22 Fake "[| evs: ns_public; B ~= Spy; |
22 Fake "[| evs: ns_public; B ~= Spy; |
23 X: synth (analz (sees lost Spy evs)) |] |
23 X: synth (analz (sees lost Spy evs)) |] |
24 ==> Says Spy B X # evs : ns_public" |
24 ==> Says Spy B X # evs : ns_public" |
25 |
25 |
26 (*Alice initiates a protocol run, sending a nonce to Bob*) |
26 (*Alice initiates a protocol run, sending a nonce to Bob*) |
27 NS1 "[| evs: ns_public; A ~= B |] |
27 NS1 "[| evs: ns_public; A ~= B; Nonce NA ~: used evs |] |
28 ==> Says A B (Crypt (pubK B) {|Nonce (newN(length evs)), Agent A|}) |
28 ==> Says A B (Crypt (pubK B) {|Nonce NA, Agent A|}) |
29 # evs : ns_public" |
29 # evs : ns_public" |
30 |
30 |
31 (*Bob responds to Alice's message with a further nonce*) |
31 (*Bob responds to Alice's message with a further nonce*) |
32 NS2 "[| evs: ns_public; A ~= B; |
32 NS2 "[| evs: ns_public; A ~= B; Nonce NB ~: used evs; |
33 Says A' B (Crypt (pubK B) {|Nonce NA, Agent A|}) |
33 Says A' B (Crypt (pubK B) {|Nonce NA, Agent A|}) |
34 : set_of_list evs |] |
34 : set_of_list evs |] |
35 ==> Says B A (Crypt (pubK A) {|Nonce NA, Nonce (newN(length evs)), |
35 ==> Says B A (Crypt (pubK A) {|Nonce NA, Nonce NB, Agent B|}) |
36 Agent B|}) |
|
37 # evs : ns_public" |
36 # evs : ns_public" |
38 |
37 |
39 (*Alice proves her existence by sending NB back to Bob.*) |
38 (*Alice proves her existence by sending NB back to Bob.*) |
40 NS3 "[| evs: ns_public; A ~= B; |
39 NS3 "[| evs: ns_public; A ~= B; |
41 Says B' A (Crypt (pubK A) {|Nonce NA, Nonce NB, Agent B|}) |
40 Says B' A (Crypt (pubK A) {|Nonce NA, Nonce NB, Agent B|}) |