diff --git a/Vagrant Files/.gitkeep b/Vagrant Files/.gitkeep
deleted file mode 100644
index e69de29bb2d1d6434b8b29ae775ad8c2e48c5391..0000000000000000000000000000000000000000
diff --git a/Vagrant Files/InstallationInstructions.txt b/Vagrant Files/InstallationInstructions.txt
new file mode 100644
index 0000000000000000000000000000000000000000..0e203ffb6ce7d831e137ba57cf35874bcbcce08b
--- /dev/null
+++ b/Vagrant Files/InstallationInstructions.txt
@@ -0,0 +1,17 @@
+
+Please ensure that you have installed Vagrant and have a virtual machine hypervisor installed on your host machine.
+Virtualbox is the reccomended hypervisor for this software
+
+
+Scytherbox Installation instructions:
+
+1. Create a new folder on your host machine
+
+2. Copy and paste or extract the contents of this folder into the newly created folder
+
+3. Open Powershell or your text terminal of choice and navigate to the newly created folder.
+
+4. type 'vagrant up' inside the folder.
+
+5. Allow time for Vagrant to download the base box and apply the provisioners to the box, this may take several minutes.
+
diff --git a/Vagrant Files/files/guide.txt b/Vagrant Files/files/guide.txt
new file mode 100644
index 0000000000000000000000000000000000000000..390795e502bcb316649a5df31b03beb3ddfa047c
--- /dev/null
+++ b/Vagrant Files/files/guide.txt
@@ -0,0 +1,10 @@
+
+To run Scyther, the scyther-gui.py file is recomeded, this can be launched through terminal by typing:
+
+./scyther/scyther-gui.py
+
+From here, protocols can be loaded using the file -> open menu or crtl+o. By going Desktop->SyncedFiles->GitLink
+Any protocols in your configured git repo can be opened.
+
+More information on how to use Scyther is availible in the Scyther manual which can be accessed from the desktop
+
diff --git a/Vagrant Files/shared/scyther/scyther-manual.pdf b/Vagrant Files/files/scyther-manual.pdf
similarity index 100%
rename from Vagrant Files/shared/scyther/scyther-manual.pdf
rename to Vagrant Files/files/scyther-manual.pdf
diff --git a/Vagrant Files/files/test folder/guide.txt b/Vagrant Files/files/test folder/guide.txt
deleted file mode 100644
index e740c7a6aeaab478abe0ee0f3d090ff1b43baa88..0000000000000000000000000000000000000000
--- a/Vagrant Files/files/test folder/guide.txt
+++ /dev/null
@@ -1 +0,0 @@
-These are where the scyther install instructions and user guide parts are going to go
\ No newline at end of file
diff --git a/Vagrant Files/shared/GitLink/sessionkey.sdpl.txt b/Vagrant Files/shared/GitLink/sessionkey.sdpl.txt
new file mode 100644
index 0000000000000000000000000000000000000000..0df74a26f69d3efa43478480ccd6ac1cbe8c0b67
--- /dev/null
+++ b/Vagrant Files/shared/GitLink/sessionkey.sdpl.txt
@@ -0,0 +1,42 @@
+usertype SessionKey;
+usertype Message;
+
+protocol EncrpytedExchange(Meter,Monitor)
+
+ {
+
+ role Meter {
+
+ fresh M: Message;
+ fresh TokenA: SessionKey;
+ var TokenB;
+
+ send_1(Meter,Monitor,{TokenA}k(k));
+ recv_2(Monitor,Meter,{TokenB}k(k));
+ claim(Meter,Running,Monitor,M);
+ send_3(Meter,Monitor,{M}k(k));
+
+ claim_Meter1(Meter, Secret, (k));
+ claim_Meter2(Meter, Secret, M);
+ claim_Meter3(Meter,Niagree);
+ claim_Meter4(Meter,Nisynch);
+
+ }
+
+ role Monitor {
+
+ var M;
+ var TokenA;
+ fresh TokenB: SessionKey;
+
+ recv_1(Meter,Monitor,{TokenA}k(k));
+ send_2(Monitor,Meter,{TokenB}k(k));
+ recv_3(Meter,Monitor,{M}k(k));
+
+ claim_Monitor1(Monitor, Secret, (k));
+ claim_Monitor2(Monitor, Secret, M);
+ claim_Meter3(Monitor,Niagree);
+ claim_Meter4(Monitor,Nisynch);
+
+ }
+}
\ No newline at end of file
diff --git a/Vagrant Files/shared/scyther/.gitignore b/Vagrant Files/shared/scyther/.gitignore
deleted file mode 100644
index e62e34e713e6c72fd0faa6b6736afbdf158ea136..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/.gitignore
+++ /dev/null
@@ -1,4 +0,0 @@
-*.pyc
-progressbar.py
-Cache
-Cache-OLD
diff --git a/Vagrant Files/shared/scyther/Changelog.txt b/Vagrant Files/shared/scyther/Changelog.txt
deleted file mode 100644
index b2af59b55e9f31e3961cde5412d36f29819754b6..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Changelog.txt
+++ /dev/null
@@ -1,159 +0,0 @@
-Scyther changelog
-===============================
-
-Scyther 1.1.2
--------------------------------
-
-Minor:
-
- * Updated installation instructions.
- * Updated 'ffgg' protocol generator for new conventions.
- * Windows users recently had to manually set the Graphviz path. Added a
- hack to avoid this inconvenience in most (but not all) cases.
- * Minor manual update.
-
-Bug fixes:
-
- * [Bugfix] Reverted use of shlex. This breaks the "abort backend
- thread" functionality again, but it was causing too much trouble on
- Windows.
-
-Scyther 1.1.1
--------------------------------
-
-This is mostly a bugfix release.
-
-New features:
-
- * [Language] Weakagree and Alive claims now also allow for an optional role
- parameter, which can be useful for protocols with more than two roles.
- * [Misc] Added Python script to dump attack outputs for large sets of files.
- * [Gui] Canceling verification now also kills back-end thread.
-
-Regression fixes:
-
- * [Regression-fix] Reintroduced option for specifying alternative PKI.
-
-Bug fixes:
-
- * [Bugfix] Fixed rare bug in some cases where hashes were used as symmetric keys.
- * [Bugfix] Invoking Scyther scripts from non-standard directories or using symlinks should work consistently now.
- * [Bugfix] Improving compatibility with recent versions of Graphviz (>2.26)
-
-Scyther 1.1
--------------------------------
-
-Major new features:
-
- * [Language] Added support for `macro Term1 = Term2;` definitions, which greatly
- simplifies many specifications.
- * [Language] Added support for `match(T1,T2);` events in roles, which
- can be used for e.g. a straightforward modeling of delayed decryption.
- * [Language] Added support for `not match(T1,T2);` events in roles.
- This can be useful for, e.g., modeling protocol restrictions (such as
- `A != B`).
- * [Language] Added support for `option "COMMANDLINE_OPTIONS";` in
- specifications. This provides full access to the command-line options
- of the Scyther backend to the protocol specifications. An example of
- its use is `option "--one-role-per-agent";`.
- * [Mac OS X] Dropped support for PPC in Scyther distributions, only
- supporting Intel for now. Note that installing from source may still
- work fine with a minor tweak to the build script.
-
-Additional protocol models:
-
-See <http://www.cs.ox.ac.uk/people/cas.cremers/tools/protocols.html> for a
-more high-level overview of selected protocol models.
-
- * IEEE 802.16e/WIMAX: PKMv2rsa and variants
- * IKEv1 and IKEv2 protocol suites
-
-Other new features:
-
- * `SCYTHERCACHEDIR` environment variable can be set to override the
- internal cache path.
- * [Backend] The command-line tool now supports the option
- `--one-role-per-agent`. This disallows agents from performing more than
- one role in a single trace. This effectively partitions the agents into
- role sets, i.e., each role can only be performed by agents from one of
- these sets.
- * [Documentation] Added the first incomplete version of the new manual.
-
-There are also various minor bugfixes and installation improvements.
-
-Scyther 1.0
--------------------------------
-
-Major new features:
-
- * [Language] Support for weak agreement
- * [Language] Support for non-injective data agreement through `Commit`
- and `Running` signals.
-
-Bugfixes:
-
- * Python 2.5 has integrated (c)elementtree into the core.
- Unfortunaly, this broke our previous import attempts. This has now
- been fixed.
-
-Scyther 1.0-beta7.1
--------------------------------
-
-Bugfixes:
-
- * Windows Vista fix broke Windows XP support.
-
-Scyther 1.0-beta7
--------------------------------
-
-Bugfixes:
-
- * Windows Vista causes a number of problems. The biggest problem
- is now fixed, which is the bad implementation of the tmpfile() C
- function, causing no attack output, for which there is a
- workaround now.
-
-Scyther 1.0-beta6
--------------------------------
-
-Major new features:
-
- * [Gui] Added Mac support (added universal binary)
- * [Gui] Switched to Scintilla editor component, providing undo
- and line numbering, and highlighting of error lines.
-
-Other new features:
-
- * [Backend] Scyther now detects when a recv event cannot match
- with a send event. This significantly helps in reducing errors
- in the protocol descriptions.
- * [Language] Added claim parameter for Reachable claim;
- Reachable,R means that role R should be trusted (as well as the
- actor), but not any other role. This can be useful for showing
- stronger authentication properties of protocols with more than
- two parties.
- * [Backend] Added '--max-of-role=N' switch (to narrow scenarios)
- * [Backend] Added '--scan-claims' switch (allows for retrieving
- a list of claims)
- * [Scripting] Added 'verifyOne' and 'scanClaims' methods to
- Scyther object, to help with singular claim testing.
