[prev in list] [next in list] [prev in thread] [next in thread]
List: avispa-users
Subject: Re: [Avispa-users] problem exchange specification
From: "Laurent Vigneron" <Laurent.Vigneron () loria ! fr>
Date: 2008-07-31 10:05:12
Message-ID: 20080731120512.63652nhjnc9b1nx4 () horde ! loria ! fr
[Download RAW message or body]
Hello Antonio,
> A => B: Data,{SNE,TNE,RandNum,B,h(Data)}.inv(ka),{SNE,ka}_inv(kb)
> The second part tries to represent a kind of certificate
> B => A: {SNE,TNE,RandNum,h(Data)}.inv(kb)
I have some questions about your protocol:
- in the first message, are you sure that the last part is encrypted
by inv(kb)? this means that A knows the private key of B; usually, we
write that A encrypts some message with the public key of B, then be
can decrypt it with its private key (and in your case get ka for
decrypting the first cypher).
- does B know ka from the beginning, or will he learn it after
receiving the first message?
> In my protocol, the entity B stores the set {sne,tne,randnum} when he
> receives a message, if B receives more than once this message, he does
> not generates a response message. How can I put this in HSPL?
I do not know how you can model this: when will you know that no copy
of this message will reach B? do you want to set a time limit?
> I'm getting this attack. It could be related to my previous question.
> In the attack, in the last part it appears {sne.ka}_inv(ka) instead of
> {sne.ka}_inv(kb), why?
About your HLPSL specification, the hash function has been declared as
a local variable in each role, but it does not have a value: you
should put it as parameter, and also add it in the intruder knowledge.
And that authentication attack is found because the value of State in
role alice stays to 2; you should set it to another value when the
second transition is applied.
Best regards,
Laurent.
_______________________________________________
Avispa-users mailing list
Avispa-users@avispa-project.org
http://mail63.csoft.net/mailman/listinfo/avispa-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic