andr3/scyther
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

- Scanned protocols for new obligatory check.

Browse Source
This commit is contained in:
ccremers 2007-01-29 15:05:15 +00:00
parent 9ca722e3cc
commit cf84e83f9f
39 changed files with 102 additions and 250 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
gui/Scyther/Bin/scyther-linux
View File

Binary file not shown.

BIN
gui/Scyther/Bin/scyther-w32.exe
View File

Binary file not shown.

8
spdl/SPORE/andrew-ban-concrete.spdl
View File

@ -28,8 +28,8 @@ protocol @swapkey(X)
{ {
var I,R: Agent; var I,R: Agent;
var T:Ticket; var T:Ticket;
read_X1(X,X,I,R,{T}k(I,R)); read_!X1(X,X,I,R,{T}k(I,R));
send_X2(X,X,{T}k(R,I)); send_!X2(X,X,{T}k(R,I));
} }
} }
@ -42,8 +42,8 @@ protocol andrew-Concrete^KeyCompromise(C)
const kir: SessionKey; const kir: SessionKey;
var I,R: Agent; var I,R: Agent;
read_C1(C,C, I,R); read_!C1(C,C, I,R);
send_C2(C,C, (I,ni), send_!C2(C,C, (I,ni),
{ni,kir}k(I,R), {ni,kir}k(I,R),
{ni}kir, {ni}kir,
nr, nr,

4
spdl/SPORE/andrew-ban.spdl
View File

@ -25,8 +25,8 @@ protocol andrew-Ban^KeyCompromise(C)
const kir: SessionKey; const kir: SessionKey;
var I,R: Agent; var I,R: Agent;
read_C1(C,C, I,R); read_!C1(C,C, I,R);
send_C2(C,C, (I,{ni}k(I,R)), send_!C2(C,C, (I,{ni}k(I,R)),
{ni,nr}k(I,R), {ni,nr}k(I,R),
{nr}k(I,R), {nr}k(I,R),
{kir,nr2,ni}k(I,R), {kir,nr2,ni}k(I,R),

4
spdl/SPORE/andrew-lowe-ban.spdl
View File

@ -32,8 +32,8 @@ protocol andrew-LoweBan^KeyCompromise(C)
const kir: SessionKey; const kir: SessionKey;
var I,R: Agent; var I,R: Agent;
read_C1(C,C, I,R); read_!C1(C,C, I,R);
send_C2(C,C, (I,ni), send_!C2(C,C, (I,ni),
{ni,kir,R}k(I,R), {ni,kir,R}k(I,R),
{ni}kir, {ni}kir,
nr, nr,

4
spdl/SPORE/andrew.spdl
View File

@ -24,8 +24,8 @@ protocol andrew^KeyCompromise(C)
const kir: SessionKey; const kir: SessionKey;
var I,R: Agent; var I,R: Agent;
read_C1(C,C, I,R); read_!C1(C,C, I,R);
send_C2(C,C, (I,{ni}k(I,R)), send_!C2(C,C, (I,{ni}k(I,R)),
{succ(ni),nr}k(I,R), {succ(ni),nr}k(I,R),
{succ(nr)}k(I,R), {succ(nr)}k(I,R),
{kir,nr2}k(I,R), {kir,nr2}k(I,R),

4
spdl/SPORE/denning-sacco-lowe.spdl
View File

@ -27,8 +27,8 @@ protocol denningSacco-Lowe^KeyCompromise(C)
const T: ExpiredTimeStamp; const T: ExpiredTimeStamp;
var I,R,S: Agent; var I,R,S: Agent;
read_C1(C,C, I,R,S); read_!C1(C,C, I,R,S);
send_C2(C,C, (I,R), send_!C2(C,C, (I,R),
{R,Kir,T,{Kir,I,T}k(R,S)}k(I,S), {R,Kir,T,{Kir,I,T}k(R,S)}k(I,S),
{Kir,I,T}k(R,S), {Kir,I,T}k(R,S),
{Nr}Kir, {Nr}Kir,

