forked from cascremers/scyther
-
Notifications
You must be signed in to change notification settings - Fork 0
/
ccitt509-1.spdl
35 lines (30 loc) · 852 Bytes
/
ccitt509-1.spdl
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
# CCITT X.509 (1)
#
# Modelled after the description in the SPORE library
# http://www.lsv.ens-cachan.fr/spore/ccittx509_1.html
#
# Note:
# The attack in SPORE is not found as this is not an attack against
# synchronisation, but an attack against the freshness of Xa and Ya
# which can currently not be modelled in scyther
#
usertype Timestamp;
protocol ccitt509-1(I,R)
{
role I
{
fresh Ta: Timestamp;
fresh Na,Xa,Ya: Nonce;
send_1(I,R, I,{Ta, Na, R, Xa,{Ya}pk(R)}sk(I));
# claim_2(I,Nisynch);
# This claim is useless as there are no preceding recv events
}
role R
{
var Ta: Timestamp;
var Na,Xa,Ya: Nonce;
recv_1(I,R, I,{Ta, Na, R, Xa,{Ya}pk(R)}sk(I));
claim_3(R,Nisynch);
# There should also be Fresh Xa and Fresh Ya claims here
}
}