,9 +65,3 @@ protocol andrew-Concrete(I,R)
}
}
const Alice,Bob,Eve: Agent;
untrusted Eve;
const ne: Nonce;
const kee: SessionKey;

View File

@ -50,14 +50,3 @@ protocol andrew-Ban(I,R)
}
}
const Alice,Bob,Eve: Agent;
untrusted Eve;
const ne: Nonce;
const kee: SessionKey;
compromised k(Eve,Eve);
compromised k(Eve,Alice);
compromised k(Eve,Bob);
compromised k(Alice,Eve);
compromised k(Bob,Eve);

View File

@ -55,16 +55,3 @@ protocol andrew-LoweBan(I,R)
}
}
const Alice,Bob,Eve: Agent;
untrusted Eve;
const ne: Nonce;
const kee: SessionKey;
compromised k(Eve,Eve);
compromised k(Eve,Alice);
compromised k(Eve,Bob);
compromised k(Alice,Eve);
compromised k(Bob,Eve);

View File

@ -54,17 +54,3 @@ protocol boyd(I,R,S)
}
}
const Alice,Bob,Simon,Eve: Agent;
untrusted Eve;
const ne: Nonce;
const mcsde: Macseed;
const ke: Sessionkey;
compromised k(Eve,Eve);
compromised k(Eve,Alice);
compromised k(Eve,Bob);
compromised k(Eve,Simon);
compromised k(Alice,Eve);
compromised k(Bob,Eve);
compromised k(Simon,Eve);

View File

@ -37,9 +37,3 @@ protocol ccitt509-ban3(I,R)
}
}
const Alice,Bob,Eve: Agent;
untrusted Eve;
const ne: Nonce;
compromised sk(Eve);

View File

@ -63,12 +63,4 @@ protocol denningSacco-Lowe(I,R,S)
}
}
const Alice,Bob,Simon,Eve: Agent;
untrusted Eve;
const kee: SessionKey;
const tee: TimeStamp;
compromised k(Eve,Simon);

View File

@ -51,12 +51,5 @@ protocol denningSacco(I,R,S)
}
}
const Alice,Bob,Simon,Eve: Agent;
untrusted Eve;
const kee: SessionKey;
const tee: TimeStamp;
compromised k(Eve,Simon);

View File

@ -58,17 +58,3 @@ protocol gongnonceb(I,R,S)
}
}
const Alice,Bob,Simon,Eve: Agent;
untrusted Eve;
const ne: Nonce;
const kpe: Keypart;
const ke: Sessionkey;
compromised k(Eve,Eve);
compromised k(Eve,Alice);
compromised k(Eve,Bob);
compromised k(Eve,Simon);
compromised k(Alice,Eve);
compromised k(Bob,Eve);
compromised k(Simon,Eve);

View File

@ -55,17 +55,3 @@ protocol gongnonce(I,R,S)
}
}
const Alice,Bob,Simon,Eve: Agent;
untrusted Eve;
const ne: Nonce;
const kpe: Keypart;
const ke: Sessionkey;
compromised k(Eve,Eve);
compromised k(Eve,Alice);
compromised k(Eve,Bob);
compromised k(Eve,Simon);
compromised k(Alice,Eve);
compromised k(Bob,Eve);
compromised k(Simon,Eve);

View File

@ -40,17 +40,3 @@ protocol isoiec11770213(I,R,S)
}
}
const Alice,Bob,Simon,Eve: Agent;
untrusted Eve;
const ne: Nonce;
const te: Ticket;
const ke: Sessionkey;
compromised k(Eve,Eve);
compromised k(Eve,Alice);
compromised k(Eve,Bob);
compromised k(Eve,Simon);
compromised k(Alice,Eve);
compromised k(Bob,Eve);
compromised k(Simon,Eve);

View File

@ -53,17 +53,3 @@ protocol kaochow-2(I,R,S)
}
}
const Alice,Bob,Simon,Eve: Agent;
untrusted Eve;
const ne: Nonce;
const te: Ticket;
const ke: SessionKey;
compromised k(Eve,Eve);
compromised k(Eve,Alice);
compromised k(Eve,Bob);
compromised k(Eve,Simon);
compromised k(Alice,Eve);
compromised k(Bob,Eve);
compromised k(Simon,Eve);

View File

@ -57,17 +57,3 @@ protocol kaochow-3(I,R,S)
}
}
const Alice,Bob,Simon,Eve: Agent;
untrusted Eve;
const ne: Nonce;
const te: Ticket;
const ke: SessionKey;
compromised k(Eve,Eve);
compromised k(Eve,Alice);
compromised k(Eve,Bob);
compromised k(Eve,Simon);
compromised k(Alice,Eve);
compromised k(Bob,Eve);
compromised k(Simon,Eve);

View File

@ -53,17 +53,3 @@ protocol kaochow(I,R,S)
}
}
const Alice,Bob,Simon,Eve: Agent;
untrusted Eve;
const ne: Nonce;
const te: Ticket;
const ke: SessionKey;
compromised k(Eve,Eve);
compromised k(Eve,Alice);
compromised k(Eve,Bob);
compromised k(Eve,Simon);
compromised k(Alice,Eve);
compromised k(Bob,Eve);
compromised k(Simon,Eve);

View File

@ -9,21 +9,16 @@
usertype Server, SessionKey, TimeStamp, TicketKey;
usertype ExpiredTimeStamp;
const a, b, e: Agent;
const s: Server;
const Fresh: Function;
const Compromised: Function;
untrusted e;
compromised k(e,s);
protocol ksl(I,R,S)
{
role I
{
const Ni, Mi: Nonce;
fresh Ni, Mi: Nonce;
var Nc, Mr: Nonce;
var T: Ticket;
var Kir: SessionKey;
@ -45,10 +40,10 @@ protocol ksl(I,R,S)
role R
{
var Ni,Mi: Nonce;
const Nr,Nc,Mr: Nonce;
fresh Nr,Nc,Mr: Nonce;
var Kir: SessionKey;
const Kbb: TicketKey;
const Tr: TimeStamp;
fresh Kbb: TicketKey;
fresh Tr: TimeStamp;
var T: Ticket;
read_1(I,R, Ni, I);
@ -70,7 +65,7 @@ protocol ksl(I,R,S)
role S
{
var Ni, Nr: Nonce;
const Kir: SessionKey;
fresh Kir: SessionKey;
read_2(R,S, Ni, I, Nr, R );
send_3(S,R, { Nr, I, Kir }k(R,S), { Ni,R,Kir }k(I,S) );

View File

@ -64,10 +64,3 @@ protocol needhamschroedersk-amend(I,R,S)
}
const Alice,Bob,Simon,Eve: Agent;
untrusted Eve;
const ne: Nonce;
compromised k(Eve,Simon);

View File

@ -54,9 +54,3 @@ protocol needhamschroedersk(I,R,S)
}
}
const Alice,Bob,Simon,Eve: Agent;
untrusted Eve;
const ne: Nonce;
compromised k(Eve,Simon);

View File

@ -39,8 +39,3 @@ protocol ns3(I,R)
}
}
// An untrusted agent, with leaked information
const Eve: Agent;
untrusted Eve;
compromised sk(Eve);

View File

@ -37,8 +37,3 @@ protocol nsl3(I,R)
}
}
// An untrusted agent, with leaked information
const Eve: Agent;
untrusted Eve;
compromised sk(Eve);

View File

@ -54,8 +54,3 @@ protocol otwayrees(I,R,S)
}
}
const Alice, Bob, Eve, Simon: Agent;
untrusted Eve;
compromised k(Eve,Simon);

View File

@ -19,9 +19,3 @@ protocol soph(I,R)
}
}
const Alice,Bob,Eve: Agent;
untrusted Eve;
const nc: Nonce;
compromised sk(Eve);

View File

@ -64,9 +64,3 @@ protocol spliceAS-CJ(I,R,S)
}
}
const Alice,Bob,Simon,Eve: Agent;
untrusted Eve;
const ne: Nonce;
compromised sk(Eve);