4
spdl/SPORE/denning-sacco.spdl
View File

@ -22,8 +22,8 @@ protocol denningSacco^KeyCompromise(C)
const T: ExpiredTimeStamp; const T: ExpiredTimeStamp;
var I,R,S: Agent; var I,R,S: Agent;
read_C1(C,C, I,R,S); read_!C1(C,C, I,R,S);
send_C2(C,C, (I,R), send_!C2(C,C, (I,R),
{R,Kir,T,{Kir,I,T}k(R,S)}k(I,S), {R,Kir,T,{Kir,I,T}k(R,S)}k(I,S),
{Kir,I,T}k(R,S), {Kir,I,T}k(R,S),
Kir Kir

4
spdl/SPORE/kaochow-v2.spdl
View File

@ -18,8 +18,8 @@ protocol kaochow-2^KeyCompromise(C)
const Kir,Kt: SessionKey; const Kir,Kt: SessionKey;
var I,R,S: Agent; var I,R,S: Agent;
read_C1(C,C, I,R,S); read_!C1(C,C, I,R,S);
send_C2(C,C, (I,R,Ni), send_!C2(C,C, (I,R,Ni),
{I,R,Ni,Kir,Kt}k(I,S), {I,R,Ni,Kir,Kt}k(I,S),
{I,R,Ni,Kir,Kt}k(R,S), {I,R,Ni,Kir,Kt}k(R,S),
R, Nr, R, Nr,

4
spdl/SPORE/kaochow-v3.spdl
View File

@ -21,8 +21,8 @@ protocol kaochow-3^KeyCompromise(C)
const T2: ExpiredTimeStamp; const T2: ExpiredTimeStamp;
var I,R,S: Agent; var I,R,S: Agent;
read_C1(C,C, I,R,S); read_!C1(C,C, I,R,S);
send_C2(C,C, (I,R,Ni), send_!C2(C,C, (I,R,Ni),
{I,R,Ni,Kir,Kt}k(I,S), {I,R,Ni,Kir,Kt}k(I,S),
{I,R,Ni,Kir,Kt}k(R,S), {I,R,Ni,Kir,Kt}k(R,S),
{Ni,Kir}Kt, {Ni,Kir}Kt,

4
spdl/SPORE/kaochow.spdl
View File

@ -18,8 +18,8 @@ protocol kaochow^KeyCompromise(C)
const Kir: SessionKey; const Kir: SessionKey;
var I,R,S: Agent; var I,R,S: Agent;
read_C1(C,C, I,R,S); read_!C1(C,C, I,R,S);
send_C2(C,C, (I,R,Ni), send_!C2(C,C, (I,R,Ni),
{I,R,Ni,Kir}k(I,S), {I,R,Ni,Kir}k(I,S),
{I,R,Ni,Kir}k(R,S), {I,R,Ni,Kir}k(R,S),
{Ni}Kir, Nr, {Ni}Kir, Nr,

4
spdl/SPORE/key-compromise/needham-schroeder-sk.spdl
View File

@ -27,8 +27,8 @@ protocol needhamschroederSessionKeyCompromise(C)
const Kir: SessionKey; const Kir: SessionKey;
var I,R,S: Agent; var I,R,S: Agent;
read_C1(C,C, I,R,S); read_!C1(C,C, I,R,S);
send_C2(C,C, (I,R,Ni), send_!C2(C,C, (I,R,Ni),
{Ni,R,Kir,{Kir,I}k(R,S)}k(I,S), {Ni,R,Kir,{Kir,I}k(R,S)}k(I,S),
{Kir,I}k(R,S), {Kir,I}k(R,S),
{Nr}Kir, {Nr}Kir,

4
spdl/SPORE/ksl-lowe.spdl
View File

@ -33,8 +33,8 @@ protocol ksl-Lowe^KeyCompromise(C)
const Tr: ExpiredTimeStamp; const Tr: ExpiredTimeStamp;
var I,R,S: Agent; var I,R,S: Agent;
read_C1(C,C, I,R,S); read_!C1(C,C, I,R,S);
send_C2(C,C, (Ni,I), send_!C2(C,C, (Ni,I),
(Ni,I,Nr,R), (Ni,I,Nr,R),
{I,Nr,Kir}k(R,S),{Ni,R,Kir}k(I,S), {I,Nr,Kir}k(R,S),{Ni,R,Kir}k(I,S),
{Tr,I,Kir}Kbb,Nc,{R,Ni}k(I,R), {Tr,I,Kir}Kbb,Nc,{R,Ni}k(I,R),

