Commit Graph

1428 Commits

Author SHA1 Message Date
ccremers
fb2c0f1d7a - Whoops, too readable (i.e. wrong) 2005-08-19 15:25:35 +00:00
ccremers
0a9c0fbfac - Implemented a much beter naming convention for the roles, which should
make hand proofs much easier.
2005-08-18 14:00:51 +00:00
ccremers
95d33810ce - Added some heuristics testing. 2005-08-15 14:01:01 +00:00
gijs
0f54f2ed23 - Update modeling of needham schroeder to better reflect the modelling in
SPORE:
    - pk is not known to all agents, only pk(Simon) is known
- Use new naming convention:
    - Protocol name starting with an @ means internal protocol
    - For non internal protocols naming is as follows:
      protocolname-variant^subprotocol
    For example: yahalom-Lowe^KeyCompromise meaning the key compromise sub
    protocol of the Lowe variant of the Yahalom protocol.
2005-08-15 13:31:48 +00:00
ccremers
1ee77472a0 - --max-attacks=AnyGijsNumber. 2005-08-15 12:49:32 +00:00
gijs
998e4852ba - Allow ^ and - in identifies which will be used in protocol names
in future naming conventions
2005-08-15 11:27:46 +00:00
ccremers
7e246cf4f3 - Added some agreement/synchronisation claims. 2005-08-12 13:56:37 +00:00
ccremers
6f900f1d47 - More narrowing down. 2005-08-12 13:52:38 +00:00
gijs
5a027cc00a - Forgot to update wmf to the ExpiredTimeStamp 2005-08-12 13:24:00 +00:00
ccremers
2e9e43742e - Added more fine-grained control for the associativity of tupling:
--tupling=n	* 0: right-associative; 1: left-associative; others are
  reserved for future use.
  --ra-tupling	* Sets the default, but is there for symmetry.
2005-08-12 12:59:25 +00:00
ccremers
cb315aafc8 - Added '--extend-trivial' switch. This is not a complete '--extend'
algorithm, as it is pretty dumb, but it works in most cases. Use with
  care.
2005-08-12 12:13:50 +00:00
gijs
44bc36edc5 - Add @ to swapkey, to disable it in classification
- Modify key Compromise for protocols that contain a timestamp to make the
  key compromise disclose a timestamp with a different type, namely 
  ExpiredTimeStamp so that they will not be accepted as timestamps in a new
  session, thereby simulating that they are expired.
2005-08-12 11:55:24 +00:00
ccremers
149b774b18 - Interesting intermediate results. 2005-08-12 11:28:18 +00:00
ccremers
56f7cf5df2 - Added switch '--la-tupling' to enforce left-associative tupling
instead of the default right-associative tupling. Note that this only
  matters for full typeflaw matching.
- Adapted multi-nsl test script to test for both association variants.
2005-08-12 07:28:44 +00:00
ccremers
cee11bc0af - Extra checks:
* For incomplete protocols, better handling of dangling labels.
  * For termSubTerm better handling of NULL cases.
2005-08-11 12:56:36 +00:00
gijs
c8d2222c58 - Allow identifiers to start with @ so that internal protocols
such as key compromise and swapkey can be prefixed with @ to indicate
  that they should be ignored by the classification tool.
2005-08-11 12:24:36 +00:00
ccremers
2cd9cf4148 - Added random goal picker. Untested. 2005-08-01 12:59:30 +00:00
ccremers
4cbf2383f7 - Addition. 2005-08-01 12:59:05 +00:00
ccremers
6a96fcbfc3 - Added tdl todo database. 2005-07-30 11:04:13 +00:00
ccremers
da1b759dc0 - Added shortcut script for Arachne engine. 2005-07-26 10:13:16 +00:00
gijs
eb948b8009 - Fix a small modelling error in wmf-lowe 2005-07-07 14:03:48 +00:00
ccremers
f7f2bf27bb - Added type flaw information (just after the variables section)
In pseudo-xml:
  <typeflaws><run id="1"><typeflaw><term variable /><termlist type(s) /><term value of variable /></typeflaw></run></typeflaws>
2005-07-06 14:33:05 +00:00
ccremers
b7f82212c0 - Some improvements. 2005-07-05 09:54:00 +00:00
gijs
53e7a7c55d - Fixed a modelling error in the key compromise part of WMF-Lowe
- Included agent names in WMF-Lowe messages
2005-07-04 13:40:09 +00:00
gijs
92356a2d43 - Add names to WMF messages so that the system property described in SPORE