-
- Bugfixes:
-
- * [Scripting] Fixed bug in python interface backend (e.g. with mpa.py)
-
-Scyther 1.0-beta5
--------------------------------
-
- * Change of switch semantics. '--max-attacks=N' now defines the
- maximum number of attacks per claim. Previously this was a
- global maximum for all claims combined.
- * Improved attack graph output.
- * added switch '--errors=FILE' to redirect standard error output
- to a file.
- * Rewrote parts of the gui code for improved stability.
-
-Scyther 1.0-beta4
--------------------------------
-
- * (Changelog starts after the release of Scyther 1.0-beta4)
diff --git a/Vagrant Files/shared/scyther/GNU-General-Public-License.txt b/Vagrant Files/shared/scyther/GNU-General-Public-License.txt
deleted file mode 100644
index d511905c1647a1e311e8b20d5930a37a9c2531cd..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/GNU-General-Public-License.txt
+++ /dev/null
@@ -1,339 +0,0 @@
- GNU GENERAL PUBLIC LICENSE
- Version 2, June 1991
-
- Copyright (C) 1989, 1991 Free Software Foundation, Inc.,
- 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- Everyone is permitted to copy and distribute verbatim copies
- of this license document, but changing it is not allowed.
-
- Preamble
-
- The licenses for most software are designed to take away your
-freedom to share and change it. By contrast, the GNU General Public
-License is intended to guarantee your freedom to share and change free
-software--to make sure the software is free for all its users. This
-General Public License applies to most of the Free Software
-Foundation's software and to any other program whose authors commit to
-using it. (Some other Free Software Foundation software is covered by
-the GNU Lesser General Public License instead.) You can apply it to
-your programs, too.
-
- When we speak of free software, we are referring to freedom, not
-price. Our General Public Licenses are designed to make sure that you
-have the freedom to distribute copies of free software (and charge for
-this service if you wish), that you receive source code or can get it
-if you want it, that you can change the software or use pieces of it
-in new free programs; and that you know you can do these things.
-
- To protect your rights, we need to make restrictions that forbid
-anyone to deny you these rights or to ask you to surrender the rights.
-These restrictions translate to certain responsibilities for you if you
-distribute copies of the software, or if you modify it.
-
- For example, if you distribute copies of such a program, whether
-gratis or for a fee, you must give the recipients all the rights that
-you have. You must make sure that they, too, receive or can get the
-source code. And you must show them these terms so they know their
-rights.
-
- We protect your rights with two steps: (1) copyright the software, and
-(2) offer you this license which gives you legal permission to copy,
-distribute and/or modify the software.
-
- Also, for each author's protection and ours, we want to make certain
-that everyone understands that there is no warranty for this free
-software. If the software is modified by someone else and passed on, we
-want its recipients to know that what they have is not the original, so
-that any problems introduced by others will not reflect on the original
-authors' reputations.
-
- Finally, any free program is threatened constantly by software
-patents. We wish to avoid the danger that redistributors of a free
-program will individually obtain patent licenses, in effect making the
-program proprietary. To prevent this, we have made it clear that any
-patent must be licensed for everyone's free use or not licensed at all.
-
- The precise terms and conditions for copying, distribution and
-modification follow.
-
- GNU GENERAL PUBLIC LICENSE
- TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
-
- 0. This License applies to any program or other work which contains
-a notice placed by the copyright holder saying it may be distributed
-under the terms of this General Public License. The "Program", below,
-refers to any such program or work, and a "work based on the Program"
-means either the Program or any derivative work under copyright law:
-that is to say, a work containing the Program or a portion of it,
-either verbatim or with modifications and/or translated into another
-language. (Hereinafter, translation is included without limitation in
-the term "modification".) Each licensee is addressed as "you".
-
-Activities other than copying, distribution and modification are not
-covered by this License; they are outside its scope. The act of
-running the Program is not restricted, and the output from the Program
-is covered only if its contents constitute a work based on the
-Program (independent of having been made by running the Program).
-Whether that is true depends on what the Program does.
-
- 1. You may copy and distribute verbatim copies of the Program's
-source code as you receive it, in any medium, provided that you
-conspicuously and appropriately publish on each copy an appropriate
-copyright notice and disclaimer of warranty; keep intact all the
-notices that refer to this License and to the absence of any warranty;
-and give any other recipients of the Program a copy of this License
-along with the Program.
-
-You may charge a fee for the physical act of transferring a copy, and
-you may at your option offer warranty protection in exchange for a fee.
-
- 2. You may modify your copy or copies of the Program or any portion
-of it, thus forming a work based on the Program, and copy and
-distribute such modifications or work under the terms of Section 1
-above, provided that you also meet all of these conditions:
-
- a) You must cause the modified files to carry prominent notices
- stating that you changed the files and the date of any change.
-
- b) You must cause any work that you distribute or publish, that in
- whole or in part contains or is derived from the Program or any
- part thereof, to be licensed as a whole at no charge to all third
- parties under the terms of this License.
-
- c) If the modified program normally reads commands interactively
- when run, you must cause it, when started running for such
- interactive use in the most ordinary way, to print or display an
- announcement including an appropriate copyright notice and a
- notice that there is no warranty (or else, saying that you provide
- a warranty) and that users may redistribute the program under
- these conditions, and telling the user how to view a copy of this
- License. (Exception: if the Program itself is interactive but
- does not normally print such an announcement, your work based on
- the Program is not required to print an announcement.)
-
-These requirements apply to the modified work as a whole. If
-identifiable sections of that work are not derived from the Program,
-and can be reasonably considered independent and separate works in
-themselves, then this License, and its terms, do not apply to those
-sections when you distribute them as separate works. But when you
-distribute the same sections as part of a whole which is a work based
-on the Program, the distribution of the whole must be on the terms of
-this License, whose permissions for other licensees extend to the
-entire whole, and thus to each and every part regardless of who wrote it.
-
-Thus, it is not the intent of this section to claim rights or contest
-your rights to work written entirely by you; rather, the intent is to
-exercise the right to control the distribution of derivative or
-collective works based on the Program.
-
-In addition, mere aggregation of another work not based on the Program
-with the Program (or with a work based on the Program) on a volume of
-a storage or distribution medium does not bring the other work under
-the scope of this License.
-
- 3. You may copy and distribute the Program (or a work based on it,
-under Section 2) in object code or executable form under the terms of
-Sections 1 and 2 above provided that you also do one of the following:
-
- a) Accompany it with the complete corresponding machine-readable
- source code, which must be distributed under the terms of Sections
- 1 and 2 above on a medium customarily used for software interchange; or,
-
- b) Accompany it with a written offer, valid for at least three
- years, to give any third party, for a charge no more than your
- cost of physically performing source distribution, a complete
- machine-readable copy of the corresponding source code, to be
- distributed under the terms of Sections 1 and 2 above on a medium
- customarily used for software interchange; or,
-
- c) Accompany it with the information you received as to the offer
- to distribute corresponding source code. (This alternative is
- allowed only for noncommercial distribution and only if you
- received the program in object code or executable form with such
- an offer, in accord with Subsection b above.)
-
-The source code for a work means the preferred form of the work for
-making modifications to it. For an executable work, complete source
-code means all the source code for all modules it contains, plus any
-associated interface definition files, plus the scripts used to
-control compilation and installation of the executable. However, as a
-special exception, the source code distributed need not include
-anything that is normally distributed (in either source or binary
-form) with the major components (compiler, kernel, and so on) of the
-operating system on which the executable runs, unless that component
-itself accompanies the executable.
-
-If distribution of executable or object code is made by offering
-access to copy from a designated place, then offering equivalent
-access to copy the source code from the same place counts as
-distribution of the source code, even though third parties are not
-compelled to copy the source along with the object code.
-
- 4. You may not copy, modify, sublicense, or distribute the Program
-except as expressly provided under this License. Any attempt
-otherwise to copy, modify, sublicense or distribute the Program is
-void, and will automatically terminate your rights under this License.
-However, parties who have received copies, or rights, from you under
-this License will not have their licenses terminated so long as such
-parties remain in full compliance.
-
- 5. You are not required to accept this License, since you have not
-signed it. However, nothing else grants you permission to modify or
-distribute the Program or its derivative works. These actions are
-prohibited by law if you do not accept this License. Therefore, by
-modifying or distributing the Program (or any work based on the
-Program), you indicate your acceptance of this License to do so, and
-all its terms and conditions for copying, distributing or modifying
-the Program or works based on it.
-
- 6. Each time you redistribute the Program (or any work based on the
-Program), the recipient automatically receives a license from the
-original licensor to copy, distribute or modify the Program subject to
-these terms and conditions. You may not impose any further
-restrictions on the recipients' exercise of the rights granted herein.
-You are not responsible for enforcing compliance by third parties to
-this License.
-
- 7. If, as a consequence of a court judgment or allegation of patent
-infringement or for any other reason (not limited to patent issues),
-conditions are imposed on you (whether by court order, agreement or
-otherwise) that contradict the conditions of this License, they do not
-excuse you from the conditions of this License. If you cannot
-distribute so as to satisfy simultaneously your obligations under this
-License and any other pertinent obligations, then as a consequence you
-may not distribute the Program at all. For example, if a patent
-license would not permit royalty-free redistribution of the Program by
-all those who receive copies directly or indirectly through you, then
-the only way you could satisfy both it and this License would be to
-refrain entirely from distribution of the Program.
-
-If any portion of this section is held invalid or unenforceable under
-any particular circumstance, the balance of the section is intended to
-apply and the section as a whole is intended to apply in other
-circumstances.