4
spdl/SPORE/needham-schroeder-sk-amend.spdl
View File

@ -27,8 +27,8 @@ protocol needhamschroedersk-amend^KeyCompromise(C)
const Kir: SessionKey; const Kir: SessionKey;
var I,R,S: Agent; var I,R,S: Agent;
read_C1(C,C, I,R,S); read_!C1(C,C, I,R,S);
send_C2(C,C, I, send_!C2(C,C, I,
{I,Nr}k(R,S), {I,Nr}k(R,S),
I,R,Ni,{I,Nr}k(R,S), I,R,Ni,{I,Nr}k(R,S),
{Ni,R,Kir,{Kir,Nr,I}k(R,S)}k(I,S), {Ni,R,Kir,{Kir,Nr,I}k(R,S)}k(I,S),

4
spdl/SPORE/needham-schroeder-sk.spdl
View File

@ -23,8 +23,8 @@ protocol needhamschroedersk^KeyCompromise(C)
const Kir: SessionKey; const Kir: SessionKey;
var I,R,S: Agent; var I,R,S: Agent;
read_C1(C,C, I,R,S); read_!C1(C,C, I,R,S);
send_C2(C,C, (I,R,Ni), send_!C2(C,C, (I,R,Ni),
{Ni,R,Kir,{Kir,I}k(R,S)}k(I,S), {Ni,R,Kir,{Kir,I}k(R,S)}k(I,S),
{Kir,I}k(R,S), {Kir,I}k(R,S),
{Nr}Kir, {Nr}Kir,

4
spdl/SPORE/neumannstub-hwang.spdl
View File

@ -32,8 +32,8 @@ protocol neustub-Hwang^KeyCompromise(C)
const Tr: ExpiredTimeStamp; const Tr: ExpiredTimeStamp;
var I,R,S: Agent; var I,R,S: Agent;
read_C1(C,C, I,R,S); read_!C1(C,C, I,R,S);
send_C2(C,C, I,Ni, send_!C2(C,C, I,Ni,
R,{I,Ni,Tr,Nr}k(R,S), R,{I,Ni,Tr,Nr}k(R,S),
{R,Ni,Kir,Tr}k(I,S), {R,Ni,Kir,Tr}k(I,S),
{I,Kir,Tr}k(R,S), Nr, {I,Kir,Tr}k(R,S), Nr,

4
spdl/SPORE/neumannstub-keycompromise.spdl
View File

@ -31,8 +31,8 @@ protocol neustub^KeyCompromise(C)
const Tr: ExpiredTimeStamp; const Tr: ExpiredTimeStamp;
var I,R,S: Agent; var I,R,S: Agent;
read_C1(C,C, I,R,S); read_!C1(C,C, I,R,S);
send_C2(C,C, I,Ni, send_!C2(C,C, I,Ni,
R,{I,Ni,Tr}k(R,S),Nr, R,{I,Ni,Tr}k(R,S),Nr,
{R,Ni,Kir,Tr}k(I,S), {R,Ni,Kir,Tr}k(I,S),
{I,Kir,Tr}k(R,S), Nr, {I,Kir,Tr}k(R,S), Nr,

4
spdl/SPORE/otwayrees.spdl
View File

@ -21,8 +21,8 @@ protocol otwayRees^KeyCompromise(C)
const Kir: SessionKey; const Kir: SessionKey;
var I,R,S: Agent; var I,R,S: Agent;
read_C1(C,C, I,R,S); read_!C1(C,C, I,R,S);
send_C2(C,C, M,I,R,{Ni,M,I,R}k(I,S), send_!C2(C,C, M,I,R,{Ni,M,I,R}k(I,S),
{Nr,M,I,R}k(R,S), {Nr,M,I,R}k(R,S),
{Ni,Kir}k(I,S), {Nr,Kir}k(R,S), {Ni,Kir}k(I,S), {Nr,Kir}k(R,S),
Kir Kir

4
spdl/SPORE/tmn.spdl
View File

@ -23,8 +23,8 @@ protocol tmn^KeyCompromise(C)
const Kr,Ki: SessionKey; const Kr,Ki: SessionKey;
var I,R,S: Agent; var I,R,S: Agent;
read_C1(C,C, I,R,S); read_!C1(C,C, I,R,S);
send_C2(C,C, R,{Ki}pk(S), send_!C2(C,C, R,{Ki}pk(S),
I, {Kr}pk(S), I, {Kr}pk(S),
{Kr}Ki, {Kr}Ki,
Kr Kr

