Commit Graph

1346 Commits

Author SHA1 Message Date
ccremers
053c3b046b - Added protocol 2, three party version. 2005-07-01 09:51:12 +00:00
ccremers
342d968895 - Better text.
- Added four-party version.
2005-07-01 09:32:53 +00:00
ccremers
0cf19b98a3 - Added the BuNaVa protocol 1. 2005-07-01 08:59:05 +00:00
gijs
49cd9b1271 - Use variable type SessionKey every where instead of a combination
between Key and SessionKey
- Make KSL working again
2005-06-29 12:42:25 +00:00
ccremers
eef9072324 - Started to work on multiparty protocol generator. 2005-06-28 13:41:55 +00:00
gijs
c2b3f6492f - Remove some small modelling errors
- New way to model Neumann Stub (it should be 2 distinct protocols)
2005-06-27 11:50:24 +00:00
gijs
6fb6aa33dd - Add session compromise to all protocols that establish a session key 2005-06-24 10:53:15 +00:00
gijs
658f4f392a - Add Compromised claim to test my new definition of freshness in combination
with key compromise (appears to be working pretty well)
2005-06-23 12:49:34 +00:00
gijs
4c224dc6f4 - Add freshness claims to the protocols that should guarantee freshness 2005-06-23 12:45:32 +00:00
ccremers
464920907b - Added '--extend-nonreads' switch. It is totally untested, and I hope
Gijs will have a look at it and tell me whether it actually works.
2005-06-21 11:04:34 +00:00
ccremers
b6e9841c0f - Moved special terms into their own (very) special file. 2005-06-16 14:10:07 +00:00
ccremers
db18b203a9 - Added "Empty" claim type, which is ignored.
Syntax example:   claim_x(I, Empty);
2005-06-16 11:59:44 +00:00
gijs
f8a91d744d Little tweak to the key compromise modelling, model key compromise agent as a
responder instead of an initiator, remove empty roles from key compromise
protocol.
2005-06-15 09:17:15 +00:00
gijs
ba47af0c42 - Test out a possible way to model key compromise:
Add a role that sends out all messages that would occur in a legit
  run of the protocol including the session key (simulating a previously
  recorded run with its compromised session key)