-
-It is not the purpose of this section to induce you to infringe any
-patents or other property right claims or to contest validity of any
-such claims; this section has the sole purpose of protecting the
-integrity of the free software distribution system, which is
-implemented by public license practices. Many people have made
-generous contributions to the wide range of software distributed
-through that system in reliance on consistent application of that
-system; it is up to the author/donor to decide if he or she is willing
-to distribute software through any other system and a licensee cannot
-impose that choice.
-
-This section is intended to make thoroughly clear what is believed to
-be a consequence of the rest of this License.
-
- 8. If the distribution and/or use of the Program is restricted in
-certain countries either by patents or by copyrighted interfaces, the
-original copyright holder who places the Program under this License
-may add an explicit geographical distribution limitation excluding
-those countries, so that distribution is permitted only in or among
-countries not thus excluded. In such case, this License incorporates
-the limitation as if written in the body of this License.
-
- 9. The Free Software Foundation may publish revised and/or new versions
-of the General Public License from time to time. Such new versions will
-be similar in spirit to the present version, but may differ in detail to
-address new problems or concerns.
-
-Each version is given a distinguishing version number. If the Program
-specifies a version number of this License which applies to it and "any
-later version", you have the option of following the terms and conditions
-either of that version or of any later version published by the Free
-Software Foundation. If the Program does not specify a version number of
-this License, you may choose any version ever published by the Free Software
-Foundation.
-
- 10. If you wish to incorporate parts of the Program into other free
-programs whose distribution conditions are different, write to the author
-to ask for permission. For software which is copyrighted by the Free
-Software Foundation, write to the Free Software Foundation; we sometimes
-make exceptions for this. Our decision will be guided by the two goals
-of preserving the free status of all derivatives of our free software and
-of promoting the sharing and reuse of software generally.
-
- NO WARRANTY
-
- 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
-FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
-OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
-PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
-OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
-MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
-TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
-PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
-REPAIR OR CORRECTION.
-
- 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
-WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
-REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
-INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
-OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
-TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
-YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
-PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
-POSSIBILITY OF SUCH DAMAGES.
-
- END OF TERMS AND CONDITIONS
-
- How to Apply These Terms to Your New Programs
-
- If you develop a new program, and you want it to be of the greatest
-possible use to the public, the best way to achieve this is to make it
-free software which everyone can redistribute and change under these terms.
-
- To do so, attach the following notices to the program. It is safest
-to attach them to the start of each source file to most effectively
-convey the exclusion of warranty; and each file should have at least
-the "copyright" line and a pointer to where the full notice is found.
-
- <one line to give the program's name and a brief idea of what it does.>
- Copyright (C) <year> <name of author>
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License along
- with this program; if not, write to the Free Software Foundation, Inc.,
- 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-
-Also add information on how to contact you by electronic and paper mail.
-
-If the program is interactive, make it output a short notice like this
-when it starts in an interactive mode:
-
- Gnomovision version 69, Copyright (C) year name of author
- Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
- This is free software, and you are welcome to redistribute it
- under certain conditions; type `show c' for details.
-
-The hypothetical commands `show w' and `show c' should show the appropriate
-parts of the General Public License. Of course, the commands you use may
-be called something other than `show w' and `show c'; they could even be
-mouse-clicks or menu items--whatever suits your program.
-
-You should also get your employer (if you work as a programmer) or your
-school, if any, to sign a "copyright disclaimer" for the program, if
-necessary. Here is a sample; alter the names:
-
- Yoyodyne, Inc., hereby disclaims all copyright interest in the program
- `Gnomovision' (which makes passes at compilers) written by James Hacker.
-
- <signature of Ty Coon>, 1 April 1989
- Ty Coon, President of Vice
-
-This General Public License does not permit incorporating your program into
-proprietary programs. If your program is a subroutine library, you may
-consider it more useful to permit linking proprietary applications with the
-library. If this is what you want to do, use the GNU Lesser General
-Public License instead of this License.
diff --git a/Vagrant Files/shared/scyther/Gui/About.py b/Vagrant Files/shared/scyther/Gui/About.py
deleted file mode 100644
index b415c55de04ed388c08c39f3ec0b4a8ce1fe8397..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Gui/About.py
+++ /dev/null
@@ -1,137 +0,0 @@
-#!/usr/bin/python
-"""
- Scyther : An automatic verifier for security protocols.
- Copyright (C) 2007-2013 Cas Cremers
-
- This program is free software; you can redistribute it and/or
- modify it under the terms of the GNU General Public License
- as published by the Free Software Foundation; either version 2
- of the License, or (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-"""
-
-
-#---------------------------------------------------------------------------
-
-""" Import externals """
-import wx
-import wx.html
-import os.path
-
-#---------------------------------------------------------------------------
-
-""" Import scyther-gui components """
-
-import Scyther
-
-#---------------------------------------------------------------------------
-
-""" Globals """
-
-basedir = ""
-
-#---------------------------------------------------------------------------
-
-def setBaseDir(mybasedir):
- global basedir
-
- basedir = mybasedir
-
-#---------------------------------------------------------------------------
-
-class AboutScyther(wx.Dialog):
- def __init__(self,parent,mybasedir=None):
-
- from Version import SCYTHER_GUI_VERSION
- global basedir
-
- self.text = '''
-<html>
-<body bgcolor="#ffffff">
-<img src="$SPLASH">
-<h5 align="right">Scyther : $VERSION</h5>
-<small>
- <p>
- <b>Scyther</b> is an automatic tool for the verification and
- falsification of security protocols.
- </p>
- <p>
- For news and updates visit the Scyther pages at
- <a target="_blank" href="http://www.cs.ox.ac.uk/people/cas.cremers/scyther/index.html">
- http://www.cs.ox.ac.uk/people/cas.cremers/scyther/index.html</a>
- </p>
- <h5>License</h5>
- <p>
- Scyther : An automatic verifier for security protocols.<br>
- Copyright (C) 2007-2013 Cas Cremers
- </p>
- <p>
- This program is free software; you can redistribute it and/or
- modify it under the terms of the GNU General Public License
- as published by the Free Software Foundation; either version 2
- of the License, or (at your option) any later version.
- </p>
- <p>
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
- </p>
- <p>
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- </p>
- <h5>Backend version</h5>
- <p>
- $DETAILS
- </p>
- <h5>Credits</h5>
- <p>
- Cas Cremers (Scyther theory, backend, and main GUI
- code), Gijs Hollestelle (Python parser for Scyther XML output).
- </p>
-</small>
- '''
-
- if mybasedir:
- basedir = mybasedir
-
- # Debugging output of some parameters
-
- splashdir = os.path.join(basedir,"Images")
- splashimage = os.path.join(splashdir,"scyther-splash.png")
- details_html = "Base directory: %s<br>\n" % (basedir)
- details_html += Scyther.Scyther.GetInfo(html=True)
-
- self.text = self.text.replace("$SPLASH",splashimage)
- self.text = self.text.replace("$DETAILS",details_html)
-
- # version information
- self.text = self.text.replace("$VERSION", SCYTHER_GUI_VERSION)
-
- wx.Dialog.__init__(self, parent, -1, 'About Scyther',
- size=(660,620))
- html = wx.html.HtmlWindow(self)
- #if "gtk2" in wx.PlatformInfo:
- # html.SetStandardFonts()
- html.SetBorders(10)
- html.SetPage(self.text)
- button = wx.Button(self, wx.ID_OK, "Close window")
-
- sizer = wx.BoxSizer(wx.VERTICAL)
- sizer.Add(html, 1, wx.EXPAND|wx.ALL,0)
- sizer.Add(button,0,wx.ALIGN_CENTER|wx.ALL,5)
-
- self.SetSizer(sizer)
- self.Layout()
-
-# vim: set ts=4 sw=4 et list lcs=tab\:>-:
diff --git a/Vagrant Files/shared/scyther/Gui/Attackwindow.py b/Vagrant Files/shared/scyther/Gui/Attackwindow.py
deleted file mode 100644
index 39b9f063fc5aa1c56184cb14888a77431846bfaf..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Gui/Attackwindow.py
+++ /dev/null
@@ -1,330 +0,0 @@
-#!/usr/bin/python
-from __future__ import division # 2.2+-only
-"""
- Scyther : An automatic verifier for security protocols.
- Copyright (C) 2007-2013 Cas Cremers
-
- This program is free software; you can redistribute it and/or
- modify it under the terms of the GNU General Public License
- as published by the Free Software Foundation; either version 2
- of the License, or (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-"""
-
-
-#---------------------------------------------------------------------------
-
-""" Import externals """
-import wx
-import os
-from Misc import *
-
-#---------------------------------------------------------------------------
-
-""" Import scyther-gui components """
-import Icon
-import Preference
-import Error
-
-#---------------------------------------------------------------------------
-try:
- import Image
-except ImportError:
- pass
-
-#---------------------------------------------------------------------------
-
-class AttackDisplay(wx.ScrolledWindow):
- """
- Display an attack (inside a tab or not)
- """
- def __init__(self, daddy, parent, attack):
-
- self.win = daddy
- self.attack = attack
-
- wx.ScrolledWindow.__init__(self,parent,id=-1)
-
- self.Bind(wx.EVT_SIZE, self.OnSize)
- self.Image = wx.StaticBitmap(self, -1, wx.EmptyBitmap(1,1))
- self.box = wx.BoxSizer(wx.VERTICAL)
- self.box.Add(self.Image,1,wx.ALIGN_CENTER)
- self.hbox = wx.BoxSizer(wx.HORIZONTAL)
- self.hbox.Add(self.box,1,wx.ALIGN_CENTER)
- self.SetSizer(self.hbox)
-
- self.original = None
-
- filename = attack.file
- if attack.filetype == "png":
- self.original = wx.Image(filename,wx.BITMAP_TYPE_PNG)
- elif attack.filetype == "ps":
- # depends on PIL lib
- try:
- self.original = Image.open(filename)
- except:
- Preference.doNotUsePIL()
- raise Error.PILError
- else:
- print "Unknown file type %s." % (self.filetype)
-
- # TODO self.Bind(wxSizeEvent
- self.update(True)
- self.Fit()
-
- def OnSize(self,event):
- self.update(False)
- event.Skip()
-
- def update(self,force=True):
-
- if not force:
- if not self.win.fit:
- return
-
- # This is needed, don't ask me why.
