- Counterexample for Bart's logic.

This commit is contained in:
ccremers 2004-10-06 09:10:04 +00:00
parent 3b4b367a4a
commit ef34e0080e

36
spdl/samasc-broken.spdl Normal file
View File

@ -0,0 +1,36 @@
/*
Samasc broken
*/
usertype Key;
const pk: Function;
secret sk: Function;
inversekeys (pk,sk);
protocol bkepk(I,R)
{
role R
{
const nr: Nonce;
var kir: Key;
read_1a (I,R, { kir,I }pk(R) );
send_1b (R,I, {nr,R}pk(I) );
/* Commenting out these two lines yields an attack: */
read_2a (I,R, { nr }kir );
send_2b (R,I, { I,R,nr }kir );
read_3 (I,R, { I,R }kir );
claim_4 (R, Secret, kir );
}
}
const a,b,e: Agent;
untrusted e;
compromised sk(e);
const ne: Nonce;