4
spdl/SPORE/wmf-lowe.spdl
View File

@ -29,8 +29,8 @@ protocol wmf-Lowe^KeyCompromise(C)
const Ti,Ts: ExpiredTimeStamp; const Ti,Ts: ExpiredTimeStamp;
var I,R,S: Agent; var I,R,S: Agent;
read_C1(C,C, I,R,S); read_!C1(C,C, I,R,S);
send_C2(C,C, I, {I,Ti,R,Kir}k(I,S), send_!C2(C,C, I, {I,Ti,R,Kir}k(I,S),
{S,Ts,I,Kir}k(R,S), {S,Ts,I,Kir}k(R,S),
{R,Nr}Kir, {R,Nr}Kir,
{I,{Nr}succ}Kir, {I,{Nr}succ}Kir,

4
spdl/SPORE/wmf.spdl
View File

@ -26,8 +26,8 @@ protocol wmf^KeyCompromise(C)
const Ti,Ts: ExpiredTimeStamp; const Ti,Ts: ExpiredTimeStamp;
var I,R,S: Agent; var I,R,S: Agent;
read_C1(C,C, I,R,S); read_!C1(C,C, I,R,S);
send_C2(C,C, I, {I,Ti,R,Kir}k(I,S), send_!C2(C,C, I, {I,Ti,R,Kir}k(I,S),
{S,Ts,I,Kir}k(R,S), {S,Ts,I,Kir}k(R,S),
Kir Kir
); );

4
spdl/SPORE/woo-lam.spdl
View File

@ -20,8 +20,8 @@ protocol woolam^KeyCompromise(C)
const Kir: SessionKey; const Kir: SessionKey;
var I,R,S: Agent; var I,R,S: Agent;
read_C1(C,C, I,R,S); read_!C1(C,C, I,R,S);
send_C2(C,C, I,N1, send_!C2(C,C, I,N1,
R,N2, R,N2,
{I,R,N1,N2}k(I,S), {I,R,N1,N2}k(I,S),
{I,R,N1,N2}k(R,S), {I,R,N1,N2}k(R,S),

4
spdl/SPORE/yahalom-ban.spdl
View File

@ -19,8 +19,8 @@ protocol yahalom-BAN^KeyCompromise(C)
const Kir: SessionKey; const Kir: SessionKey;
var I,R,S: Agent; var I,R,S: Agent;
read_C1(C,C, I,R,S); read_!C1(C,C, I,R,S);
send_C2(C,C, I,Ni, send_!C2(C,C, I,Ni,
R,Nr,{I,Ni}k(R,S), R,Nr,{I,Ni}k(R,S),
Nr,{R,Kir,Ni}k(I,S), Nr,{R,Kir,Ni}k(I,S),
{I,Kir,Nr}k(R,S), {I,Kir,Nr}k(R,S),

40
spdl/SPORE/yahalom-paulson.spdl
View File

@ -11,26 +11,26 @@ const Compromised: Function;
usertype SessionKey; usertype SessionKey;
protocol yahalom-Paulson^KeyCompromise(C) //protocol yahalom-Paulson^KeyCompromise(C)
{ //{
// Read the names of 3 agents and disclose a session between them including // // Read the names of 3 agents and disclose a session between them including
// corresponding session key to simulate key compromise // // corresponding session key to simulate key compromise
role C { // role C {
const Ni,Nr: Nonce; // const Ni,Nr: Nonce;
const Kir: SessionKey; // const Kir: SessionKey;
var I,R,S: Agent; // var I,R,S: Agent;
//
read_C1(C,C, I,R,S); // read_!C1(C,C, I,R,S);
send_C2(C,C, I,Ni, // send_!C2(C,C, I,Ni,
R,Nr,{I,Ni}k(R,S), // R,Nr,{I,Ni}k(R,S),
Nr,{R,Kir,Ni}k(I,S), // Nr,{R,Kir,Ni}k(I,S),
{I,R,Kir,Nr}k(R,S), // {I,R,Kir,Nr}k(R,S),
{Nr}Kir, // {Nr}Kir,
Kir // Kir
); // );
claim_C3(C,Empty, (Compromised,Kir)); // claim_C3(C,Empty, (Compromised,Kir));
} // }
} //}
protocol yahalom-Paulson(I,R,S) protocol yahalom-Paulson(I,R,S)