- self.SetScrollbars(0,0,0,0,0,0)
-
- (framewidth,frameheight) = self.GetClientSizeTuple()
- (virtualwidth,virtualheight) = (framewidth,frameheight)
-
- def makefit(width,height):
- if self.win.fit:
- # determine scaling factors for fitting
- wfactor = float(framewidth) / width
- hfactor = float(frameheight) / height
-
- # select smallest factor (so it will fit)
- if hfactor < wfactor:
- factor = hfactor
- else:
- factor = wfactor
-
- # apply scaling factor
- width = width * factor
- height = height * factor
- else:
- factor = 1.0
-
- return (factor, int(width), int(height))
-
- if self.attack.filetype == "png":
- bmp = self.original
- if not bmp.Ok():
- bmp = wx.EmptyImage(1,1)
- else:
- (originalwidth,originalheight) = (bmp.GetWidth(), bmp.GetHeight())
- if self.win.fit:
- (factor, virtualwidth, virtualheight) = makefit(originalwidth,originalheight)
- bmp = self.original.Scale(virtualwidth,virtualheight)
- self.Image.SetBitmap(wx.BitmapFromImage(bmp))
-
- elif self.attack.filetype == "ps":
- pil = self.original.copy()
- (originalwidth,originalheight) = pil.size
- (factor, virtualwidth, virtualheight) = makefit(originalwidth,originalheight)
- # we really only want antialias when it's smaller
- if factor < 1.0:
- pil.thumbnail((virtualwidth,virtualheight),Image.ANTIALIAS)
- else:
- pil.thumbnail((virtualwidth,virtualheight))
-
- image = wx.EmptyImage(pil.size[0],pil.size[1])
- image.SetData(pil.convert('RGB').tostring())
- self.Image.SetBitmap(image.ConvertToBitmap())
-
- else:
- print "Unknown file type %s." % (self.attack.filetype)
-
- self.SetVirtualSize((virtualwidth,virtualheight))
-
- #self.box.SetItemMinSize(self.Image.GetContainingSizer())
- self.box.Layout()
-
- step = 20
- xn = int(virtualwidth // step) + 1
- yn = int(virtualheight // step) + 1
- self.SetScrollbars(step,step,xn,yn,0,0)
-
- """
- Pop up menu
- """
- self.popupmenu = wx.Menu()
- item = self.popupmenu.Append(-1,"Export image (.png)")
- self.Bind(wx.EVT_MENU, self.OnExportPng, item)
- item = self.popupmenu.Append(-1,"Export image (.ps)")
- self.Bind(wx.EVT_MENU, self.OnExportPs, item)
- item = self.popupmenu.Append(-1,"Export image (.pdf)")
- self.Bind(wx.EVT_MENU, self.OnExportPdf, item)
- item = self.popupmenu.Append(-1,"Export image (.svg)")
- self.Bind(wx.EVT_MENU, self.OnExportSvg, item)
- item = self.popupmenu.Append(-1,"Export image (.fig)")
- self.Bind(wx.EVT_MENU, self.OnExportFig, item)
- item = self.popupmenu.Append(-1,"Export graphviz data (.dot)")
- self.Bind(wx.EVT_MENU, self.OnExportDot, item)
-
- self.Bind(wx.EVT_CONTEXT_MENU, self.OnShowPopup)
-
- self.Refresh()
-
- def OnShowPopup(self, event):
- pos = event.GetPosition()
- pos = self.Image.ScreenToClient(pos)
- self.PopupMenu(self.popupmenu, pos)
-
- def OnPopupItemSelected(self, event):
- item = self.popupmenu.FindItemById(event.GetId())
- text = item.GetText()
- wx.MessageBox("You selected item %s" % text)
-
- def askUserForFilename(self, **dialogOptions):
- dialog = wx.FileDialog(self, **dialogOptions)
- if dialog.ShowModal() == wx.ID_OK:
- res = "%s/%s" % (dialog.GetDirectory(), dialog.GetFilename())
- else:
- res = None
- dialog.Destroy()
- return res
-
- def saveFileName(self, ext):
- (p,r,l) = self.win.claim.triplet()
- prefix = "pattern-%s_%s_%s-%s" % (p,r,l,self.attack.id)
- suggested = "%s.%s" % (prefix,ext)
- res = self.askUserForFilename(style=wx.SAVE, wildcard="*.%s" % (ext), defaultFile = "%s" % (suggested))
- return res
-
- def exportImage(self, type,ext=None):
- if ext == None:
- ext = type
- res = self.saveFileName(ext)
- if res != None:
- cmd = "dot -T%s" % (type)
- cmdpushwrite(cmd,self.attack.scytherDot,res)
-
- def OnExportPng(self, event):
- self.exportImage("png")
-
- def OnExportPs(self, event):
- self.exportImage("ps")
-
- def OnExportPdf(self, event):
- self.exportImage("pdf")
-
- def OnExportSvg(self, event):
- self.exportImage("svg")
-
- def OnExportFig(self, event):
- self.exportImage("fig")
-
- def OnExportDot(self, event):
- res = self.saveFileName("dot")
- if res != None:
- fp = open(res,'w')
- fp.write(self.attack.scytherDot)
- fp.close()
-
-
-
-
-
-#---------------------------------------------------------------------------
-
-class AttackWindow(wx.Frame):
- def __init__(self,cl):
- super(AttackWindow, self).__init__(None, size=(800,800))
-
- self.claim = cl
-
- # TODO maybe fitting defaults should come from Preferences.
- # Now, it is default no even if we have PIL, for performance
- # reasons.
- self.fit = False
-
- self.CreateInteriorWindowComponents()
-
- Icon.ScytherIcon(self)
- self.SetTitle()
-
- def SetTitle(self):
-
- tstr = self.claim.stateName(len(self.claim.attacks),True)
- tstr += " for claim %s" % self.claim.id
- super(AttackWindow, self).SetTitle(tstr)
-
- def CreateInteriorWindowComponents(self):
- ''' Create "interior" window components. In this case it is the
- attack picture. '''
-
- sizer = wx.BoxSizer(wx.VERTICAL)
-
- # Make zoom buttons
- if Preference.usePIL():
- buttons = wx.BoxSizer(wx.HORIZONTAL)
- bt = wx.ToggleButton(self,-1,"Fit to window")
- bt.SetValue(self.fit)
- buttons.Add(bt,0)
- self.Bind(wx.EVT_TOGGLEBUTTON, self.OnFit, bt)
- sizer.Add(buttons, 0, wx.ALIGN_LEFT)
-
- # Add attacks (possible with tabs)
- self.displays=[]
- attacks = self.claim.attacks
-
- n = len(attacks)
- if n <= 1:
- # Just a single window
- dp = AttackDisplay(self, self, attacks[0])
- self.displays.append(dp)
- else:
- # Multiple tabs
- dp = wx.Notebook(self,-1)
- for i in range(0,n):
- disp = AttackDisplay(self,dp,attacks[i])
- classname = "%s %i" % (self.claim.stateName(1,True),(i+1))
- dp.AddPage(disp, classname)
- self.displays.append(disp)
-
- sizer.Add(dp, 1, wx.EXPAND,1)
-
- self.SetSizer(sizer)
-
- def update(self,force=False):
- for t in self.displays:
- t.update(force)
-
- def OnFit(self,event):
-
- if self.fit:
- self.fit = False
- else:
- self.fit = True
- self.update(True)
-
- def OnRealSize(self):
-
- self.fit = False
- self.update(True)
-
- def OnSize(self):
- self.Refresh()
-
- def OnZoom100(self,evt):
- self.fit = False
- self.update(True)
- self.Refresh()
-
- def OnZoomFit(self,evt):
- self.fit = True
- self.update(True)
- self.Refresh()
-
-#---------------------------------------------------------------------------
-# vim: set ts=4 sw=4 et list lcs=tab\:>-:
diff --git a/Vagrant Files/shared/scyther/Gui/Editor.py b/Vagrant Files/shared/scyther/Gui/Editor.py
deleted file mode 100644
index b3e093fb5099b53dde685058d029fb739d43f4e5..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Gui/Editor.py
+++ /dev/null
@@ -1,195 +0,0 @@
-#!/usr/bin/python
-"""
- Scyther : An automatic verifier for security protocols.
- Copyright (C) 2007-2013 Cas Cremers
-
- This program is free software; you can redistribute it and/or
- modify it under the terms of the GNU General Public License
- as published by the Free Software Foundation; either version 2
- of the License, or (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-"""
-
-
-#---------------------------------------------------------------------------
-
-""" Import externals """
-import wx
-import string
-
-# Use Scintilla editor?
-useStc = True # It looks nicer!