- Adding a directory to play around with key compromise
2005-06-14 13:51:51 +00:00
gijs
b212e0b1ec - Add a dummy role in andrew-ban-concrete to work around the key symmetry
issue (k(I,R) != k(R,I))
- Fix a typo in splice-as-cj
2005-06-14 12:24:42 +00:00
ccremers
013afc99aa - Fixed a newly introduced bug. When the decryptor sequence unfolding
code was added (two weeks ago), bindings were changed without changing
  the state of the graph closure buffer. This resulted in possible
  missed loops: thus, reports of broken claims could be found in the
  output, in inconsistent states. (Reported bij Gijs Hollestelle.)
  Note that this only influences the current development release, and
  not any previous results.
2005-06-08 13:51:40 +00:00
ccremers
1bdaf7b5d9 - Large rewrite of switch code. Instead of having switch parameters in
the (monstrously large) system structure, there is now a global
  'switchdata' structure originating in switches.c. This makes it much
  easier to see what's happening.
  * Note: although this code has been tested, there might be some
    hiccups, because doing multiple search&replace actions over all
    files is bound to cause some problems.
2005-06-07 15:02:27 +00:00
ccremers
c4fad31f25 - Executable. 2005-06-07 14:57:52 +00:00
ccremers
eb36abee75 - Indent any changed .c / .h files.
Intended to be used just before a commit.
2005-06-07 14:56:17 +00:00
ccremers
1331f5e7a3 - Added a global attack id, starting at one. Currently only shown in
XML and Dot output. For Dot, it is included in the label. For XML, it
  is an added attribute of the 'attack' tag.
2005-06-07 13:40:56 +00:00
ccremers
22a0d2adfb - Some cleanup. 2005-06-02 12:42:10 +00:00
gijs
56c032f4a5 Update SPORE protocols to use new ticket mechanism:
- Use builtin Ticket type instead of user type
- Remove remark that -m2 matching is required as it no longer is
2005-06-02 12:41:24 +00:00
ccremers
4a42604cb6 - Added Ticket basic term type. Note that this only has consequences for
the Arachne type checking. The net result is that a variable of type
  'Ticket' can always contain any term, even with -m0 or -m1 matching.
2005-06-02 12:14:28 +00:00
ccremers
cd2ef14e4e - [Syntactical changes only]
Fixed the indentation of some files.
2005-06-02 09:40:05 +00:00
ccremers
01124e2104 - Modified a number of things related to the attack analysis tools.
* removed <term> wrappers
  * added <const> wrappers
  * removed <role><term> construct, now <rolename>R</rolename>
    constructs.
  * added <variables> section.
  * variable substitutions are followed through in runs. Thus, only
    unbound variables occur in the semitrace.
  * added the untested claims back in, so that all events in a
    role/semitrace are now shown. Note that they can be disabled
    again by using the new '-H' switch.
2005-06-02 08:25:45 +00:00
ccremers
f8bafdcd60 - Fixed type flaw problem. 2005-05-24 14:31:55 +00:00
ccremers
907243281d - Anti-typeflaw reordering. 2005-05-23 13:51:39 +00:00
ccremers
76aa940e1d - Added comments, bke version. 2005-05-23 13:18:47 +00:00
ccremers
47c9f257a8 - Optimized version. 2005-05-23 13:07:11 +00:00
gijs
3cb999f820 Replaced all tabs by spaces. 2005-05-23 12:35:58 +00:00
gijs
b05843d690 - Adding Yahalom and variants 2005-05-23 12:33:03 +00:00
gijs
b86c60240c - Adding more Woo Lam variants 2005-05-23 12:00:33 +00:00
gijs
673e0218c5 - Adding Woo and Lam
- Adding Woo and Lam Pi (includes a possible attack that is not listed in SPORE)
2005-05-23 11:39:13 +00:00
ccremers
5570389c16 - A first generalization of NSL. 2005-05-23 10:36:42 +00:00
ccremers
0540b744e2 - Repaired a pruning method that still needed a lemma. It was a bit
overzealous and killed a woolam-mutual attack.
2005-05-19 14:43:32 +00:00
gijs
5ddcbd0fe5 - Adding Wide Mouther Frog and modified versions 2005-05-18 12:17:08 +00:00
gijs
cbb617b3a1 - Adding CJ modified version of splice protocol
- Adding tmn
- Fixed a modelling error in splice
2005-05-18 11:43:42 +00:00
gijs
ee3b996ff7 Adding two variants of splice as, based on the version in spdl, but using
normalized role names.
2005-05-18 09:47:06 +00:00
ccremers
f22ce0dcb9 - Big change in the Arachne algorithm: decryptor sequences now get
expanded explicitly. This solves a long-standing issue with {k}k
  decryption to yield k. Needs some testing to ensure that it did not
  introduce any new errors.
2005-05-17 18:45:01 +00:00
gijs
2110206d80 - Adding otway rees and smart right protocols 2005-05-17 14:01:48 +00:00
ccremers
b5af43294e - Added inverse keys to output. 2005-05-17 13:00:45 +00:00
ccremers
ffaf0d2ded - Filtered out uninteresting claim events in attack descriptions. This
was already being done in the script by Gijs. I only added it to make
  the XML output more readable for humans.
2005-05-13 13:40:37 +00:00
ccremers
8b51593cf5 - Each attack now includes
* Initial knowledge
  * Role definitions for protocols involved
2005-05-12 14:52:50 +00:00
gijs
ae7c5c653f Adding the symmetric key variants of Needham Schroeder 2005-05-12 13:32:30 +00:00
ccremers
a856e795b0 - Reindented stuff (this was needed, really) 2005-05-12 13:19:32 +00:00
ccremers
d02621c608 - Added XML term output to Scyther. This meant in fact that a lot had to
be recoded, avoiding e.g. label="<term ..." constructs. Therefore,
  many attributes have changes into elements. Beware.
- Made bindings implicit to events using <follows> and <after>
  constructs. Also added a new <choose> for unbound simple variables.
2005-05-12 13:18:37 +00:00
gijs
52e38f40e6 Fixed scenario for needham-schroeder and added needham-shroeder-lowe 2005-05-12 12:27:18 +00:00
gijs
2a1cc10258 Adding SPORE's vision on the needham-schroeder protocol 2005-05-12 12:05:13 +00:00
ccremers
3fba68b240 - Whoops, stupid sloppy switch code rewriters ought to be punished. 2005-05-12 11:59:31 +00:00
ccremers
2e4c5afeb7 - Added a strange issue, to be resolved tomorrow. 2005-05-11 15:18:32 +00:00