View File

@ -7,9 +7,6 @@
usertype TimeStamp, LifeTime;
const pk: Function;
secret sk: Function;
inversekeys (pk,sk);
const inc,dec: Function;
inversekeys (inc,dec);
@ -62,11 +59,3 @@ protocol spliceAS-HC(I,R,S)
}
}
const Alice,Bob,Simon,Eve: Agent;
untrusted Eve;
const ne: Nonce;
compromised sk(Eve);

View File

@ -64,9 +64,3 @@ protocol spliceAS(I,R,S)
}
}
const Alice,Bob,Simon,Eve: Agent;
untrusted Eve;
const ne: Nonce;
compromised sk(Eve);

View File

@ -49,12 +49,3 @@ protocol tmn(I,R,S)
}
}
const Alice,Bob,Eve,Simon: Agent;
const Ke: SessionKey;
untrusted Eve;
compromised sk(Eve);

View File

@ -30,11 +30,3 @@ protocol wmfbrutus(A,B,S)
}
}
const Alice, Bob, Eve: Agent;
const Simon: Server;
untrusted Eve;
compromised k(Eve,Simon);

View File

@ -61,13 +61,3 @@ protocol wmf-Lowe(I,R,S)
}
}
const Alice,Bob,Eve,Simon: Agent;
const Ke: SessionKey;
const Te: TimeStamp;
untrusted Eve;
compromised k(Eve,Simon);

View File

@ -52,13 +52,3 @@ protocol wmf(I,R,S)
}
}
const Alice,Bob,Eve,Simon: Agent;
const Ke: SessionKey;
const Te: TimeStamp;
untrusted Eve;
compromised k(Eve,Simon);

View File

@ -18,7 +18,7 @@ protocol woolamPi-1(I,R,S)
role R
{
const Nr: Nonce;
fresh Nr: Nonce;
var T: Ticket;
read_1(I,R, I);
@ -39,13 +39,3 @@ protocol woolamPi-1(I,R,S)
}
}
const Alice,Bob,Eve,Simon: Agent;
const Te: Ticket;
const Ne: Nonce;
untrusted Eve;
compromised k(Eve,Simon);

View File

@ -18,7 +18,7 @@ protocol woolamPi-2(I,R,S)
role R
{
const Nr: Nonce;
fresh Nr: Nonce;
var T: Ticket;
read_1(I,R, I);
@ -39,13 +39,3 @@ protocol woolamPi-2(I,R,S)
}
}
const Alice,Bob,Eve,Simon: Agent;
const Te: Ticket;
const Ne: Nonce;
untrusted Eve;
compromised k(Eve,Simon);

View File

@ -18,7 +18,7 @@ protocol woolamPi-3(I,R,S)
role R
{
const Nr: Nonce;
fresh Nr: Nonce;
var T: Ticket;
read_1(I,R, I);
@ -39,13 +39,3 @@ protocol woolamPi-3(I,R,S)
}
}
const Alice,Bob,Eve,Simon: Agent;
const Te: Ticket;
const Ne: Nonce;
untrusted Eve;
compromised k(Eve,Simon);

View File

@ -39,11 +39,3 @@ protocol woolamPi-f(I,R,S)
}
}
const Alice,Bob,Eve,Simon: Agent;
const Te: Ticket;
const Ne: Nonce;
untrusted Eve;
compromised k(Eve,Simon);

View File

@ -9,9 +9,6 @@
usertype Server;
usertype SessionKey;
const a,b,c : Agent;
const s : Server;
protocol yahalom-BAN-Paulson-modified(A,B,S)
{
role A

View File

@ -7,9 +7,6 @@
usertype Server;
usertype SessionKey;
const a,b,c : Agent;
const s : Server;
protocol yahalom-BAN-Paulson(A,B,S)
{
role A

View File

@ -52,5 +52,4 @@ protocol yahalom-BAN(I,R,S)
}
}
const Alice,Bob,Charlie,David: Agent;

View File

@ -50,5 +50,4 @@ protocol yahalom-Lowe(I,R,S)
}
}
const Alice,Bob,Simon : Agent;

View File

@ -50,10 +50,3 @@ protocol yahalom(I,R,S)
}
}
const Alice,Bob,Simon : Agent;
const Eve: Agent;
untrusted Eve;
compromised k(Eve,Simon);

View File

@ -17,7 +17,6 @@
#
usertype SessionKey;
secret k: Function;
const Fresh: Function;
const Compromised: Function;
@ -38,7 +37,7 @@ protocol andrew-Concrete(I,R)
role I
{
const ni: Nonce;
fresh ni: Nonce;
var nr: Nonce;
var kir: SessionKey;
@ -54,8 +53,8 @@ protocol andrew-Concrete(I,R)
role R
{
var ni: Nonce;
const nr: Nonce;
const kir: SessionKey;
fresh nr: Nonce;
fresh kir: SessionKey;
read_1(I,R, I,ni );
send_2(R,I, {ni,kir}k(I,R) );
@ -67,9 +66,3 @@ protocol andrew-Concrete(I,R)
}
}
const Alice,Bob,Eve: Agent;
untrusted Eve;
const ne: Nonce;
const kee: SessionKey;

View File

@ -12,7 +12,6 @@
# According to SPORE there are no known attacks on this protocol
#
usertype SessionKey;
secret k: Function;
const Fresh: Function;
const Compromised: Function;
@ -20,7 +19,7 @@ protocol andrew-Ban(I,R)
{
role I
{
const ni: Nonce;
fresh ni: Nonce;
var nr,nr2: Nonce;
var kir: SessionKey;
@ -38,8 +37,8 @@ protocol andrew-Ban(I,R)
role R
{
var ni: Nonce;
const nr,nr2: Nonce;
const kir: SessionKey;
fresh nr,nr2: Nonce;
fresh kir: SessionKey;
read_1(I,R, I,{ni}k(I,R) );
send_2(R,I, {ni,nr}k(I,R) );
@ -53,14 +52,3 @@ protocol andrew-Ban(I,R)
}
}
const Alice,Bob,Eve: Agent;
untrusted Eve;
const ne: Nonce;
const kee: SessionKey;
compromised k(Eve,Eve);
compromised k(Eve,Alice);
compromised k(Eve,Bob);
compromised k(Alice,Eve);
compromised k(Bob,Eve);

View File

@ -19,7 +19,6 @@
#
usertype SessionKey;
secret k: Function;
const Fresh: Function;
const Compromised: Function;
@ -27,7 +26,7 @@ protocol andrew-LoweBan(I,R)
{
role I
{
const ni: Nonce;
fresh ni: Nonce;
var nr: Nonce;
var kir: SessionKey;
@ -43,8 +42,8 @@ protocol andrew-LoweBan(I,R)
role R
{
var ni: Nonce;
const nr: Nonce;
const kir: SessionKey;
fresh nr: Nonce;
fresh kir: SessionKey;
read_1(I,R, I,ni );
send_2(R,I, {ni,kir,R}k(I,R) );
@ -56,16 +55,3 @@ protocol andrew-LoweBan(I,R)
}
}
const Alice,Bob,Eve: Agent;
untrusted Eve;
const ne: Nonce;
const kee: SessionKey;
compromised k(Eve,Eve);
compromised k(Eve,Alice);
compromised k(Eve,Bob);
compromised k(Alice,Eve);
compromised k(Bob,Eve);

View File

@ -10,7 +10,6 @@
#
usertype SessionKey;
secret k: Function;
const succ: Function;
const Fresh: Function;
const Compromised: Function;
@ -19,7 +18,7 @@ protocol andrew(I,R)
{
role I
{
const ni: Nonce;
fresh ni: Nonce;
var nr,nr2: Nonce;
var kir: SessionKey;
@ -36,8 +35,8 @@ protocol andrew(I,R)
role R
{
var ni: Nonce;
const nr,nr2: Nonce;
const kir: SessionKey;
fresh nr,nr2: Nonce;
fresh kir: SessionKey;
read_1(I,R, I,{ni}k(I,R) );
send_2(R,I, {succ(ni),nr}k(I,R) );
@ -50,16 +49,3 @@ protocol andrew(I,R)
}
}
const Alice,Bob,Eve: Agent;
untrusted Eve;
const ne: Nonce;
const kee: SessionKey;
compromised k(Eve,Eve);
compromised k(Eve,Alice);
compromised k(Eve,Bob);
compromised k(Alice,Eve);
compromised k(Bob,Eve);