-#useStc = False # It is sometimes buggy, claims the internet
-
-# Test Scintilla and if it fails, get rid of it
-if useStc:
- try:
- from wx.stc import *
- except:
- useStc = False
-
-#---------------------------------------------------------------------------
-
-""" Import scyther-gui components """
-
-#---------------------------------------------------------------------------
-
-""" Some constants """
-
-#---------------------------------------------------------------------------
-
-def justNumbers(txt):
- for x in txt:
- if not x in string.digits:
- return False
- return True
-
-def lineInError(txt):
- # First option: square braces
- x1 = txt.find("[")
- if x1 >= 0:
- x2 = txt.find("]")
- if x2 > x1:
- nrstring = txt[(x1+1):x2]
- if justNumbers(nrstring):
- return int(nrstring)
- # Alternative: ...line x
- pref = " line "
- i = txt.find(pref)
- if i >= 0:
- i = i + len(pref)
- j = i
- while txt[j] in string.digits:
- j = j+1
- if j > i:
- return int(txt[i:j])
-
- return None
-
-def selectEditor(parent):
- """
- Pick an editor (Scintilla or default) and return the object.
- """
- if useStc:
- return EditorStc(parent)
- else:
- return EditorNormal(parent)
-
-#---------------------------------------------------------------------------
-
-class Editor(object):
-
- def __init__(self, parent):
- # Empty start
- self.SetText("")
- self.SetChanged(False)
-
- def SetText(self):
- pass
-
- def SetErrors(self,errors):
- pass
-
- def GetChanged(self):
- """
- Return true if file was changed
- """
- return self.savedtext != self.GetText()
-
- def SetChanged(self,nowchanged=False):
- """
- Set changed status
- """
- if nowchanged:
- self.savedtext = ""
- else:
- self.SetSaved()
-
- def SetSaved(self):
- self.savedtext = self.GetText()
-
- def SetOpened(self):
- self.SetSaved()
-
-#---------------------------------------------------------------------------
-
-class EditorNormal(Editor):
-
- def __init__(self, parent):
- self.control = wx.TextCtrl(parent, style=wx.TE_MULTILINE)
-
- # Call parent
- Editor.__init__(self,parent)
-
- def GetText(self):
- return self.control.GetValue()
-
- def SetText(self, txt):
- self.control.SetValue(txt)
-
-#---------------------------------------------------------------------------
-
-class EditorStc(Editor):
-
- def __init__(self, parent):
- # Scintilla layout with line numbers
- self.control = StyledTextCtrl(parent)
- self.control.SetMarginType(1, STC_MARGIN_NUMBER)
- self.control.SetMarginWidth(1, 30)
-
- # Call parent
- Editor.__init__(self,parent)
-
- # Set variable for error style
- self.errorstyle = 5
- self.control.StyleSetSpec(self.errorstyle, "fore:#FFFF0000,back:#FF0000")
-
- def GetText(self):
- return self.control.GetText()
-
- def SetText(self, txt):
- self.control.SetText(txt)
-
- def GetLineCount(self):
- """ Currently rather stupid, can probably be done more
- efficiently through some Scintilla function. """
- txt = self.GetText().splitlines()
- return len(txt)
-
- def SetErrorLine(self,line):
- """
- Currently this is BROKEN for include commands, as no file names
- are propagated. To minize the damage, we at least don't try to
- highlight non-existing names. In the long run of course
- propagation is the only way to handle this.
- """
- if line <= self.GetLineCount():
- if line > 0:
- line = line - 1 # Start at 0 in stc, but on screen count is 1
- pos = self.control.GetLineIndentPosition(line)
- last = self.control.GetLineEndPosition(line)
- self.control.StartStyling(pos,31)
- self.control.SetStyling(last-pos,self.errorstyle)
-
- def ClearErrors(self):
- self.control.ClearDocumentStyle()
-
- def SetErrors(self,errors):
- if errors:
- for el in errors:
- nr = lineInError(el)
- if nr:
- self.SetErrorLine(nr)
- else:
- self.ClearErrors()
-
-#---------------------------------------------------------------------------
-
diff --git a/Vagrant Files/shared/scyther/Gui/Error.py b/Vagrant Files/shared/scyther/Gui/Error.py
deleted file mode 100644
index 6433cf21b2d6f8aac8a0a7205427bddb5bcf9955..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Gui/Error.py
+++ /dev/null
@@ -1,51 +0,0 @@
-#!/usr/bin/python
-"""
- Scyther : An automatic verifier for security protocols.
- Copyright (C) 2007-2013 Cas Cremers
-
- This program is free software; you can redistribute it and/or
- modify it under the terms of the GNU General Public License
- as published by the Free Software Foundation; either version 2
- of the License, or (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-"""
-
-
-#---------------------------------------------------------------------------
-
-""" Import externals """
-import wx
-import sys
-
-#---------------------------------------------------------------------------
-
-""" Import scyther-gui components """
-
-#---------------------------------------------------------------------------
-
-class PILError (Exception):
- pass
-
-class NoAttackError(Exception):
- pass
-
-#---------------------------------------------------------------------------
-
-def ShowAndReturn(text):
- title = "Error"
- dlg = wx.MessageDialog(None, text, title, wx.ID_OK | wx.ICON_ERROR)
- result = dlg.ShowModal()
- dlg.Destroy()
-
-def ShowAndExit(text):
- ShowAndReturn(text)
- sys.exit()
-
diff --git a/Vagrant Files/shared/scyther/Gui/Icon.py b/Vagrant Files/shared/scyther/Gui/Icon.py
deleted file mode 100644
index 2f4f26fb6ef913c2ec500ef8edd1ef26623e80ed..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Gui/Icon.py
+++ /dev/null
@@ -1,52 +0,0 @@
-#!/usr/bin/python
-"""
- Scyther : An automatic verifier for security protocols.
- Copyright (C) 2007-2013 Cas Cremers
-
- This program is free software; you can redistribute it and/or
- modify it under the terms of the GNU General Public License
- as published by the Free Software Foundation; either version 2
- of the License, or (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-"""
-
-
-#---------------------------------------------------------------------------
-
-""" Import externals """
-import wx
-import os.path
-import sys
-
-#---------------------------------------------------------------------------
-
-""" Import scyther-gui components """
-import Misc
-
-#---------------------------------------------------------------------------
-
-def ScytherIcon(window):
- """ Set a nice Scyther icon """
- import os,inspect
-
- # Determine base directory (taking symbolic links into account)
- cmd_file = os.path.realpath(os.path.abspath(inspect.getfile( inspect.currentframe() )))
- basedir = os.path.split(cmd_file)[0]
-
- path = os.path.join(basedir,"Images")
- iconfile = Misc.mypath(os.path.join(path,"scyther-gui-32.ico"))
- if os.path.isfile(iconfile):
- icon = wx.Icon(iconfile,wx.BITMAP_TYPE_ICO)
- window.SetIcon(icon)
-
-
-#---------------------------------------------------------------------------
-# vim: set ts=4 sw=4 et list lcs=tab\:>-:
diff --git a/Vagrant Files/shared/scyther/Gui/Mainwindow.py b/Vagrant Files/shared/scyther/Gui/Mainwindow.py
deleted file mode 100644
index 70ce11232361eea3ca4513710a3ff2d0d64fa651..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Gui/Mainwindow.py
+++ /dev/null
@@ -1,322 +0,0 @@
-#!/usr/bin/python
-"""
- Scyther : An automatic verifier for security protocols.
- Copyright (C) 2007-2013 Cas Cremers
-
- This program is free software; you can redistribute it and/or
- modify it under the terms of the GNU General Public License
- as published by the Free Software Foundation; either version 2
- of the License, or (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-"""
-
-
-#---------------------------------------------------------------------------
-
-""" Import externals """
-import wx
-import os.path
-
-#---------------------------------------------------------------------------
-
-""" Import scyther-gui components """
-import Settingswindow
-import Scytherthread
-import Icon
-import About
-import Editor
-import Preference
-
-#---------------------------------------------------------------------------
-
-""" Some constants """
-ID_VERIFY = 100
-ID_AUTOVERIFY = 101
-ID_CHARACTERIZE = 102
-ID_CHECK = 103
-
-#---------------------------------------------------------------------------
-
-def MainInitOnce():
- result = Preference.usePIL() # Makes sure PIL is tested.
-
-class MainWindow(wx.Frame):
-
- def __init__(self, opts, args):
- super(MainWindow, self).__init__(None, size=(600,800))
-
- self.opts = opts
- self.args = args
-
- self.dirname = os.path.abspath('.')
