Logical Analysis and Verification of Cryptographic Protocols - Loria
Logical Analysis and Verification of Cryptographic Protocols - Loria
Logical Analysis and Verification of Cryptographic Protocols - Loria
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
7.7. CONCLUSION 195<br />
Figure 7.3 Lee et al. protocol verification artifacts<br />
RIV = eq(x2, penc(u, z1, nth 3 3(sdec(x1, z2)))) ∧ eq(x4, sign(nth 2 1(sdec(x3, z2)),<br />
nth 3 1(sdec(x1, z2))))∧<br />
checkdvp(nth 2 2(sdec(x3, z2)), x2, getmsg(nth 2 1(sdec(x3, z2))), P k(nth 3 1(sdec(x1, z2))))∧<br />
eq(nth 3 1(x6), P k(nth 3 1(sdec(x1, z2)))) ∧ eq(P k(x5), nth 3 R<br />
2(sdec(x1, z2)))<br />
UV = � �<br />
n<br />
i=1<br />
y1,i = getmsg(getmsg(x4,i)) ∧ nth 3 3(x6,i) = Public1(y2,i) ∧ y1,i = Public3(y2,i)∧<br />
�<br />
Ver1,3(FL, y2,i) ∧ y3,i = dec(y1,i, Public2(y2,i)) ∧ ui = y3,i<br />
σ =E {senc(〈skV1, P k(skR1), P k(skT )〉, kpc1)/x ′ l1 , . . . , senc(〈skVn, P k(skRn), P k(skT )〉, kpcn)/x ′ ln ,<br />
b1/x ′ l n+1 , . . . , bn/x ′ l2n<br />
senc(〈sign(b ′ 1, skR1), dvp(b1, b ′ 1, r ′ 1, P k(skV1))〉, kpc1)/x ′ l 2n+1 , . . . ,<br />
senc(〈sign(b ′ n, skRn), dvp(bn, b ′ n, r ′ n, P k(skVn))〉, kpcn)/x ′ l3n ,<br />
sign(sign(b ′ 1, skR1), skV1)/x ′ l 3n+1 , . . . , sign(sign(b ′ n, skRn), skVn)/x ′ l4n ,<br />
skR1/x ′ l 4n+1 , . . . , skRn/x ′ l5n ,<br />
〈P k(skV1), P k(skR1), P k(skT )〉/x ′ l 5n+1 , . . . , 〈P k(skVn), P k(skRn), P k(skT )〉/x ′ l6n }<br />
where bi = penc(¯vi, ri, P k(skT )) <strong>and</strong> b ′ i = penc(¯vi, f(ri, r ′ i), P k(skT ))<br />
RIV Φ = eq(bi2 , penc(v′ , rj, nth 3 3(sdec(senc(〈skVi , P k(skRi ), P k(skT )〉, kpci1 ), kpcj))))<br />
1 1<br />
∧eq(sign(sign(b ′ i4 , skRi 4 ), skVi 4 ), sign(nth 2 1(sdec(senc(〈sign(b ′ i3 , skRi 3 ),<br />
), kpcj)),<br />
nth 3 1(sdec(senc(〈skVi , P k(skRi ), P k(skT )〉, kpci1 ), kpcj))))<br />
1 1<br />
dvp(bi3 , b′ i3 , r′ i3 , P k(skVi 3 ))〉, kpci3<br />
∧checkdvp(nth 2 2(sdec(senc(〈sign(b ′ i3 , skRi 3 ),<br />
dvp(bi3 , b′ i3 , r′ i3 , P k(skVi 3 ))〉, kpci3 ), kpcj)), bi2 ,<br />
getmsg(nth 2 1(sdec(senc(〈sign(b ′ i3 , skRi ), dvp(bi3 3 , b′ i3 , r′ i3 , P k(skVi ))〉, kpci3 ), kpcj))),<br />
3<br />
P k(nth 3 1(sdec(senc(〈skVi 1 , P k(skRi 1 ),<br />
P k(skT )〉, kpci1 ), kpcj))))<br />
∧eq(nth 3 1(〈P k(skVi 6 ), P k(skRi 6 ), P k(skT )〉), P k(nth 3 1(sdec(senc(〈skVi 1 , P k(skRi 1 ),<br />
P k(skT )〉, kpci1 ), kpcj))))<br />
∧eq(P k(skRi ), nth<br />
5 3 2(sdec(senc(〈skVi , P k(skRi ), P k(skT )〉, kpci1 ), kpcj)))<br />
1 1