4
spdl/SPORE/yahalom.spdl
View File

@ -20,8 +20,8 @@ protocol yahalom^KeyCompromise(C)
const Kir: SessionKey; const Kir: SessionKey;
var I,R,S: Agent; var I,R,S: Agent;
read_C1(C,C, I,R,S); read_!C1(C,C, I,R,S);
send_C2(C,C, I,Ni, send_!C2(C,C, I,Ni,
R,{I,Ni,Nr}k(R,S), R,{I,Ni,Nr}k(R,S),
{R,Kir,Ni,Nr}k(I,S), {R,Kir,Ni,Nr}k(I,S),
{I,Kir}k(R,S), {I,Kir}k(R,S),

2
spdl/misc/bkepk-ce2.spdl
View File

@ -40,7 +40,7 @@ protocol bkepkCE2(A,B,testnonce)
{ {
var n: Nonce; var n: Nonce;
read_4 (testnonce,testnonce, n); read_!4 (testnonce,testnonce, n);
} }
} }

4
spdl/misc/bunava-1-3.spdl
View File

@ -20,8 +20,8 @@ protocol intruderhelp(Swap)
var T: Ticket; var T: Ticket;
var R0,R1: Agent; var R0,R1: Agent;
read_1(Swap,Swap, { T }k(R0,R1) ); read_!1(Swap,Swap, { T }k(R0,R1) );
send_2(Swap,Swap, { T }k(R1,R0) ); send_!2(Swap,Swap, { T }k(R1,R0) );
} }
} }

4
spdl/misc/bunava-1-4.spdl
View File

@ -21,8 +21,8 @@ protocol intruderhelp(Swap)
var T: Ticket; var T: Ticket;
var A,B: Agent; var A,B: Agent;
read_1(Swap,Swap, { T }k(A,B) ); read_!1(Swap,Swap, { T }k(A,B) );
send_2(Swap,Swap, { T }k(B,A) ); send_!2(Swap,Swap, { T }k(B,A) );
} }
} }

4
spdl/misc/bunava-2-3.spdl
View File

@ -16,8 +16,8 @@ protocol intruderhelp(Swap)
var T: Ticket; var T: Ticket;
var R0,R1: Agent; var R0,R1: Agent;
read_1(Swap,Swap, { T }k(R0,R1) ); read_!1(Swap,Swap, { T }k(R0,R1) );
send_2(Swap,Swap, { T }k(R1,R0) ); send_!2(Swap,Swap, { T }k(R1,R0) );
} }
} }

16
spdl/misc/f4.spdl
View File

@ -19,17 +19,17 @@ protocol f4(I,R)
{ {
var nr: Nonce; var nr: Nonce;
read_1(R,I, nr ); read_!1(R,I, nr );
send_2(I,R, { nr }sk(I) ); send_!2(I,R, { nr }sk(I) );
read_3(R,I, {{{{ nr }sk(R)}sk(R)}sk(R)}sk(R) ); read_!3(R,I, {{{{ nr }sk(R)}sk(R)}sk(R)}sk(R) );
claim_i1(I,Niagree); claim_i1(I,Reachable);
} }
role R role R
{ {
const nr: Nonce; const nr: Nonce;
send_1(R,I, nr ); send_!1(R,I, nr );
} }
} }
@ -40,9 +40,3 @@ untrusted Eve;
const ne: Nonce; const ne: Nonce;
compromised sk(Eve); compromised sk(Eve);
run f4.I(Agent,Agent);
run f4.I(Agent,Agent);
run f4.I(Agent,Agent);
run f4.I(Agent,Agent);
run f4.I(Agent,Agent);
run f4.I(Agent,Agent);