-
- MainInitOnce()
-
- self.filename = 'noname.spdl'
- self.filepath = ""
-
- self.load = False
-
- # test
- if opts.test:
- self.filename = 'scythergui-default.spdl'
- self.load = True
-
- # if there is an argument (file), we load it
- if len(args) > 0:
- filename = args[0]
- if filename != '' and os.path.isfile(filename):
- (self.dirname,self.filename) = os.path.split(filename)
- self.load = True
-
- Icon.ScytherIcon(self)
-
- self.CreateInteriorWindowComponents()
- self.CreateExteriorWindowComponents()
-
- aTable = wx.AcceleratorTable([
- (wx.ACCEL_CTRL, ord('Q'), wx.ID_EXIT),
- (wx.ACCEL_NORMAL, wx.WXK_F1,
- ID_VERIFY),
- (wx.ACCEL_NORMAL, wx.WXK_F2,
- ID_CHARACTERIZE),
- (wx.ACCEL_NORMAL, wx.WXK_F5,
- ID_CHECK),
- (wx.ACCEL_NORMAL, wx.WXK_F6,
- ID_AUTOVERIFY),
- ])
- self.SetAcceleratorTable(aTable)
-
- self.claimlist = []
- self.pnglist = []
-
- #self.SetTitle(self.title)
-
- self.firstCommand()
-
- def CreateInteriorWindowComponents(self):
- ''' Create "interior" window components. In this case it is just a
- simple multiline text control. '''
-
- ## Make zoom buttons
- #sizer = wx.BoxSizer(wx.VERTICAL)
- #buttons = wx.BoxSizer(wx.HORIZONTAL)
- #bt = wx.Button(self,ID_VERIFY)
- #buttons.Add(bt,0)
- #self.Bind(wx.EVT_BUTTON, self.OnVerify, bt)
- #bt = wx.Button(self,ID_CHARACTERIZE)
- #buttons.Add(bt,0)
- #self.Bind(wx.EVT_BUTTON, self.OnCharacterize, bt)
- #sizer.Add(buttons, 0, wx.ALIGN_LEFT)
-
- # Top: input
- self.top = wx.Notebook(self,-1)
- # Editor there
- self.editor = Editor.selectEditor(self.top)
-
- if self.load:
- textfile = open(os.path.join(self.dirname, self.filename), 'r')
- self.editor.SetText(textfile.read())
- if self.dirname != "":
- os.chdir(self.dirname)
- textfile.close()
- self.editor.SetOpened()
-
- self.top.AddPage(self.editor.control,"Protocol description")
- self.settings = Settingswindow.SettingsWindow(self.top,self)
- self.top.AddPage(self.settings,"Settings")
-
- #sizer.Add(self.top,1,wx.EXPAND,1)
- #self.SetSizer(sizer)
-
- def CreateExteriorWindowComponents(self):
- ''' Create "exterior" window components, such as menu and status
- bar. '''
- self.CreateMenus()
- self.SetTitle()
-
- def CreateMenu(self, bar, name, list):
-
- fileMenu = wx.Menu()
- for id, label, helpText, handler in list:
- if id == None:
- fileMenu.AppendSeparator()
- else:
- item = fileMenu.Append(id, label, helpText)
- self.Bind(wx.EVT_MENU, handler, item)
- bar.Append(fileMenu, name) # Add the fileMenu to the MenuBar
-
-
- def CreateMenus(self):
- menuBar = wx.MenuBar()
- self.CreateMenu(menuBar, '&File', [
- (wx.ID_OPEN, '&Open', 'Open a new file', self.OnOpen),
- (wx.ID_SAVE, '&Save', 'Save the current file', self.OnSave),
- (wx.ID_SAVEAS, 'Save &As', 'Save the file under a different name',
- self.OnSaveAs),
- (None, None, None, None),
- (wx.ID_EXIT, 'E&xit\tCTRL-Q', 'Terminate the program',
- self.OnExit)])
- self.CreateMenu(menuBar, '&Verify',
- [(ID_VERIFY, '&Verify protocol\tF1','Verify the protocol in the buffer using Scyther',
- self.OnVerify) ,
- (ID_CHARACTERIZE, '&Characterize roles\tF2','TODO' ,
- self.OnCharacterize) ,
- (None, None, None, None),
- ### Disabled for now (given that it is not reliable enough yet)
- #(ID_CHECK, '&Check protocol\tF5','TODO',
- # self.OnCheck) ,
- (ID_AUTOVERIFY, 'Verify &automatic claims\tF6','TODO',
- self.OnAutoVerify)
- ])
- self.CreateMenu(menuBar, '&Help',
- [(wx.ID_ABOUT, '&About', 'Information about this program',
- self.OnAbout) ])
- self.SetMenuBar(menuBar) # Add the menuBar to the Frame
-
-
- def SetTitle(self):
- # MainWindow.SetTitle overrides wx.Frame.SetTitle, so we have to
- # call it using super:
- super(MainWindow, self).SetTitle('Scyther: %s'%self.filename)
-
- # Helper methods:
-
- def defaultFileDialogOptions(self):
- ''' Return a dictionary with file dialog options that can be
- used in both the save file dialog as well as in the open
- file dialog. '''
- return dict(message='Choose a file', defaultDir=self.dirname,
- wildcard='*.spdl')
-
- def askUserForFilename(self, **dialogOptions):
- dialog = wx.FileDialog(self, **dialogOptions)
- if dialog.ShowModal() == wx.ID_OK:
- userProvidedFilename = True
- self.filepath = dialog.GetPath()
- (p1,p2) = os.path.split(self.filepath)
- self.dirname = p1
- self.filename = p2
- self.SetTitle() # Update the window title with the new filename
- else:
- userProvidedFilename = False
- dialog.Destroy()
- return userProvidedFilename
-
- # Are we dropping a changed file?
-
- def ConfirmLoss(self,text=None):
- """
- Try to drop the current file. If it was changed, try to save
- (as)
-
- Returns true after the user seems to be happy either way, false
- if we need to cancel this.
- """
- if self.editor.GetChanged():
- # File changed, we need to confirm this
- title = "Unsaved changes"
- if text:
- title = "%s - " + title
- txt = "The protocol file '%s' has been modified.\n\n" % (self.filename)
- txt = txt + "Do you want to"
- txt = txt + " save your changes (Yes)"
- txt = txt + " or"
- txt = txt + " discard them (No)"
- txt = txt + "?"
- dialog = wx.MessageDialog(self,txt,title,wx.YES_NO | wx.CANCEL | wx.ICON_EXCLAMATION)
- result = dialog.ShowModal()
- dialog.Destroy()
- if result == wx.ID_NO:
- # Drop changes
- return True
- elif result == wx.ID_YES:
- # First save(as)!
- if self.OnSaveAs(None):
- # Succeeded, we can continue with the operation
- return True
- else:
- # Save did not succeed
- return False
- else:
- # Assume cancel (wx.ID_CANCEL) otherwise
- return False
- else:
- # File was not changed, so we can just proceed
- return True
-
- # Event handlers
-
- def OnAbout(self, event):
- dlg = About.AboutScyther(self)
- dlg.ShowModal()
- dlg.Destroy()
-
- def OnExit(self, event):
- if self.ConfirmLoss("Exit"):
- self.Close() # Close the main window.
- return True
- return False
-
- def OnSave(self, event):
- textfile = open(os.path.join(self.dirname, self.filename), 'w')
- textfile.write(self.editor.GetText())
- textfile.close()
- self.editor.SetSaved()
- return True
-
- def OnOpen(self, event):
- if self.ConfirmLoss("Open"):
- if self.askUserForFilename(style=wx.OPEN,
- **self.defaultFileDialogOptions()):
- textfile = open(os.path.join(self.dirname, self.filename), 'r')
- self.editor.SetText(textfile.read())
- textfile.close()
- self.editor.SetOpened()
- return True
- return False
-
- def OnSaveAs(self, event):
- if self.askUserForFilename(defaultFile=self.filename, style=wx.SAVE,
- **self.defaultFileDialogOptions()):
- self.OnSave(event)
- os.chdir(self.dirname)
- return True
- return False
-
- def RunScyther(self, mode):
- # Clear errors before verification
- self.editor.SetErrors(None)
- # Verify spdl
- spdl = self.editor.GetText()
- s = Scytherthread.ScytherRun(self,mode,spdl,self.editor.SetErrors)
-
- def OnVerify(self, event):
- self.RunScyther("verify")
-
- def OnAutoVerify(self, event):
- self.RunScyther("autoverify")
-
- def OnCharacterize(self, event):
- self.RunScyther("characterize")
-
- def OnCheck(self, event):
- self.RunScyther("check")
-
- def firstCommand(self):
- if self.opts.command:
- # Trigger a command automatically
- self.Show(True)
- self.RunScyther(self.opts.command)
-
-
-#---------------------------------------------------------------------------
-# vim: set ts=4 sw=4 et list lcs=tab\:>-:
diff --git a/Vagrant Files/shared/scyther/Gui/Makeimage.py b/Vagrant Files/shared/scyther/Gui/Makeimage.py
deleted file mode 100644
index 220996f53dcfdf06300afe2c41a103b4cd9ee33d..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Gui/Makeimage.py
+++ /dev/null
@@ -1,180 +0,0 @@
-#!/usr/bin/python
-"""
- Scyther : An automatic verifier for security protocols.
- Copyright (C) 2007-2013 Cas Cremers
-
- This program is free software; you can redistribute it and/or
- modify it under the terms of the GNU General Public License
- as published by the Free Software Foundation; either version 2
- of the License, or (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-"""
-
-
-#---------------------------------------------------------------------------
-
-""" Import externals """
-import wx
-import os
-import sys
-from subprocess import Popen, PIPE
-
-#---------------------------------------------------------------------------
-
-""" Import scyther components """
-from Scyther import Misc as MiscScyther
-from Scyther import FindDot
-
-""" Import scyther-gui components """
-import Temporary
-import Preference
-
-#---------------------------------------------------------------------------
-try:
- import Image
-except ImportError:
- pass
-#---------------------------------------------------------------------------
-
-
-def writeGraph(attackthread,txt,fp):
-
- EDGE = 0
- NODE = 1
- DEFAULT = 2
- ALL = 3
-
- def graphLine(txt):
- fp.write("\t%s;\n" % (txt))
-
- def setAttr(atxt,EdgeNodeDefAll=ALL):
- if EdgeNodeDefAll == ALL:
- setAttr(atxt,EDGE)
- setAttr(atxt,NODE)
- setAttr(atxt,DEFAULT)
- else:
- if EdgeNodeDefAll == EDGE:
- edge = "edge"
- elif EdgeNodeDefAll == NODE:
- edge = "node"
- else:
- graphLine("%s" % atxt)
- return
- graphLine("%s [%s]" % (edge,atxt))
-
- if sys.platform.startswith("darwin"):
- attackthread.fontname = "Helvetica"
- elif sys.platform.startswith("win"):
- attackthread.fontname = "Courier"
- else:
- #font = wx.Font(9,wx.SWISS,wx.NORMAL,wx.NORMAL)
- #attackthread.fontname = font.GetFaceName()
- attackthread.fontname = "\"Helvetica\""
-
- # write all graph lines but add layout modifiers
- for l in txt.splitlines():
- fp.write(l)
- if l.startswith("digraph"):
- # Write additional stuff for this graph
- #
- # [CC][x] This dpi setting messed up quite a bit
- #graphLine("dpi=96")
- graphLine("rankdir=TB")
- #graphLine("nodesep=0.1")
- #graphLine("ranksep=0.001")
- #graphLine("mindist=0.1")
-
- # Set fontname
- if attackthread.fontname:
- fontstring = "fontname=%s" % (attackthread.fontname)
- setAttr(fontstring)
-
- # Stupid Mac <> Graphviz bug fix
- if (sys.platform.startswith("mac")) or (sys.platform.startswith("darwin")):
- # Note that dot on Mac cannot find the fonts by default,
- # and we have to set them accordingly.
