49 lines
789 B
Plaintext
49 lines
789 B
Plaintext
/*
|
|
Bilateral Key Exchange with Public Key protocol (bkebroken)
|
|
Broken version with man in the middle attack.
|
|
*/
|
|
|
|
usertype Key;
|
|
|
|
const PK,h: Function;
|
|
secret SK,hinv: Function;
|
|
|
|
inversekeys (PK,SK);
|
|
inversekeys (h,hinv);
|
|
|
|
protocol bkebroken(I,R)
|
|
{
|
|
role I
|
|
{
|
|
const ni: Nonce;
|
|
var nr: Nonce;
|
|
var kir: Key;
|
|
|
|
send_1 (I,R, { ni,I }PK(R) );
|
|
read_2 (R,I, { h(ni),nr,kir }PK(I) );
|
|
send_3 (I,R, { h(nr),kir }PK(R) );
|
|
claim_4 (I, Secret, kir );
|
|
}
|
|
|
|
role R
|
|
{
|
|
var ni: Nonce;
|
|
const nr: Nonce;
|
|
const kir: Key;
|
|
|
|
read_1 (I,R, { ni,I }PK(R) );
|
|
send_2 (R,I, { h(ni),nr,kir }PK(I) );
|
|
read_3 (I,R, { h(nr),kir }PK(R) );
|
|
claim_5 (R, Secret, kir );
|
|
}
|
|
}
|
|
|
|
const a,b,e: Agent;
|
|
|
|
untrusted e;
|
|
compromised SK(e);
|
|
const ne: Nonce;
|
|
|
|
run bkebroken.I(a,Agent);
|
|
run bkebroken.R(Agent,b);
|