727e813c77
Not everything is fixed yet. However, we fixed: - 'const' -> 'fresh' - Removed lines specifying 'runs' - Removed some specifications of compromised Eve and its long-term keys being compromised.
35 lines
467 B
Plaintext
35 lines
467 B
Plaintext
/*
|
|
Samasc broken
|
|
*/
|
|
|
|
usertype Key;
|
|
|
|
const pk: Function;
|
|
secret sk: Function;
|
|
|
|
inversekeys (pk,sk);
|
|
|
|
protocol samascbroken(I,R)
|
|
{
|
|
role R
|
|
{
|
|
fresh nr: Nonce;
|
|
var kir: Key;
|
|
|
|
read_!1a (I,R, { kir,I }pk(R) );
|
|
send_!1b (R,I, {nr,R}pk(I) );
|
|
|
|
/* Commenting out these two lines yields an attack: */
|
|
read_!2a (I,R, { nr }kir );
|
|
send_!2b (R,I, { I,R,nr }kir );
|
|
|
|
read_!3 (I,R, { I,R }kir );
|
|
|
|
claim_4 (R, Secret, kir );
|
|
}
|
|
}
|
|
|
|
|
|
untrusted e;
|
|
compromised sk(e);
|