- os.environ["DOTFONTPATH"]="~/Library/Fonts:/Library/Fonts:/System/Library/Fonts"
-
- # Select font size
- if attackthread.parent and attackthread.parent.mainwin:
- fontsize = attackthread.parent.mainwin.settings.fontsize
- setAttr("fontsize=%s" % fontsize)
- #setAttr("height=\"0.1\"",NODE)
- #setAttr("width=\"1.0\"",NODE)
- #setAttr("margin=\"0.3,0.03\"",NODE)
-
-
-def makeImageDot(dotdata,attackthread=None):
- """ create image for this particular dot data """
-
- if Preference.usePIL():
- # If we have the PIL library, we can do postscript! great
- # stuff.
- type = "ps"
- ext = ".ps"
- else:
- # Ye olde pnge file
- type = "png"
- ext = ".png"
-
- # Retrieve dot command path
- dotcommand = FindDot.findDot()
-
- # command to write to temporary file
- (fd2,fpname2) = Temporary.tempcleaned(ext)
- f = os.fdopen(fd2,'w')
-
- # Set up command
- cmd = "%s -T%s" % (dotcommand,type)
-
- # execute command
- p = Popen(cmd, shell=True, stdin=PIPE, stdout=PIPE)
-
-
- if attackthread:
- writeGraph(attackthread,dotdata,p.stdin)
- else:
- p.stdin.write(dotdata)
-
- p.stdin.close()
-
- for l in p.stdout.read():
- f.write(l)
-
- p.stdout.close()
- f.flush()
- f.close()
-
- return (fpname2, type)
-
-
-def makeImage(attack,attackthread=None):
- """ create image for this particular attack """
-
- """ This should clearly be a method of 'attack' """
-
- (name,type) = makeImageDot(attack.scytherDot,attackthread)
- # if this is done, store and report
- attack.file = name
- attack.filetype = type
-
-
-def testImage():
- """
- We generate a postscript file from a dot file, and see what happens.
- """
-
- dotdata = "digraph X {\nA->B;\n}\n"
- (filename,filetype) = makeImageDot(dotdata)
- testimage = Image.open(filename)
-
-#---------------------------------------------------------------------------
-# vim: set ts=4 sw=4 et list lcs=tab\:>-:
diff --git a/Vagrant Files/shared/scyther/Gui/Misc.py b/Vagrant Files/shared/scyther/Gui/Misc.py
deleted file mode 100644
index f255124b901660b5cef3c81de99fd6931092982a..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Gui/Misc.py
+++ /dev/null
@@ -1,90 +0,0 @@
-"""
- Scyther : An automatic verifier for security protocols.
- Copyright (C) 2007-2013 Cas Cremers
-
- This program is free software; you can redistribute it and/or
- modify it under the terms of the GNU General Public License
- as published by the Free Software Foundation; either version 2
- of the License, or (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-"""
-
-#
-# Misc.py
-# Various helper functions
-
-#---------------------------------------------------------------------------
-
-""" Import externals """
-import os.path
-from subprocess import Popen,PIPE
-
-#---------------------------------------------------------------------------
-
-def confirm(question):
- answer = ''
- while answer not in ('y','n'):
- print question,
- answer = raw_input().lower()
- return answer == 'y'
-
-def exists(func,list):
- return len(filter(func,list)) > 0
-
-def forall(func,list):
- return len(filter(func,list)) == len(list)
-
-def uniq(li):
- result = []
- for elem in li:
- if (not elem in result):
- result.append(elem)
- return result
-
-# Return a sorted copy of a list
-def sorted(li):
- result = li[:]
- result.sort()
- return result
-
-
-# path
-def mypath(file):
- """ Construct a file path relative to the scyther-gui main directory
- """
- import os, inspect
-
- # Determine base directory (taking symbolic links into account)
- cmd_file = os.path.realpath(os.path.abspath(inspect.getfile( inspect.currentframe() )))
- basedir = os.path.split(cmd_file)[0]
- return os.path.join(basedir,file)
-
-# commands: push data in, get fp.write out
-def cmdpushwrite(cmd,data,fname):
- """
- Feed stdin data to cmd, write the output to a freshly created file
- 'fname'. The file is flushed and closed at the end.
- """
- fp = open(fname,'w')
- # execute command
- p = Popen(cmd, shell=True, stdin=PIPE, stdout=PIPE)
- (cin,cout) = (p.stdin, p.stdout)
-
- cin.write(data)
- cin.close()
- for l in cout.read():
- fp.write(l)
- cout.close()
- fp.flush()
- fp.close()
-
-#---------------------------------------------------------------------------
-# vim: set ts=4 sw=4 et list lcs=tab\:>-:
diff --git a/Vagrant Files/shared/scyther/Gui/Preference.py b/Vagrant Files/shared/scyther/Gui/Preference.py
deleted file mode 100644
index 90db53190cdd49151202d90e6dd9b73ef9e200db..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Gui/Preference.py
+++ /dev/null
@@ -1,240 +0,0 @@
-#!/usr/bin/python
-"""
- Scyther : An automatic verifier for security protocols.
- Copyright (C) 2007-2013 Cas Cremers
-
- This program is free software; you can redistribute it and/or
- modify it under the terms of the GNU General Public License
- as published by the Free Software Foundation; either version 2
- of the License, or (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-"""
-
-
-"""
- Preferences window and logic for saving and loading such things.
- Thus, some default things can be set here.
-
- init loads stuff
- save save the settings after some changes
- set(k,v)
- get(k)
-
- Currently used:
-
- match
- maxruns
- scytheroptions
- bindir where the scyther executables reside
- splashscreen 0/1
-"""
-
-#---------------------------------------------------------------------------
-
-""" Import externals """
-
-import wx
-import os.path
-import sys
-from time import localtime,strftime
-
-#---------------------------------------------------------------------------
-
-""" Import scyther-gui components """
-import Makeimage
-
-#---------------------------------------------------------------------------
-
-""" Globals """
-# Do we have the Python Imaging library?
-havePIL = True
-testPILOkay = None
-try:
- import Image
-except ImportError:
- havePIL = False
-
-""" Locations of preferences. The last one is supposedly writable. """
-prefname = "scythergui-config"
-preflocs = []
-
-#---------------------------------------------------------------------------
-
-def usePIL():
- """
- Determine whether or not we should use the PIL library
- """
- global havePIL, testPILOkay
-
- if not havePIL:
- return False
-
- # Only if we have it, and it is windows.
- if not sys.platform.startswith("lin"):
- return False
-
- # Seems fine. But did we already test it?
- if testPILOkay != None:
- return testPILOkay
-
- # Test the usage
- testPILOkay = True
- testPILOkay = testPIL()
- return testPILOkay
-
-def doNotUsePIL():
- """
- Disable
- """
- global havePIL
-
- havePIL = False
-
-
-def testPIL():
- """
- Test whether PIL works as we want it.
-
- We generate a postscript file from a dot file, and see what happens.
- """
-
- # depends on PIL lib
- okay = True
- try:
- Makeimage.testImage()
- # PIL seems fine
- except:
- # PIL broke
- doNotUsePIL()
- okay = False
-
- return okay
-
-
-#---------------------------------------------------------------------------
-
-class Preferences(dict):
-
- def setDict(self,d):
- """
- Copy dict into self.
- """
- for x in d.keys():
- self[x] = d[x]
-
- def parse(self,line):
- line = line.strip()
-
- """ Skip comments """
- if not line.startswith("#"):
- split = line.find("=")
- if split != -1:
- key = line[:split].strip()
- data = line[(split+1):]
- self[key] = data.decode("string_escape")
- #print "Read %s=%s" % (key,self[key])
-
- def load(self,file=""):
- if file == None:
- self["test1"] = "Dit is met een ' en een \", en dan\nde eerste dinges"
- self["test2"] = "En dit de tweede"
- elif file == "":
- """
- Test default locations
- """
- for f in preflocs:
- self.load(os.path.join(f,prefname))
-
- else:
- """
- Read this file
- """
- if os.path.isfile(file):
- fp = open(file,"r")
- for l in fp.readlines():
- self.parse(l)
- fp.close()
-
- def show(self):
- print "Preferences:"
- for k in self.keys():
- print "%s=%s" % (k, self[k])
-
- def save(self):
-
- print "Saving preferences"
- prefpath = preflocs[-1]
- if not os.access(prefpath,os.W_OK):
- os.makedirs(prefpath)
- savename = os.path.join(prefpath,prefname)
- fp = open(savename,"w")
-
- fp.write("# Scyther-gui configuration file.\n#\n")
- date = strftime("%c",localtime())
- fp.write("# Last written on %s\n" % (date))
- fp.write("# Do not edit - any changes will be overwritten by Scyther-gui\n\n")
-
- l = list(self.keys())
- l.sort()
- for k in l:
- fp.write("%s=%s\n" % (k, self[k].encode("string_escape")))
-
- fp.close()
-
-def init():
- """
- Load the preferences from a file, if possible
- """
- global prefs,preflocs
-
- sp = wx.StandardPaths.Get()
- confdir = sp.GetConfigDir()
- confdir += "/scyther"
- #print confdir
- userconfdir = sp.GetUserConfigDir()
- userconfdir += "/"
- if sys.platform.startswith("lin"):
- userconfdir += "."