(agents will not accepted messages they have created them selves) can be
  modelled.
2005-07-04 13:29:49 +00:00
ccremers
12b5d96ddb - Added script to test all variants of something. 2005-07-04 11:52:36 +00:00
ccremers
4c4fe45555 - Better name. 2005-07-04 11:12:39 +00:00
ccremers
cf52f34dab - Working version. 2005-07-04 11:12:27 +00:00
ccremers
a1fdbe119f - Incorporated untrusted agents list (<untrusted> element in attack,
containing a <termlist>)
- <commandline><arg>./scyther</arg> <arg>-x</arg>... is now available.
2005-07-01 13:46:18 +00:00
ccremers
6a3e57913c - Quick addition of Gijs' suggestions. 2005-07-01 13:27:38 +00:00
ccremers
164e325659 - New attack attribute. 2005-07-01 13:25:54 +00:00
ccremers
86b1a8295c - Strange stuff. 2005-07-01 12:32:00 +00:00
ccremers
053c3b046b - Added protocol 2, three party version. 2005-07-01 09:51:12 +00:00
ccremers
342d968895 - Better text.
- Added four-party version.
2005-07-01 09:32:53 +00:00
ccremers
0cf19b98a3 - Added the BuNaVa protocol 1. 2005-07-01 08:59:05 +00:00
gijs
49cd9b1271 - Use variable type SessionKey every where instead of a combination
between Key and SessionKey
- Make KSL working again
2005-06-29 12:42:25 +00:00
ccremers
eef9072324 - Started to work on multiparty protocol generator. 2005-06-28 13:41:55 +00:00
gijs
c2b3f6492f - Remove some small modelling errors
- New way to model Neumann Stub (it should be 2 distinct protocols)
2005-06-27 11:50:24 +00:00
gijs
6fb6aa33dd - Add session compromise to all protocols that establish a session key 2005-06-24 10:53:15 +00:00
gijs
658f4f392a - Add Compromised claim to test my new definition of freshness in combination
with key compromise (appears to be working pretty well)
2005-06-23 12:49:34 +00:00
gijs
4c224dc6f4 - Add freshness claims to the protocols that should guarantee freshness 2005-06-23 12:45:32 +00:00
ccremers
464920907b - Added '--extend-nonreads' switch. It is totally untested, and I hope
Gijs will have a look at it and tell me whether it actually works.
2005-06-21 11:04:34 +00:00
ccremers
b6e9841c0f - Moved special terms into their own (very) special file. 2005-06-16 14:10:07 +00:00
ccremers
db18b203a9 - Added "Empty" claim type, which is ignored.
Syntax example:   claim_x(I, Empty);
2005-06-16 11:59:44 +00:00
gijs
f8a91d744d Little tweak to the key compromise modelling, model key compromise agent as a
responder instead of an initiator, remove empty roles from key compromise
protocol.
2005-06-15 09:17:15 +00:00
gijs
ba47af0c42 - Test out a possible way to model key compromise:
Add a role that sends out all messages that would occur in a legit
  run of the protocol including the session key (simulating a previously
  recorded run with its compromised session key)

- Adding a directory to play around with key compromise
2005-06-14 13:51:51 +00:00
gijs
b212e0b1ec - Add a dummy role in andrew-ban-concrete to work around the key symmetry
issue (k(I,R) != k(R,I))
- Fix a typo in splice-as-cj
2005-06-14 12:24:42 +00:00
ccremers
013afc99aa - Fixed a newly introduced bug. When the decryptor sequence unfolding
code was added (two weeks ago), bindings were changed without changing
  the state of the graph closure buffer. This resulted in possible
  missed loops: thus, reports of broken claims could be found in the
  output, in inconsistent states. (Reported bij Gijs Hollestelle.)
  Note that this only influences the current development release, and
  not any previous results.
2005-06-08 13:51:40 +00:00
ccremers
1bdaf7b5d9 - Large rewrite of switch code. Instead of having switch parameters in
the (monstrously large) system structure, there is now a global
  'switchdata' structure originating in switches.c. This makes it much
  easier to see what's happening.
  * Note: although this code has been tested, there might be some
    hiccups, because doing multiple search&replace actions over all
    files is bound to cause some problems.
2005-06-07 15:02:27 +00:00
ccremers
c4fad31f25 - Executable. 2005-06-07 14:57:52 +00:00