View File

@ -9,17 +9,14 @@
# which can currently not be modelled in scyther
#
const pk: Function;
secret sk: Function;
inversekeys(pk,sk);
usertype Timestamp;
protocol ccitt509-1(I,R)
{
role I
{
const Ta: Timestamp;
const Na,Xa,Ya: Nonce;
fresh Ta: Timestamp;
fresh Na,Xa,Ya: Nonce;
send_1(I,R, I,{Ta, Na, R, Xa,{Ya}pk(R)}sk(I));
# claim_2(I,Nisynch);
# This claim is useless as there are no preceding read events
@ -36,11 +33,3 @@ protocol ccitt509-1(I,R)
}
}
const Alice,Bob,Eve: Agent;
untrusted Eve;
const ne: Nonce;
const te: Timestamp;
compromised sk(Eve);

View File

@ -7,10 +7,7 @@
# According to SPORE there are no known attacks on this protocol
#
const pk,hash: Function;
secret sk,unhash: Function;
inversekeys (hash,unhash);
inversekeys(pk,sk);
hashfunction hash;
usertype Timestamp;
protocol ccitt509-1c(I,R)
@ -35,10 +32,3 @@ protocol ccitt509-1c(I,R)
}
}
const Alice,Bob,Eve: Agent;
untrusted Eve;
const ne: Nonce;
const te: Timestamp;
compromised sk(Eve);

View File

@ -8,18 +8,15 @@
# this can not be verified using scyther
#
const pk: Function;
secret sk: Function;
inversekeys(pk,sk);
usertype Timestamp;
protocol ccitt509-3(I,R)
{
role I
{
const Ta: Timestamp;
fresh Ta: Timestamp;
var Tb: Timestamp;
const Na,Xa,Ya: Nonce;
fresh Na,Xa,Ya: Nonce;
var Xb,Nb,Yb: Nonce;
send_1(I,R, I,{Ta, Na, R, Xa,{Ya}pk(R)}sk(I));
read_2(R,I, R,{Tb, Nb, I, Na, Xb,{Yb}pk(I)}sk(R));
@ -32,9 +29,9 @@ protocol ccitt509-3(I,R)
role R
{
var Ta: Timestamp;
const Tb: Timestamp;
fresh Tb: Timestamp;
var Na,Xa,Ya: Nonce;
const Xb,Yb,Nb: Nonce;
fresh Xb,Yb,Nb: Nonce;
read_1(I,R, I,{Ta, Na, R, Xa,{Ya}pk(R)}sk(I));
send_2(R,I, R,{Tb, Nb, I, Na, Xb,{Yb}pk(I)}sk(R));
@ -46,10 +43,3 @@ protocol ccitt509-3(I,R)
}
}
const Alice,Bob,Eve: Agent;
untrusted Eve;
const ne: Nonce;
const te: Timestamp;
compromised sk(Eve);

View File

@ -11,10 +11,6 @@
# According to SPORE there are no known attacks on this protocol
#
const pk: Function;
secret sk: Function;
inversekeys(pk,sk);
protocol ccitt509-ban3(I,R)
{
role I
@ -41,9 +37,3 @@ protocol ccitt509-ban3(I,R)
}
}
const Alice,Bob,Eve: Agent;
untrusted Eve;
const ne: Nonce;
compromised sk(Eve);

View File

@ -11,7 +11,6 @@ usertype Key;
usertype SessionKey;
usertype TimeStamp;
usertype ExpiredTimeStamp;
secret k: Function;
usertype PseudoFunction;
const dec: PseudoFunction;
const Fresh: Function;
@ -41,7 +40,7 @@ protocol denningSacco-Lowe(I,R,S)
{
var Kir: SessionKey;
var T: TimeStamp;
const Nr: Nonce;
fresh Nr: Nonce;
read_3(I,R, {Kir,I,T}k(R,S));
send_4(R,I, {Nr}Kir);
@ -55,20 +54,11 @@ protocol denningSacco-Lowe(I,R,S)
role S
{
var W: Ticket;
const Kir: SessionKey;
const T: TimeStamp;
fresh Kir: SessionKey;
fresh T: TimeStamp;
read_1(I,S, I,R );
send_2(S,I, {R, Kir, T, {Kir, I,T}k(R,S)}k(I,S));
}
}
const Alice,Bob,Simon,Eve: Agent;
untrusted Eve;
const kee: SessionKey;
const tee: TimeStamp;
compromised k(Eve,Simon);

View File

@ -8,7 +8,6 @@ usertype Key;
usertype SessionKey;
usertype TimeStamp;
usertype ExpiredTimeStamp;
secret k: Function;
const Fresh: Function;
const Compromised: Function;
@ -44,20 +43,11 @@ protocol denningSacco(I,R,S)
role S
{
var W: Ticket;
const Kir: SessionKey;
const T: TimeStamp;
fresh Kir: SessionKey;
fresh T: TimeStamp;
read_1(I,S, I,R );
send_2(S,I, {R, Kir, T, {Kir, I,T}k(R,S)}k(I,S));
}
}
const Alice,Bob,Simon,Eve: Agent;
untrusted Eve;
const kee: SessionKey;
const tee: TimeStamp;
compromised k(Eve,Simon);

View File

@ -5,7 +5,6 @@
#
usertype SessionKey;
secret k: Function;
const Fresh: Function;
const Compromised: Function;
@ -13,7 +12,7 @@ protocol kaochow-2(I,R,S)
{
role I
{
const ni: Nonce;
fresh ni: Nonce;
var nr: Nonce;
var kir,kt: SessionKey;
@ -30,7 +29,7 @@ protocol kaochow-2(I,R,S)
role R
{
var ni: Nonce;
const nr: Nonce;
fresh nr: Nonce;
var kir,kt: SessionKey;
var T: Ticket;
@ -47,24 +46,10 @@ protocol kaochow-2(I,R,S)
role S
{
var ni: Nonce;
const kir, kt: SessionKey;
fresh kir, kt: SessionKey;
read_1 (I,S, I,R,ni);
send_2 (S,R, {I,R,ni,kir,kt}k(I,S), { I,R,ni,kir,kt }k(R,S) );
}
}
const Alice,Bob,Simon,Eve: Agent;
untrusted Eve;
const ne: Nonce;
const te: Ticket;
const ke: SessionKey;
compromised k(Eve,Eve);
compromised k(Eve,Alice);
compromised k(Eve,Bob);
compromised k(Eve,Simon);
compromised k(Alice,Eve);
compromised k(Bob,Eve);
compromised k(Simon,Eve);

View File

@ -7,7 +7,6 @@
usertype SessionKey;
usertype ExpiredTimeStamp;
usertype TimeStamp;
secret k: Function;
const Fresh: Function;
const Compromised: Function;
@ -15,7 +14,7 @@ protocol kaochow-3(I,R,S)
{
role I
{
const ni: Nonce;
fresh ni: Nonce;
var nr: Nonce;
var kir,kt: SessionKey;
var T2: Ticket;
@ -33,10 +32,10 @@ protocol kaochow-3(I,R,S)
role R
{
var ni: Nonce;
const nr: Nonce;
fresh nr: Nonce;
var kir,kt: SessionKey;
var T: Ticket;
const tr: TimeStamp;
fresh tr: TimeStamp;
read_2 (S,R, T, { I,R,ni,kir,kt }k(R,S) );
send_3 (R,I, T, {ni, kir}kt, nr, {I,R,tr,kir}k(R,S) );
@ -51,24 +50,10 @@ protocol kaochow-3(I,R,S)
role S
{
var ni: Nonce;
const kir, kt: SessionKey;
fresh kir, kt: SessionKey;
read_1 (I,S, I,R,ni);
send_2 (S,R, {I,R,ni,kir,kt}k(I,S), { I,R,ni,kir,kt }k(R,S) );
}
}
const Alice,Bob,Simon,Eve: Agent;
untrusted Eve;
const ne: Nonce;
const te: Ticket;
const ke: SessionKey;
compromised k(Eve,Eve);
compromised k(Eve,Alice);
compromised k(Eve,Bob);
compromised k(Eve,Simon);
compromised k(Alice,Eve);
compromised k(Bob,Eve);
compromised k(Simon,Eve);