18
spdl/misc/f5.spdl
View File

@ -13,23 +13,23 @@ const pk: Function;
secret sk: Function; secret sk: Function;
inversekeys (pk,sk); inversekeys (pk,sk);
protocol f4(I,R) protocol f5(I,R)
{ {
role I role I
{ {
var nr: Nonce; var nr: Nonce;
read_1(R,I, nr ); read_!1(R,I, nr );
send_2(I,R, { nr }sk(I) ); send_!2(I,R, { nr }sk(I) );
read_3(R,I, {{{{{ nr }sk(R)}sk(R)}sk(R)}sk(R)}sk(R) ); read_!3(R,I, {{{{{ nr }sk(R)}sk(R)}sk(R)}sk(R)}sk(R) );
claim_i1(I,Niagree); claim_i1(I,Reachable);
} }
role R role R
{ {
const nr: Nonce; const nr: Nonce;
send_1(R,I, nr ); send_!1(R,I, nr );
} }
} }
@ -40,9 +40,3 @@ untrusted Eve;
const ne: Nonce; const ne: Nonce;
compromised sk(Eve); compromised sk(Eve);
run f4.I(Agent,Agent);
run f4.I(Agent,Agent);
run f4.I(Agent,Agent);
run f4.I(Agent,Agent);
run f4.I(Agent,Agent);
run f4.I(Agent,Agent);

16
spdl/misc/five-run-bound.spdl
View File

@ -10,10 +10,10 @@ protocol r5bound(I,R)
var ni: Nonce; var ni: Nonce;
const k2: Nonce; const k2: Nonce;
read_1 (I,R, ni ); read_!1 (I,R, ni );
send_2 (R,I, { ni }sk(R) ); send_!2 (R,I, { ni }sk(R) );
read_3 (I,R, {{{ {k1}pk(R) }sk(I)}sk(I)}sk(I) ); read_!3 (I,R, {{{ {k1}pk(R) }sk(I)}sk(I)}sk(I) );
send_4 (R,I, {k2}k1 ); send_!4 (R,I, {k2}k1 );
claim_6 (R, Secret, k2); claim_6 (R, Secret, k2);
} }
@ -22,11 +22,3 @@ protocol r5bound(I,R)
const Alice, Bob: Agent; const Alice, Bob: Agent;
const ne: Nonce; const ne: Nonce;
run r5bound.R(Agent);
run r5bound.R(Agent);
run r5bound.R(Agent);
run r5bound.R(Agent);
run r5bound.R(Agent);
run r5bound.R(Agent);

26
spdl/misc/nsl7.spdl
View File

@ -1,26 +0,0 @@
const pk: Function;
secret sk: Function;
inversekeys (pk,sk);
protocol nsl7(I,R)
{
role R
{
var ni;
const nr;
read_1(I,R, {I,ni}pk(R) );
send_2(R,I, {ni,nr,R}pk(I) );
read_3(I,R, {nr}pk(R) );
claim_4(R,Secret,ni);
claim_5(R,Secret,nr);
}
}
const Alice,Bob,Eve;
const ne;
untrusted Eve;
compromised sk(Eve);
run nsl7.R(Agent,Agent);
run nsl7.R(Agent,Agent);

18
spdl/misc/onetrace.spdl
View File

@ -9,22 +9,10 @@ protocol onetrace(I)
{ {
var input: String; var input: String;
read_1(I,I, input); read_!1(I,I, input);
send_2(I,I, Hallo); send_!2(I,I, Hallo);
read_3(I,I, input); read_!3(I,I, input);
claim_4(I, Secret, input); claim_4(I, Secret, input);
} }
} }
run onetrace.I(Alice);
run onetrace.I(Alice);
run onetrace.I(Alice);
run onetrace.I(Alice);
run onetrace.I(Alice);
run onetrace.I(Alice);
run onetrace.I(Alice);
run onetrace.I(Alice);
run onetrace.I(Alice);
run onetrace.I(Alice);

10
spdl/misc/samasc-broken.spdl
View File

@ -16,14 +16,14 @@ protocol samascbroken(I,R)
const nr: Nonce; const nr: Nonce;
var kir: Key; var kir: Key;
read_1a (I,R, { kir,I }pk(R) ); read_!1a (I,R, { kir,I }pk(R) );
send_1b (R,I, {nr,R}pk(I) ); send_!1b (R,I, {nr,R}pk(I) );
/* Commenting out these two lines yields an attack: */ /* Commenting out these two lines yields an attack: */
read_2a (I,R, { nr }kir ); read_!2a (I,R, { nr }kir );
send_2b (R,I, { I,R,nr }kir ); send_!2b (R,I, { I,R,nr }kir );
read_3 (I,R, { I,R }kir ); read_!3 (I,R, { I,R }kir );
claim_4 (R, Secret, kir ); claim_4 (R, Secret, kir );
} }

