56c032f4a5
- Use builtin Ticket type instead of user type - Remove remark that -m2 matching is required as it no longer is
77 lines
1.7 KiB
Plaintext
77 lines
1.7 KiB
Plaintext
# Kao Chow Authentication v.2
|
|
#
|
|
# Modelled after the description in the SPORE library
|
|
# http://www.lsv.ens-cachan.fr/spore/kaoChow2.html
|
|
#
|
|
# Note:
|
|
# This protocol uses a ticket so scyther will only be able to verify
|
|
# the protocol using the ARACHNE engine (-a)
|
|
#
|
|
|
|
usertype Sessionkey;
|
|
secret k: Function;
|
|
|
|
protocol kaochow2(I,R,S)
|
|
{
|
|
role I
|
|
{
|
|
const ni: Nonce;
|
|
var nr: Nonce;
|
|
var kir,kt: Sessionkey;
|
|
|
|
send_1 (I,S, I,R,ni);
|
|
read_3 (R,I, R, {I,R,ni,kir,kt}k(I,S), {ni, kir}kt, nr );
|
|
send_4 (I,R, {nr,kir}kt );
|
|
|
|
claim_5 (I, Nisynch);
|
|
claim_6 (I, Niagree);
|
|
claim_7 (I, Secret, kir);
|
|
}
|
|
|
|
role R
|
|
{
|
|
var ni: Nonce;
|
|
const nr: Nonce;
|
|
var kir,kt: Sessionkey;
|
|
var T: Ticket;
|
|
|
|
read_2 (S,R, T, { I,R,ni,kir,kt }k(R,S) );
|
|
send_3 (R,I, R, T, {ni, kir}kt, nr );
|
|
read_4 (I,R, {nr,kir}kt );
|
|
|
|
claim_8 (R, Nisynch);
|
|
claim_9 (R, Niagree);
|
|
claim_10 (R, Secret, kir);
|
|
}
|
|
|
|
role S
|
|
{
|
|
var ni: Nonce;
|
|
const kir, kt: Sessionkey;
|
|
|
|
read_1 (I,S, I,R,ni);
|
|
send_2 (S,R, {I,R,ni,kir,kt}k(I,S), { I,R,ni,kir,kt }k(R,S) );
|
|
}
|
|
}
|
|
|
|
const Alice,Bob,Simon,Eve: Agent;
|
|
|
|
untrusted Eve;
|
|
const ne: Nonce;
|
|
const te: Ticket;
|
|
const ke: Sessionkey;
|
|
compromised k(Eve,Eve);
|
|
compromised k(Eve,Alice);
|
|
compromised k(Eve,Bob);
|
|
compromised k(Eve,Simon);
|
|
compromised k(Alice,Eve);
|
|
compromised k(Bob,Eve);
|
|
compromised k(Simon,Eve);
|
|
|
|
run kaochow2.I(Agent,Agent,Simon);
|
|
run kaochow2.R(Agent,Agent,Simon);
|
|
run kaochow2.S(Agent,Agent,Simon);
|
|
run kaochow2.I(Agent,Agent,Simon);
|
|
run kaochow2.R(Agent,Agent,Simon);
|
|
run kaochow2.S(Agent,Agent,Simon);
|