View File

@ -5,7 +5,6 @@
#
usertype SessionKey;
secret k: Function;
const Fresh: Function;
const Compromised: Function;
@ -13,7 +12,7 @@ protocol kaochow(I,R,S)
{
role I
{
const ni: Nonce;
fresh ni: Nonce;
var nr: Nonce;
var kir: SessionKey;
@ -30,7 +29,7 @@ protocol kaochow(I,R,S)
role R
{
var ni: Nonce;
const nr: Nonce;
fresh nr: Nonce;
var kir: SessionKey;
var T;
@ -47,24 +46,10 @@ protocol kaochow(I,R,S)
role S
{
var ni: Nonce;
const kir: SessionKey;
fresh kir: SessionKey;
read_1 (I,S, I,R,ni);
send_2 (S,R, {I,R,ni,kir}k(I,S), { I,R,ni,kir }k(R,S) );
}
}
const Alice,Bob,Simon,Eve: Agent;
untrusted Eve;
const ne: Nonce;
const te: Ticket;
const ke: SessionKey;
compromised k(Eve,Eve);
compromised k(Eve,Alice);
compromised k(Eve,Bob);
compromised k(Eve,Simon);
compromised k(Alice,Eve);
compromised k(Bob,Eve);
compromised k(Simon,Eve);

View File

@ -9,24 +9,15 @@
usertype Server, SessionKey, TimeStamp, TicketKey;
usertype ExpiredTimeStamp;
secret k: Function;
const a, b, e: Agent;
const s: Server;
const Fresh: Function;
const Compromised: Function;
const ne: Nonce;
const kee: SessionKey;
untrusted e;
compromised k(e,s);
protocol ksl-Lowe(I,R,S)
{
role I
{
const Ni, Mi: Nonce;
fresh Ni, Mi: Nonce;
var Nc, Mr: Nonce;
var T: Ticket;
var Kir: SessionKey;
@ -48,10 +39,10 @@ protocol ksl-Lowe(I,R,S)
role R
{
var Ni,Mi: Nonce;
const Nr,Nc,Mr: Nonce;
fresh Nr,Nc,Mr: Nonce;
var Kir: SessionKey;
const Kbb: TicketKey;
const Tr: TimeStamp;
fresh Kbb: TicketKey;
fresh Tr: TimeStamp;
var T: Ticket;
read_1(I,R, Ni, I);
@ -73,11 +64,10 @@ protocol ksl-Lowe(I,R,S)
role S
{
var Ni, Nr: Nonce;
const Kir: SessionKey;
fresh Kir: SessionKey;
read_2(R,S, Ni, I, Nr, R );
send_3(S,R, { I, Nr, Kir }k(R,S), { Ni,R,Kir }k(I,S) );
}
}

View File

@ -8,25 +8,15 @@
usertype Server, SessionKey, TimeStamp, TicketKey;
usertype ExpiredTimeStamp;
secret k: Function;
const a, b, e: Agent;
const s: Server;
const Fresh: Function;
const Compromised: Function;
const ne: Nonce;
const kee: SessionKey;
untrusted e;
compromised k(e,s);
protocol ksl(I,R,S)
{
role I
{
const Ni, Mi: Nonce;
fresh Ni, Mi: Nonce;
var Nc, Mr: Nonce;
var T: Ticket;
var Kir: SessionKey;
@ -48,10 +38,10 @@ protocol ksl(I,R,S)
role R
{
var Ni,Mi: Nonce;
const Nr,Nc,Mr: Nonce;
fresh Nr,Nc,Mr: Nonce;
var Kir: SessionKey;
const Kbb: TicketKey;
const Tr: TimeStamp;
fresh Kbb: TicketKey;
fresh Tr: TimeStamp;
var T: Ticket;
read_1(I,R, Ni, I);
@ -73,11 +63,10 @@ protocol ksl(I,R,S)
role S
{
var Ni, Nr: Nonce;
const Kir: SessionKey;
fresh Kir: SessionKey;
read_2(R,S, Ni, I, Nr, R );
send_3(S,R, { Nr, I, Kir }k(R,S), { Ni,R,Kir }k(I,S) );
}
}

View File

@ -10,16 +10,11 @@
# synchronisation and agreement, because the keys that the server sends
# out can be replayed.
secret pk: Function; # For some reason SPORE models it such that the agents
# do not know the public keys of the other agents
secret sk: Function;
inversekeys(pk,sk);
protocol needhamschroederpk-Lowe(I,R,S)
{
role I
{
const Ni: Nonce;
fresh Ni: Nonce;
var Nr: Nonce;
send_1(I,S, (I,R));
@ -34,7 +29,7 @@ protocol needhamschroederpk-Lowe(I,R,S)
role R
{
const Nr: Nonce;
fresh Nr: Nonce;
var Ni: Nonce;
read_3(I,R,{Ni,I}pk(R));
@ -56,11 +51,3 @@ protocol needhamschroederpk-Lowe(I,R,S)
}
}
const Alice,Bob,Simon,Eve: Agent;
untrusted Eve;
const ne: Nonce;
compromised sk(Eve);
compromised pk(Eve);
compromised pk(Simon); # Needed because of the way SPORE models nsl

View File

@ -10,7 +10,6 @@
secret k: Function;
# Model dec that is invertible by inc
const dec,inc: Function;
inversekeys(dec,inc);
@ -22,7 +21,7 @@ protocol needhamschroedersk-amend(I,R,S)
{
role I
{
const Ni: Nonce;
fresh Ni: Nonce;
var Nr: Nonce;
var Kir: SessionKey;
var T,T2: Ticket;
@ -42,7 +41,7 @@ protocol needhamschroedersk-amend(I,R,S)
role R
{
const Nr: Nonce;
fresh Nr: Nonce;
var Kir: SessionKey;
read_1(I,R,I);
@ -58,17 +57,10 @@ protocol needhamschroedersk-amend(I,R,S)
role S
{
var Ni,Nr: Nonce;
const Kir: SessionKey;
fresh Kir: SessionKey;
read_3(I,S,(I,R,Ni,{I,Nr}k(R,S)));
send_4(S,I,{Ni,R,Kir,{Kir,Nr,I}k(R,S)}k(I,S));
}
}
const Alice,Bob,Simon,Eve: Agent;
untrusted Eve;
const ne: Nonce;
compromised k(Eve,Simon);

View File

@ -6,7 +6,6 @@
#
secret k: Function;
# Model dec that is invertible by inc
const dec,inc: Function;
inversekeys(dec,inc);
@ -18,7 +17,7 @@ protocol needhamschroedersk(I,R,S)
{
role I
{
const Ni: Nonce;
fresh Ni: Nonce;
var Nr: Nonce;
var Kir: SessionKey;
var T: Ticket;
@ -35,7 +34,7 @@ protocol needhamschroedersk(I,R,S)
role R
{
const Nr: Nonce;
fresh Nr: Nonce;
var Kir: SessionKey;
read_3(I,R,{Kir,I}k(R,S));
@ -49,15 +48,9 @@ protocol needhamschroedersk(I,R,S)
role S
{
var Ni: Nonce;
const Kir: SessionKey;
fresh Kir: SessionKey;
read_1(I,S,(I,R,Ni));
send_2(S,I,{Ni,R,Kir,{Kir,I}k(R,S)}k(I,S));
}
}
const Alice,Bob,Simon,Eve: Agent;
untrusted Eve;
const ne: Nonce;
compromised k(Eve,Simon);

