Skip to content
Snippets Groups Projects
Commit 823db2c5 authored by Müller, Jonas's avatar Müller, Jonas
Browse files

Fix missing T and pkCe in Verify_Transcript

parent fd9d4816
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
include/kem_verify_transcript.spthy
+ 2
2
View file @ 823db2c5
#ifdef PFS #ifdef PFS
rule Verify_Transcript_C: rule Verify_Transcript_C:
let let
pkCe = pk(skCe)
kTMAC = kdf(<'TMAC', r1>, kTA) kTMAC = kdf(<'TMAC', r1>, kTA)
kTENC = kdf(<'TENC', r1>, kTA) kTENC = kdf(<'TENC', r1>, kTA)
kTCNF_c = kdf(<'TCNF', r1>, kTA) kTCNF_c = kdf(<'TCNF', r1>, kTA)
...@@ -24,8 +25,7 @@ let ...@@ -24,8 +25,7 @@ let
kTCNF_c = kdf(<'TCNF', r1>, kTA) kTCNF_c = kdf(<'TCNF', r1>, kTA)
dmesg = sdec(cCA, kTENC) dmesg = sdec(cCA, kTENC)
certC = fst(dmesg) certC = fst(dmesg)
r2 = fst(snd(dmesg)) r2 = snd(dmesg)
pkCe = snd(snd(dmesg))
sid = <certT, certC, r2, cip> sid = <certT, certC, r2, cip>
s_c = mac(<'CA', sid>, kTMAC) s_c = mac(<'CA', sid>, kTMAC)
kKDF = decaps(cip, skC) kKDF = decaps(cip, skC)
......
include/sig_verify_transcript.spthy
+ 2
4
View file @ 823db2c5
...@@ -26,21 +26,19 @@ in ...@@ -26,21 +26,19 @@ in
#ifdef PFS #ifdef PFS
rule Verify_Transcript_T: rule Verify_Transcript_T:
let let
pkT = cert_pk(certT)
sid = <certT, certC, r2, cip, pkCe, cipe> sid = <certT, certC, r2, cip, pkCe, cipe>
kCNF_t = kdf(<'CNF', sid>, <k, ke>) kCNF_t = kdf(<'CNF', sid>, <k, ke>)
in in
[ In(<certT, IDc, r1, sT, certC, r2, pkCe, cip, sC, cipe, kCNF>), In(<k, ke>) ] [ In(<certT, IDc, r1, sT, certC, r2, pkCe, cip, sC, cipe, kCNF>), In(<k, ke>), !Pk(T, pkT, 'terminal') ]
--[ Eq(T, cert_id(certT)), Eq(verify_cert(certT, 'terminal'), true), Eq(verify_cert(certC, 'chip'), true), Eq(verify(sT, <'TA', IDc, r1>, pkT), true), Eq(verify(sC, <'CA', sid>, pkT), true), Eq(kCNF, kCNF_t), ValidTrans(T, 'terminal', cert_id(certC)) ]-> --[ Eq(T, cert_id(certT)), Eq(verify_cert(certT, 'terminal'), true), Eq(verify_cert(certC, 'chip'), true), Eq(verify(sT, <'TA', IDc, r1>, pkT), true), Eq(verify(sC, <'CA', sid>, pkT), true), Eq(kCNF, kCNF_t), ValidTrans(T, 'terminal', cert_id(certC)) ]->
[ ] [ ]
#else #else
rule Verify_Transcript_T: rule Verify_Transcript_T:
let let
pkT = cert_pk(certT)
sid = <certT, certC, r2, cip> sid = <certT, certC, r2, cip>
kCNF_t = kdf(<'CNF', sid>, kKDF) kCNF_t = kdf(<'CNF', sid>, kKDF)
in in
[ In(<certT, IDc, r1, sT, certC, r2, cip, sC, kCNF>), In(kKDF) ] [ In(<certT, IDc, r1, sT, certC, r2, cip, sC, kCNF>), In(kKDF), !Pk(T, pkT, 'terminal') ]
--[ Eq(T, cert_id(certT)), Eq(verify_cert(certT, 'terminal'), true), Eq(verify_cert(certC, 'chip'), true), Eq(verify(sT, <'TA', IDc, r1>, pkT), true), Eq(verify(sC, <'CA', sid>, pkT), true), Eq(kCNF, kCNF_t), ValidTrans(T, 'terminal', cert_id(certC)) ]-> --[ Eq(T, cert_id(certT)), Eq(verify_cert(certT, 'terminal'), true), Eq(verify_cert(certC, 'chip'), true), Eq(verify(sT, <'TA', IDc, r1>, pkT), true), Eq(verify(sC, <'CA', sid>, pkT), true), Eq(kCNF, kCNF_t), ValidTrans(T, 'terminal', cert_id(certC)) ]->
[ ] [ ]
#endif #endif
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment