equal
deleted
inserted
replaced
90 Says C' B {|Crypt (shrK B) {|Key KBC, Agent C, Nonce NB|}, |
90 Says C' B {|Crypt (shrK B) {|Key KBC, Agent C, Nonce NB|}, |
91 Crypt (shrK B) {|Key KAB, Agent A, Nonce NB|}, |
91 Crypt (shrK B) {|Key KAB, Agent A, Nonce NB|}, |
92 RA|} : set evs4 |] |
92 RA|} : set evs4 |] |
93 ==> Says B A RA # evs4 : recur" |
93 ==> Says B A RA # evs4 : recur" |
94 |
94 |
95 (**No "oops" message can easily be expressed. Each session key is |
|
96 associated--in two separate messages--with two nonces. |
|
97 ***) |
|
98 end |
95 end |
|
96 |
|
97 (*No "oops" message can easily be expressed. Each session key is |
|
98 associated--in two separate messages--with two nonces. This is |
|
99 one try, but it isn't that useful. Re domino attack, note that |
|
100 Recur.ML proves that each session key is secure provided the two |
|
101 peers are, even if there are compromised agents elsewhere in |
|
102 the chain. Oops cases proved using parts_cut, Key_in_keysFor_parts, |
|
103 etc. |
|
104 |
|
105 Oops "[| evso: recur; Says Server B RB : set evso; |
|
106 RB : responses evs'; Key K : parts {RB} |] |
|
107 ==> Notes Spy {|Key K, RB|} # evso : recur" |
|
108 *) |