View File

@ -10,16 +10,11 @@
# synchronisation and agreement, because the keys that the server sends
# out can be replayed.
secret pk: Function; # For some reason SPORE models it such that the agents
# do not know the public keys of the other agents
secret sk: Function;
inversekeys(pk,sk);
protocol needhamschroederpk(I,R,S)
{
role I
{
const Ni: Nonce;
fresh Ni: Nonce;
var Nr: Nonce;
send_1(I,S,(I,R));
@ -34,7 +29,7 @@ protocol needhamschroederpk(I,R,S)
role R
{
const Nr: Nonce;
fresh Nr: Nonce;
var Ni: Nonce;
read_3(I,R,{Ni,I}pk(R));
@ -56,12 +51,3 @@ protocol needhamschroederpk(I,R,S)
}
}
const Alice,Bob,Simon,Eve: Agent;
untrusted Eve;
const ne: Nonce;
compromised sk(Eve);
compromised pk(Eve);
compromised pk(Simon); # Needed because SPORE only assumes agents know their
# own public key and that of the server

View File

@ -10,27 +10,20 @@
usertype Server, SessionKey, TimeStamp, TicketKey;
usertype ExpiredTimeStamp;
secret k: Function;
const Alice, Bob, Simon, Eve: Agent;
const Fresh: Function;
const Compromised: Function;
const ne: Nonce;
const kee: SessionKey;
untrusted Eve;
compromised k(Eve,Simon);
protocol neustub-GuttmanHwang^Repeat(I,R,S)
{
const Kir: SessionKey;
fresh Kir: SessionKey;
role I
{
const Mi: Nonce;
fresh Mi: Nonce;
var Mr: Nonce;
const Kir: SessionKey;
const Tr: TimeStamp;
fresh Kir: SessionKey;
fresh Tr: TimeStamp;
send_5(I,R,Mi,{I,Kir,Tr}k(R,S));
read_6(R,I,{Mi,Mr}Kir);
@ -43,7 +36,7 @@ protocol neustub-GuttmanHwang^Repeat(I,R,S)
role R
{
const Mr: Nonce;
fresh Mr: Nonce;
var Tr: TimeStamp;
var Kir: SessionKey;
var Mi: Nonce;
@ -65,7 +58,7 @@ protocol neustub-GuttmanHwang(I,R,S)
{
role I
{
const Ni: Nonce;
fresh Ni: Nonce;
var Nr: Nonce;
var T: Ticket;
var Tb: TimeStamp;
@ -84,9 +77,9 @@ protocol neustub-GuttmanHwang(I,R,S)
role R
{
var Ni,Mi: Nonce;
const Nr,Mr: Nonce;
fresh Nr,Mr: Nonce;
var Kir: SessionKey;
const Tb: TimeStamp;
fresh Tb: TimeStamp;
var T: Ticket;
read_1(I,R, I, Ni);
@ -102,7 +95,7 @@ protocol neustub-GuttmanHwang(I,R,S)
role S
{
var Ni, Nr: Nonce;
const Kir: SessionKey;
fresh Kir: SessionKey;
var Tb: TimeStamp;
read_!2(R,S, R, {I,Ni,Tb,Nr}k(R,S));

View File

@ -10,27 +10,20 @@
usertype Server, SessionKey, TimeStamp, TicketKey;
usertype ExpiredTimeStamp;
secret k: Function;
const Alice, Bob, Simon, Eve: Agent;
const Fresh: Function;
const Compromised: Function;
const ne: Nonce;
const kee: SessionKey;
untrusted Eve;
compromised k(Eve,Simon);
protocol neustub^Repeat(I,R,S)
{
const Kir: SessionKey;
fresh Kir: SessionKey;
role I
{
const Mi: Nonce;
fresh Mi: Nonce;
var Mr: Nonce;
const Kir: SessionKey;
const Tr: TimeStamp;
fresh Kir: SessionKey;
fresh Tr: TimeStamp;
send_5(I,R,Mi,{I,Kir,Tr}k(R,S));
read_6(R,I,{Mi,Mr}Kir);
@ -43,7 +36,7 @@ protocol neustub^Repeat(I,R,S)
role R
{
const Mr: Nonce;
fresh Mr: Nonce;
var Tr: TimeStamp;
var Kir: SessionKey;
var Mi: Nonce;
@ -65,7 +58,7 @@ protocol neustub(I,R,S)
{
role I
{
const Ni: Nonce;
fresh Ni: Nonce;
var Nr: Nonce;
var T: Ticket;
var Tb: TimeStamp;
@ -84,9 +77,9 @@ protocol neustub(I,R,S)
role R
{
var Ni,Mi: Nonce;
const Nr,Mr: Nonce;
fresh Nr,Mr: Nonce;
var Kir: SessionKey;
const Tb: TimeStamp;
fresh Tb: TimeStamp;
var T: Ticket;
read_1(I,R, I, Ni);
@ -102,7 +95,7 @@ protocol neustub(I,R,S)
role S
{
var Ni, Nr: Nonce;
const Kir: SessionKey;
fresh Kir: SessionKey;
var Tb: TimeStamp;
read_!2(R,S, R, {I,Ni,Tb}k(R,S), Nr);

View File

@ -10,23 +10,15 @@
usertype Server, SessionKey, TimeStamp, TicketKey;
usertype ExpiredTimeStamp;
secret k: Function;
const a, b, e: Agent;
const s: Server;
const Fresh: Function;
const Compromised: Function;
const ne: Nonce;
const kee: SessionKey;
untrusted e;
compromised k(e,s);
protocol neustub-Hwang(I,R,S)
{
role I
{
const Ni,Mi: Nonce;
fresh Ni,Mi: Nonce;
var Nr,Mr: Nonce;
var T: Ticket;
var Tb: TimeStamp;
@ -48,9 +40,9 @@ protocol neustub-Hwang(I,R,S)
role R
{
var Ni,Mi: Nonce;
const Nr,Mr: Nonce;
fresh Nr,Mr: Nonce;
var Kir: SessionKey;
const Tb: TimeStamp;
fresh Tb: TimeStamp;
var T: Ticket;
read_1(I,R, I, Ni);
@ -69,7 +61,7 @@ protocol neustub-Hwang(I,R,S)
role S
{
var Ni, Nr: Nonce;
const Kir: SessionKey;
fresh Kir: SessionKey;
var Tb: TimeStamp;
read_!2(R,S, R, {I,Ni,Tb,Nr}k(R,S));

View File

@ -10,27 +10,20 @@
usertype Server, SessionKey, TimeStamp, TicketKey;
usertype ExpiredTimeStamp;
secret k: Function;
const Alice, Bob, Simon, Eve: Agent;
const Fresh: Function;
const Compromised: Function;
const ne: Nonce;
const kee: SessionKey;
untrusted Eve;
compromised k(Eve,Simon);
protocol neustub^Repeat(I,R,S)
{
const Kir: SessionKey;
fresh Kir: SessionKey;
role I
{
const Mi: Nonce;
fresh Mi: Nonce;
var Mr: Nonce;
const Kir: SessionKey;
const Tr: TimeStamp;
fresh Kir: SessionKey;
fresh Tr: TimeStamp;
send_5(I,R,Mi,{I,Kir,Tr}k(R,S));
read_6(R,I,Mr,{Mi}Kir);
@ -43,7 +36,7 @@ protocol neustub^Repeat(I,R,S)
role R
{
const Mr: Nonce;
fresh Mr: Nonce;
var Tr: TimeStamp;
var Kir: SessionKey;
var Mi: Nonce;
@ -65,7 +58,7 @@ protocol neustub(I,R,S)
{
role I
{
const Ni: Nonce;
fresh Ni: Nonce;
var Nr: Nonce;
var T: Ticket;
var Tb: TimeStamp;
@ -84,9 +77,9 @@ protocol neustub(I,R,S)
role R
{
var Ni,Mi: Nonce;
const Nr,Mr: Nonce;
fresh Nr,Mr: Nonce;
var Kir: SessionKey;
const Tb: TimeStamp;
fresh Tb: TimeStamp;
var T: Ticket;
read_1(I,R, I, Ni);
@ -102,7 +95,7 @@ protocol neustub(I,R,S)
role S
{
var Ni, Nr: Nonce;
const Kir: SessionKey;
fresh Kir: SessionKey;
var Tb: TimeStamp;
read_2(R,S, R, {I,Ni,Tb}k(R,S), Nr);