6
spdl/misc/simplest.spdl
View File

@ -10,11 +10,9 @@ protocol simplest(I)
var x: Nonce; var x: Nonce;
const n: Nonce; const n: Nonce;
read_1(I,I, x); read_!1(I,I, x);
send_2(I,I, n, {n, x}k ); send_!2(I,I, n, {n, x}k );
claim_3(I, Secret, n); claim_3(I, Secret, n);
} }
} }
run simplest.I(Alice);
run simplest.I(Alice);

38
spdl/misc/woolam-ce.spdl
View File

@ -1,38 +0,0 @@
usertype Server, SessionKey, Token, SymmetricKey;
secret k: Function;
const Alice, Bob, Charlie, Eve: Agent;
const Simon: Server;
/* give the intruder something to work with */
const ne: Nonce;
const ke: SessionKey;
untrusted Eve;
compromised k(Eve,Simon);
const authToken: Token;
protocol woolamce(A,B,S)
{
role B
{
var Na: Nonce;
const Nb: Nonce;
var Kab: SessionKey;
var Kas : SymmetricKey;
read_1(A,B, A,Na);
send_2(B,A, B,Nb);
read_3(A,B, { A,(B,(Na,Nb)) }Kas );
send_4(B,S, { A,(B,(Na,Nb)) }Kas, { A,(B,(Na,Nb)) }k(B,S) );
read_5(S,B, { B,(Na,(Nb,Kab)) }Kas, { A,(Na,(Nb,Kab)) }k(B,S) );
send_6(B,A, { B,(Na,(Nb,Kab)) }Kas, { Na,Nb }Kab );
read_7(A,B, { Nb }Kab );
claim_8(B,Secret,authToken);
}
}
run woolamce.B(Agent,Agent,Simon);
run woolamce.B(Agent,Agent,Simon);

54
spdl/misc/yahalom.spdl
View File

@ -1,54 +0,0 @@
// Yahalom protocol
const a,b,s : Agent;
secret k : Function;
usertype Nonce, Ticket, SessionKey;
protocol yahalom(A,B,S)
{
role A
{
const na: Nonce;
var nb: Nonce;
var ticket: Ticket;
var kab: SessionKey;
send_1(A,B, A,na);
read_3(S,A, nb, {B,kab,na,nb}k(A,S), ticket );
send_4(A,B, ticket, {nb}kab );
claim_5(A, Secret,kab);
}
role B
{
const nb: Nonce;
var na: Nonce;
var ticket: Ticket;
var kab: SessionKey;
read_1(A,B, A,na);
send_2(B,S, B,nb, {A,na,nb}k(B,S) );
read_4(A,B, {A,kab}k(B,S) , {nb}kab );
claim_6(B, Secret,kab);
}
role S
{
const kab: SessionKey;
var na,nb: Nonce;
read_2(B,S, B,nb, {A,na}k(B,S) );
send_3(S,A, nb, {B,kab,na,nb}k(A,S), {A,kab}k(B,S) );
}
}
run yahalom.A(Agent,Agent,s);
run yahalom.A(Agent,Agent,s);
run yahalom.B(Agent,Agent,s);
run yahalom.B(Agent,Agent,s);
run yahalom.S(Agent,Agent,s);

4
src/compiler.c
View File

@ -2008,6 +2008,7 @@ checkLabelMatchThis (const System sys, const Protocol p, const Role readrole,
*/ */
if (found == 0) if (found == 0)
{ {
globalError++;
eprintf ("error: for the read event "); eprintf ("error: for the read event ");
roledefPrint (readevent); roledefPrint (readevent);
eprintf (" of protocol "); eprintf (" of protocol ");
@ -2015,6 +2016,7 @@ checkLabelMatchThis (const System sys, const Protocol p, const Role readrole,
eprintf eprintf
(" there is no corresponding send event (with the same label and matching content). Start the label name with '!' if this is intentional.\n"); (" there is no corresponding send event (with the same label and matching content). Start the label name with '!' if this is intentional.\n");
error_die (); error_die ();
globalError--;
} }
} }
@ -2048,10 +2050,12 @@ checkLabelMatchProtocol (const System sys, const Protocol p)
} }
else else
{ {
globalError++;
eprintf ("error: cannot determine label information for "); eprintf ("error: cannot determine label information for ");
roledefPrint (rd); roledefPrint (rd);
eprintf ("\n"); eprintf ("\n");
error_die (); error_die ();
globalError--;
} }
} }
rd = rd->next; rd = rd->next;