View File

@ -10,25 +10,17 @@
usertype Server, SessionKey, TimeStamp, TicketKey;
usertype ExpiredTimeStamp;
secret k: Function;
const Alice, Bob, Simon, Eve: Agent;
const ne: Nonce;
const kee: SessionKey;
untrusted Eve;
compromised k(Eve,Simon);
protocol neustub^Repeat(I,R,S)
{
const Kir: SessionKey;
fresh Kir: SessionKey;
role I
{
const Mi: Nonce;
fresh Mi: Nonce;
var Mr: Nonce;
const Kir: SessionKey;
const Tr: TimeStamp;
fresh Kir: SessionKey;
fresh Tr: TimeStamp;
send_5(I,R,Mi,{I,Kir,Tr}k(R,S));
read_6(R,I,Mr,{Mi}Kir);
@ -40,7 +32,7 @@ protocol neustub^Repeat(I,R,S)
role R
{
const Mr: Nonce;
fresh Mr: Nonce;
var Tr: TimeStamp;
var Kir: SessionKey;
var Mi: Nonce;
@ -61,7 +53,7 @@ protocol neustub(I,R,S)
{
role I
{
const Ni: Nonce;
fresh Ni: Nonce;
var Nr: Nonce;
var T: Ticket;
var Tb: TimeStamp;
@ -79,9 +71,9 @@ protocol neustub(I,R,S)
role R
{
var Ni,Mi: Nonce;
const Nr,Mr: Nonce;
fresh Nr,Mr: Nonce;
var Kir: SessionKey;
const Tb: TimeStamp;
fresh Tb: TimeStamp;
var T: Ticket;
read_1(I,R, I, Ni);
@ -96,7 +88,7 @@ protocol neustub(I,R,S)
role S
{
var Ni, Nr: Nonce;
const Kir: SessionKey;
fresh Kir: SessionKey;
var Tb: TimeStamp;
read_!2(R,S, R, {I,Ni,Tb}k(R,S), Nr);

View File

@ -5,7 +5,6 @@
#
secret const k : Function;
const Fresh: Function;
const Compromised: Function;
@ -15,8 +14,8 @@ protocol otwayrees(I,R,S)
{
role I
{
const Ni : Nonce;
const M : String;
fresh Ni : Nonce;
fresh M : String;
var Kir : SessionKey;
send_1(I,R, M,I,R,{Ni,M,I,R}k(I,S) );
@ -30,7 +29,7 @@ protocol otwayrees(I,R,S)
role R
{
var M : String;
const Nr : Nonce;
fresh Nr : Nonce;
var Kir : SessionKey;
var T1,T2: Ticket;
@ -48,15 +47,10 @@ protocol otwayrees(I,R,S)
{
var Ni,Nr : Nonce;
var M : String;
const Kir : SessionKey;
fresh Kir : SessionKey;
read_2(R,S, M,I,R, { Ni,M,I,R}k(I,S), { Nr,M,I,R }k(R,S) );
send_3(S,R, M, { Ni,Kir }k(I,S) , { Nr,Kir }k(R,S) );
}
}
const Alice, Bob, Eve, Simon: Agent;
untrusted Eve;
compromised k(Eve,Simon);

View File

@ -10,10 +10,7 @@
# Scyther finds an attack because the value of VoR in te last message can
# be replaced with an arbitrary value
const hash: Function;
secret unhash: Function;
secret k: Function;
inversekeys (hash,unhash);
hashfunction hash;
usertype SessionKey;
usertype XorKey;
const Vor: XorKey;
@ -22,9 +19,9 @@ protocol smartright(I,R)
{
role I
{
const VoKey: SessionKey;
const VoR: XorKey;
const CW;
fresh VoKey: SessionKey;
fresh VoR: XorKey;
fresh CW;
var VoRi: Nonce;
send_1(I,R, {VoKey,{CW}VoR}k(I,R));
@ -37,7 +34,7 @@ protocol smartright(I,R)
var T: Ticket;
var VoR: XorKey;
var VoKey: SessionKey;
const VoRi: Nonce;
fresh VoRi: Nonce;
read_1(I,R, {VoKey,T}k(I,R));
send_2(R,I, VoRi);
@ -47,8 +44,3 @@ protocol smartright(I,R)
}
}
const Alice,Bob,Eve: Agent;
untrusted Eve;
const ne: Nonce;

View File

@ -12,9 +12,6 @@
usertype TimeStamp, LifeTime;
const pk: Function;
secret sk: Function;
inversekeys (pk,sk);
const inc,dec: Function;
inversekeys (inc,dec);
@ -22,9 +19,9 @@ protocol spliceAS-CJ(I,R,S)
{
role I
{
const N1,N2: Nonce;
const T: TimeStamp;
const L: LifeTime;
fresh N1,N2: Nonce;
fresh T: TimeStamp;
fresh L: LifeTime;
send_1(I,S, I, R, N1 );
read_2(S,I, S, {S, I, N1, R, pk(R)}sk(S) );
@ -48,13 +45,13 @@ protocol spliceAS-CJ(I,R,S)
role R
{
const N3: Nonce;
fresh N3: Nonce;
var N2: Nonce;
var T: TimeStamp;
var L: LifeTime;
var ni: Nonce;
const nr: Nonce;
fresh nr: Nonce;
read_3(I,R, I, R, {T, L, {I, N2}pk(R)}sk(I) );
send_4(R,S, R, I, N3 );
@ -67,9 +64,3 @@ protocol spliceAS-CJ(I,R,S)
}
}
const Alice,Bob,Simon,Eve: Agent;
untrusted Eve;
const ne: Nonce;
compromised sk(Eve);

View File

@ -7,9 +7,6 @@
usertype TimeStamp, LifeTime;
const pk: Function;
secret sk: Function;
inversekeys (pk,sk);
const inc,dec: Function;
inversekeys (inc,dec);
@ -17,9 +14,9 @@ protocol spliceAS-HC(I,R,S)
{
role I
{
const N1,N2: Nonce;
const T: TimeStamp;
const L: LifeTime;
fresh N1,N2: Nonce;
fresh T: TimeStamp;
fresh L: LifeTime;
send_1(I,S, I, R, N1 );
read_2(S,I, S, {S, I, N1, R, pk(R)}sk(S) );
@ -43,13 +40,13 @@ protocol spliceAS-HC(I,R,S)
role R
{
const N3: Nonce;
fresh N3: Nonce;
var N2: Nonce;
var T: TimeStamp;
var L: LifeTime;
var ni: Nonce;
const nr: Nonce;
fresh nr: Nonce;
read_3(I,R, I, R, {I, T, L, {N2}pk(R)}sk(I) );
send_4(R,S, R, I, N3 );
@ -62,11 +59,3 @@ protocol spliceAS-HC(I,R,S)
}
}
const Alice,Bob,Simon,Eve: Agent;
untrusted Eve;
const ne: Nonce;
compromised sk(Eve);

View File

@ -12,9 +12,6 @@
usertype TimeStamp, LifeTime;
const pk: Function;
secret sk: Function;
inversekeys (pk,sk);
const inc,dec: Function;
inversekeys (inc,dec);
@ -22,9 +19,9 @@ protocol spliceAS(I,R,S)
{
role I
{
const N1,N2: Nonce;
const T: TimeStamp;
const L: LifeTime;
fresh N1,N2: Nonce;
fresh T: TimeStamp;
fresh L: LifeTime;
send_1(I,S, I, R, N1 );
read_2(S,I, S, {S, I, N1, pk(R)}sk(S) );
@ -48,13 +45,13 @@ protocol spliceAS(I,R,S)
role R
{
const N3: Nonce;
fresh N3: Nonce;
var N2: Nonce;
var T: TimeStamp;
var L: LifeTime;
var ni: Nonce;
const nr: Nonce;
fresh nr: Nonce;
read_3(I,R, I, R, {I, T, L, {N2}pk(R)}sk(I) );
send_4(R,S, R, I, N3 );
@ -67,9 +64,3 @@ protocol spliceAS(I,R,S)
}
}
const Alice,Bob,Simon,Eve: Agent;
untrusted Eve;
const ne: Nonce;
compromised sk(Eve);

View File

@ -8,9 +8,6 @@
# from the description in SPORE
usertype SessionKey;
const pk: Function;
secret sk: Function;
inversekeys(pk,sk);
const Fresh: Function;
const Compromised: Function;
@ -18,7 +15,7 @@ protocol tmn(I,R,S)
{
role I
{
const Ki: SessionKey;
fresh Ki: SessionKey;
var Kr: SessionKey;
send_1(I,S, R,{Ki}pk(S) );
@ -31,7 +28,7 @@ protocol tmn(I,R,S)
role R
{
const Kr: SessionKey;
fresh Kr: SessionKey;
read_2(S,R, I );
send_3(R,S, I, { Kr }pk(S) );
@ -52,12 +49,3 @@ protocol tmn(I,R,S)
}
}
const Alice,Bob,Eve,Simon: Agent;
const Ke: SessionKey;
untrusted Eve;
compromised sk(Eve);

View File

@ -17,14 +17,12 @@ inversekeys (succ,pred);
const Fresh: Function;
const Compromised: Function;
secret k: Function;
protocol wmf-Lowe(I,R,S)
{
role I
{
const Kir: SessionKey;
const Ti: TimeStamp;
fresh Kir: SessionKey;
fresh Ti: TimeStamp;
var Kr: SessionKey;
var Nr: Nonce;
@ -41,7 +39,7 @@ protocol wmf-Lowe(I,R,S)
{
var Ts: TimeStamp;
var Kir: SessionKey;
const Nr: Nonce;
fresh Nr: Nonce;
read_2(S,R, {Ts, I, Kir}k(R,S) );
send_3(R,I, {Nr}Kir);
@ -55,7 +53,7 @@ protocol wmf-Lowe(I,R,S)
role S
{
var Kir: SessionKey;
const Ts: TimeStamp;
fresh Ts: TimeStamp;
var Ti: TimeStamp;
read_1(I,S, I,{Ti, R, Kir}k(I,S) );
@ -63,13 +61,3 @@ protocol wmf-Lowe(I,R,S)
}
}
const Alice,Bob,Eve,Simon: Agent;
const Ke: SessionKey;
const Te: TimeStamp;
untrusted Eve;
compromised k(Eve,Simon);

View File

@ -12,7 +12,6 @@ usertype SessionKey;
usertype TimeStamp;
usertype ExpiredTimeStamp;
secret k: Function;
const Fresh: Function;
const Compromised: Function;
@ -20,8 +19,8 @@ protocol wmf(I,R,S)
{
role I
{
const Kir: SessionKey;
const Ti: TimeStamp;
fresh Kir: SessionKey;
fresh Ti: TimeStamp;
var Kr: SessionKey;
send_1(I,S, I, {I, Ti, R, Kir}k(I,S));
@ -45,7 +44,7 @@ protocol wmf(I,R,S)
role S
{
var Kir: SessionKey;
const Ts: TimeStamp;
fresh Ts: TimeStamp;
var Ti: TimeStamp;
read_1(I,S, I,{I, Ti, R, Kir}k(I,S) );
@ -53,13 +52,3 @@ protocol wmf(I,R,S)
}
}
const Alice,Bob,Eve,Simon: Agent;
const Ke: SessionKey;
const Te: TimeStamp;
untrusted Eve;
compromised k(Eve,Simon);

View File

@ -4,8 +4,6 @@
# http://www.lsv.ens-cachan.fr/spore/wooLamPi1.html
#
secret k: Function;
protocol woolamPi-1(I,R,S)
{
role I
@ -20,7 +18,7 @@ protocol woolamPi-1(I,R,S)
role R
{
const Nr: Nonce;
fresh Nr: Nonce;
var T: Ticket;
read_1(I,R, I);
@ -41,13 +39,3 @@ protocol woolamPi-1(I,R,S)
}
}
const Alice,Bob,Eve,Simon: Agent;
const Te: Ticket;
const Ne: Nonce;
untrusted Eve;
compromised k(Eve,Simon);

View File

@ -4,8 +4,6 @@
# http://www.lsv.ens-cachan.fr/spore/wooLamPi2.html
#
secret k: Function;
protocol woolamPi-2(I,R,S)
{
role I
@ -20,7 +18,7 @@ protocol woolamPi-2(I,R,S)
role R
{
const Nr: Nonce;
fresh Nr: Nonce;
var T: Ticket;
read_1(I,R, I);
@ -41,13 +39,3 @@ protocol woolamPi-2(I,R,S)
}
}
const Alice,Bob,Eve,Simon: Agent;
const Te: Ticket;
const Ne: Nonce;
untrusted Eve;
compromised k(Eve,Simon);

View File

@ -4,8 +4,6 @@
# http://www.lsv.ens-cachan.fr/spore/wooLamPi3.html
#
secret k: Function;
protocol woolamPi-3(I,R,S)
{
role I
@ -20,7 +18,7 @@ protocol woolamPi-3(I,R,S)
role R
{
const Nr: Nonce;
fresh Nr: Nonce;
var T: Ticket;
read_1(I,R, I);
@ -41,13 +39,3 @@ protocol woolamPi-3(I,R,S)
}
}
const Alice,Bob,Eve,Simon: Agent;
const Te: Ticket;
const Ne: Nonce;
untrusted Eve;
compromised k(Eve,Simon);

View File

@ -4,8 +4,6 @@
# http://www.lsv.ens-cachan.fr/spore/wooLamPif.html
#
secret k: Function;
protocol woolamPi-f(I,R,S)
{
role I
@ -20,7 +18,7 @@ protocol woolamPi-f(I,R,S)
role R
{
const Nr: Nonce;
fresh Nr: Nonce;
var T: Ticket;
read_1(I,R, I);
@ -41,11 +39,3 @@ protocol woolamPi-f(I,R,S)
}
}
const Alice,Bob,Eve,Simon: Agent;
const Te: Ticket;
const Ne: Nonce;
untrusted Eve;
compromised k(Eve,Simon);

View File

@ -8,8 +8,6 @@
# SPORE.
#
secret k: Function;
protocol woolamPi(I,R,S)
{
role I
@ -24,7 +22,7 @@ protocol woolamPi(I,R,S)
role R
{
const Nr: Nonce;
fresh Nr: Nonce;
var T: Ticket;
read_1(I,R, I);
@ -45,13 +43,3 @@ protocol woolamPi(I,R,S)
}
}
const Alice,Bob,Eve,Simon: Agent;
const Te: Ticket;
const Ne: Nonce;
untrusted Eve;
compromised k(Eve,Simon);

View File

@ -7,7 +7,6 @@
usertype SessionKey;
secret k: Function;
const Fresh: Function;
const Compromised: Function;
@ -15,7 +14,7 @@ protocol woolam(I,R,S)
{
role I
{
const N1: Nonce;
fresh N1: Nonce;
var Kir: SessionKey;
var N2: Nonce;
@ -33,7 +32,7 @@ protocol woolam(I,R,S)
role R
{
const N2: Nonce;
fresh N2: Nonce;
var N1: Nonce;
var Kir: SessionKey;
var T1,T2: Ticket;
@ -53,7 +52,7 @@ protocol woolam(I,R,S)
role S
{
const Kir: SessionKey;
fresh Kir: SessionKey;
var N1,N2: Nonce;
read_4(R,S, {I, R, N1, N2}k(I,S), {I, R, N1, N2}k(R,S));
@ -61,14 +60,3 @@ protocol woolam(I,R,S)
}
}
const Alice,Bob,Eve,Simon: Agent;
const Ke: SessionKey;
const Te: Ticket;
const Ne: Nonce;
untrusted Eve;
compromised k(Eve,Simon);

View File

@ -4,8 +4,6 @@
# http://www.lsv.ens-cachan.fr/spore/yahalomBAN.html
#
secret k : Function;
usertype SessionKey;
const Fresh: Function;
const Compromised: Function;
@ -14,7 +12,7 @@ protocol yahalom-BAN(I,R,S)
{
role I
{
const Ni: Nonce;
fresh Ni: Nonce;
var Nr: Nonce;
var T: Ticket;
var Kir: SessionKey;
@ -30,7 +28,7 @@ protocol yahalom-BAN(I,R,S)
role R
{
const Nr: Nonce;
fresh Nr: Nonce;
var Ni: Nonce;
var T: Ticket;
var Kir: SessionKey;
@ -46,7 +44,7 @@ protocol yahalom-BAN(I,R,S)
role S
{
const Kir: SessionKey;
fresh Kir: SessionKey;
var Ni,Nr: Nonce;
read_2(R,S, R, Nr, {I,Ni}k(R,S) );
@ -54,5 +52,3 @@ protocol yahalom-BAN(I,R,S)
}
}
const Alice,Bob,Charlie,David: Agent;

View File

@ -5,8 +5,6 @@
#
#
secret k : Function;
usertype SessionKey;
@ -14,7 +12,7 @@ protocol yahalom-Lowe(I,R,S)
{
role I
{
const Ni: Nonce;
fresh Ni: Nonce;
var Nr: Nonce;
var Kir: SessionKey;
@ -28,7 +26,7 @@ protocol yahalom-Lowe(I,R,S)
role R
{
const Nr: Nonce;
fresh Nr: Nonce;
var Ni: Nonce;
var Kir: SessionKey;
@ -43,7 +41,7 @@ protocol yahalom-Lowe(I,R,S)
role S
{
const Kir: SessionKey;
fresh Kir: SessionKey;
var Ni,Nr: Nonce;
read_2(R,S, {I,Ni,Nr}k(R,S) );
@ -52,5 +50,3 @@ protocol yahalom-Lowe(I,R,S)
}
}
const Alice,Bob,Simon : Agent;

View File

@ -5,7 +5,6 @@
#
#
secret k : Function;
const Fresh: Function;
const Compromised: Function;
@ -15,7 +14,7 @@ protocol yahalom-Paulson(I,R,S)
{
role I
{
const Ni: Nonce;
fresh Ni: Nonce;
var Nr: Nonce;
var T: Ticket;
var Kir: SessionKey;
@ -31,7 +30,7 @@ protocol yahalom-Paulson(I,R,S)
role R
{
const Nr: Nonce;
fresh Nr: Nonce;
var Ni: Nonce;
var T: Ticket;
var Kir: SessionKey;
@ -47,7 +46,7 @@ protocol yahalom-Paulson(I,R,S)
role S
{
const Kir: SessionKey;
fresh Kir: SessionKey;
var Ni,Nr: Nonce;
read_2(R,S, R, Nr, {I,Ni}k(R,S) );
@ -55,5 +54,3 @@ protocol yahalom-Paulson(I,R,S)
}
}
const Alice,Bob,Simon : Agent;

View File

@ -5,15 +5,13 @@
#
#
secret k : Function;
usertype SessionKey;
protocol yahalom(I,R,S)
{
role I
{
const Ni: Nonce;
fresh Ni: Nonce;
var Nr: Nonce;
var T: Ticket;
var Kir: SessionKey;
@ -27,7 +25,7 @@ protocol yahalom(I,R,S)
role R
{
const Nr: Nonce;
fresh Nr: Nonce;
var Ni: Nonce;
var T: Ticket;
var Kir: SessionKey;
@ -41,7 +39,7 @@ protocol yahalom(I,R,S)
role S
{
const Kir: SessionKey;
fresh Kir: SessionKey;
var Ni,Nr: Nonce;
read_2(R,S, R, {I,Ni,Nr}k(R,S) );
@ -52,10 +50,3 @@ protocol yahalom(I,R,S)
}
}
const Alice,Bob,Simon : Agent;
const Eve: Agent;
untrusted Eve;
compromised k(Eve,Simon);

View File

@ -2,19 +2,13 @@
* Needham-Schroeder-Lowe protocol
*/
// PKI infrastructure
const pk: Function;
secret sk: Function;
inversekeys (pk,sk);
// The protocol description
protocol nsl3(I,R)
{
role I
{
const ni: Nonce;
fresh ni: Nonce;
var nr: Nonce;
send_1(I,R, {ni,I}pk(R) );
@ -30,7 +24,7 @@ protocol nsl3(I,R)
role R
{
var ni: Nonce;
const nr: Nonce;
fresh nr: Nonce;
read_1(I,R, {ni,I}pk(R) );
send_2(R,I, {ni,nr,R}pk(I) );
@ -43,30 +37,18 @@ protocol nsl3(I,R)
}
}
// An untrusted agent, with leaked information
const Eve: Agent;
untrusted Eve;
compromised sk(Eve);
/*
* Needham-Schroeder-Lowe protocol,
* broken version (wrong role name in first message)
*/
// PKI infrastructure
const pk: Function;
secret sk: Function;
inversekeys (pk,sk);
// The protocol description
protocol nsl3-broken(I,R)
{
role I
{
const ni: Nonce;
fresh ni: Nonce;
var nr: Nonce;
send_1(I,R, {ni,R}pk(R) );
@ -82,7 +64,7 @@ protocol nsl3-broken(I,R)
role R
{
var ni: Nonce;
const nr: Nonce;
fresh nr: Nonce;
read_1(I,R, {ni,R}pk(R) );
send_2(R,I, {ni,nr,R}pk(I) );
@ -95,9 +77,3 @@ protocol nsl3-broken(I,R)
}
}
// An untrusted agent, with leaked information
const Eve: Agent;
untrusted Eve;
compromised sk(Eve);

View File

@ -8,7 +8,7 @@ protocol ns3(I,R)
{
role I
{
const ni: Nonce;
fresh ni: Nonce;
var nr: Nonce;
send_1(I,R, {ni,I}pk(R) );
@ -24,7 +24,7 @@ protocol ns3(I,R)
role R
{
var ni: Nonce;
const nr: Nonce;
fresh nr: Nonce;
read_1(I,R, {ni,I}pk(R) );
send_2(R,I, {ni,nr}pk(I) );

View File

@ -3,19 +3,13 @@
* broken version (wrong role name in first message)
*/
// PKI infrastructure
const pk: Function;
secret sk: Function;
inversekeys (pk,sk);
// The protocol description
protocol nsl3-broken(I,R)
{
role I
{
const ni: Nonce;
fresh ni: Nonce;
var nr: Nonce;
send_1(I,R, {ni,R}pk(R) );
@ -31,7 +25,7 @@ protocol nsl3-broken(I,R)
role R
{
var ni: Nonce;
const nr: Nonce;
fresh nr: Nonce;
read_1(I,R, {ni,R}pk(R) );
send_2(R,I, {ni,nr,R}pk(I) );
@ -44,9 +38,3 @@ protocol nsl3-broken(I,R)
}
}
// An untrusted agent, with leaked information
const Eve: Agent;
untrusted Eve;
compromised sk(Eve);

View File

@ -2,19 +2,13 @@
* Needham-Schroeder-Lowe protocol
*/
// PKI infrastructure
const pk: Function;
secret sk: Function;
inversekeys (pk,sk);
// The protocol description
protocol nsl3(I,R)
{
role I
{
const ni: Nonce;
fresh ni: Nonce;
var nr: Nonce;
send_1(I,R, {ni,I}pk(R) );
@ -30,7 +24,7 @@ protocol nsl3(I,R)
role R
{
var ni: Nonce;
const nr: Nonce;
fresh nr: Nonce;
read_1(I,R, {ni,I}pk(R) );
send_2(R,I, {ni,nr,R}pk(I) );
@ -43,9 +37,3 @@ protocol nsl3(I,R)
}
}
// An untrusted agent, with leaked information
const Eve: Agent;
untrusted Eve;
compromised sk(Eve);