- userconfdir += "scyther"
- #print userconfdir
-
- preflocs = [confdir,userconfdir]
-
- prefs = Preferences()
- prefs.load("")
-
-
-def get(key,alt=None):
- global prefs
-
- if key in prefs.keys():
- return prefs[key]
- else:
- return alt
-
-def getkeys():
- global prefs
-
- return prefs.keys()
-
-def set(key,value):
- global prefs
-
- prefs[key]=value
- return
-
-def save():
- global prefs
-
- prefs.save()
-
-#---------------------------------------------------------------------------
-# vim: set ts=4 sw=4 et list lcs=tab\:>-:
diff --git a/Vagrant Files/shared/scyther/Gui/Scytherthread.py b/Vagrant Files/shared/scyther/Gui/Scytherthread.py
deleted file mode 100644
index 2cd5d1aaa51cbce8fbf1f55e8149363e2dde61a0..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Gui/Scytherthread.py
+++ /dev/null
@@ -1,543 +0,0 @@
-#!/usr/bin/python
-"""
- Scyther : An automatic verifier for security protocols.
- Copyright (C) 2007-2013 Cas Cremers
-
- This program is free software; you can redistribute it and/or
- modify it under the terms of the GNU General Public License
- as published by the Free Software Foundation; either version 2
- of the License, or (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-"""
-
-
-#---------------------------------------------------------------------------
-
-""" Import externals """
-import wx
-import threading
-
-#---------------------------------------------------------------------------
-
-""" Import scyther components """
-import Scyther.Scyther
-import Scyther.Error
-from Scyther.Misc import *
-
-""" Import scyther-gui components """
-import Preference
-import Attackwindow
-import Icon
-import Error
-import Makeimage
-
-#---------------------------------------------------------------------------
-if Preference.havePIL:
- import Image
-#---------------------------------------------------------------------------
-
-class ScytherThread(threading.Thread):
- """
- Apply Scyther algorithm to input and retrieve results
- """
-
- # Override Thread's __init__ method to accept the parameters needed:
- def __init__ ( self, spdl, options="", callback=None, mode=None ):
-
- self.spdl = spdl
- self.options = options
- self.callback = callback
- self.mode = mode
- self.popenList = []
- threading.Thread.__init__ ( self )
-
- def storePopen(self,p):
- self.popenList.append(p)
-
- def cleanExit(self):
- # Cleanup of spawned processes
- for index,p in enumerate(self.popenList):
- try:
- p.kill()
- except:
- pass
- self.popenList = []
-
- def run(self):
-
- (scyther, claims, summary) = self.claimResults()
-
- # Results are done (claimstatus can be reported)
- if self.callback:
- wx.CallAfter(self.callback, scyther, claims, summary)
-
- def claimFixViewOne(self,claims):
- """
- This is a stupid hack as long as switches.useAttackBuffer in
- Scyther C code is false. It is currently false because Windows
- VISTA screwed up the standard C function tmpfile() (It's in a
- directory to which normal users cannot write...)
- """
- # TODO Notice the stupid default setting too ('2') which is
- # needed here. This really needs cleanup.
- if int(Preference.get('prune','2')) != 0:
- if claims:
- for cl in claims:
- if len(cl.attacks) > 1:
- # Fix it such that by default, only the best attack is
- # shown, unless we are in characterize or check mode
- # TODO [X] [CC] make switch-dependant.
- if not self.mode in ["characterize","check"]:
- cl.attacks = [cl.attacks[-1]]
- """ Cutting invalidates exactness of attack/behaviour counts """
- cl.complete = False
-
- return claims
-
- def claimResults(self):
- """ Convert spdl to result (using Scyther)
- """
-
- scyther = Scyther.Scyther.Scyther()
-
- scyther.options = self.options
- scyther.setInput(self.spdl)
-
- # verification start
- try:
- claims = scyther.verify(storePopen=self.storePopen)
- except Scyther.Error.ScytherError, el:
- claims = None
- pass
-
- summary = str(scyther)
-
- claims = self.claimFixViewOne(claims)
-
- return (scyther, claims, summary)
-
-#---------------------------------------------------------------------------
-
-class AttackThread(threading.Thread):
-
- """ This is a thread because it computes images from stuff in the
- background """
-
- # Override Thread's __init__ method to accept the parameters needed:
- def __init__ ( self, parent, resultwin, callbackclaim=None,callbackattack=None,callbackdone=None ):
-
- self.parent = parent
- self.resultwin = resultwin
- self.callbackclaim = callbackclaim
- self.callbackattack = callbackattack
- self.callbackdone = callbackdone
- self.totalattacks = 0
- for cl in self.parent.claims:
- for attack in cl.attacks:
- self.totalattacks += 1
-
- threading.Thread.__init__ ( self )
-
- def run(self):
-
- # create the images in the background
- # when the images of a claim are done, callback is called with
- # the claim
- self.makeImages()
-
- def makeImages(self):
- """ create images """
-
- done = 0
- for cl in self.parent.claims:
- for attack in cl.attacks:
- Makeimage.makeImage(attack,self)
- done += 1
- if self.callbackattack:
- wx.CallAfter(self.callbackattack,attack,self.totalattacks,done)
- if self.callbackclaim:
- wx.CallAfter(self.callbackclaim,cl)
- if self.callbackdone:
- wx.CallAfter(self.callbackdone)
-
-
-#---------------------------------------------------------------------------
-
-class VerificationWindow(wx.Dialog):
- def __init__(
- self, parent, title, pos=wx.DefaultPosition, size=wx.DefaultSize,
- style=wx.DEFAULT_DIALOG_STYLE
- ):
-
- wx.Dialog.__init__(self,parent,-1,title,pos,size,style)
-
- sizer = wx.BoxSizer(wx.VERTICAL)
-
- label = wx.StaticText(self, -1, "Verifying protocol description")
- sizer.Add(label, 0, wx.ALIGN_CENTRE|wx.ALL, 5)
-
- line = wx.StaticLine(self, -1, size=(20,-1), style=wx.LI_HORIZONTAL)
- sizer.Add(line, 0, wx.GROW|wx.ALIGN_CENTER_VERTICAL|wx.RIGHT|wx.TOP, 5)
-
- btnsizer = wx.StdDialogButtonSizer()
-
- btn = wx.Button(self, wx.ID_CANCEL)
- btnsizer.AddButton(btn)
- btnsizer.Realize()
-
- sizer.Add(btnsizer, 0, wx.ALIGN_CENTER_VERTICAL|wx.ALL|wx.ALIGN_CENTER, 5)
-
- self.SetSizer(sizer)
- sizer.Fit(self)
-
- self.Center()
- self.Show(True)
-
-#---------------------------------------------------------------------------
-
-class ErrorWindow(wx.Dialog):
- def __init__(
- self, parent, title, pos=wx.DefaultPosition, size=wx.DefaultSize,
- style=wx.DEFAULT_DIALOG_STYLE,errors=[]
- ):
-
- wx.Dialog.__init__(self,parent,-1,title,pos,size,style)
-
- sizer = wx.BoxSizer(wx.VERTICAL)
-
- label = wx.StaticText(self, -1, "Errors")
- sizer.Add(label, 0, wx.ALIGN_LEFT|wx.ALL, 5)
-
- line = wx.StaticLine(self, -1, size=(20,-1), style=wx.LI_HORIZONTAL)
- sizer.Add(line, 0, wx.GROW|wx.ALIGN_CENTER_VERTICAL|wx.RIGHT|wx.TOP, 5)
-
- etxt = ""
- prefix = "error: "
- for er in errors:
- if er.startswith(prefix):
- er = er[len(prefix):]
- etxt = etxt + "%s\n" % (er)
-
- label = wx.StaticText(self, -1, etxt)
- sizer.Add(label, 0, wx.ALIGN_LEFT|wx.ALL, 5)
-
- line = wx.StaticLine(self, -1, size=(20,-1), style=wx.LI_HORIZONTAL)
- sizer.Add(line, 0, wx.GROW|wx.ALIGN_CENTER_VERTICAL|wx.RIGHT|wx.TOP, 5)
-
- btnsizer = wx.StdDialogButtonSizer()
-
- btn = wx.Button(self, wx.ID_OK)
- btnsizer.AddButton(btn)
- btnsizer.Realize()
-
- sizer.Add(btnsizer, 0, wx.ALIGN_CENTER_VERTICAL|wx.ALL|wx.ALIGN_CENTER, 5)
-
- self.SetSizer(sizer)
- sizer.Fit(self)
-
-#---------------------------------------------------------------------------
-
-class ResultWindow(wx.Frame):
-
- """
- Displays the claims status and contains buttons to show the actual
- attack graphs
- """
-
- def __init__(
- self, parent, parentwindow, title, pos=wx.DefaultPosition, size=wx.DefaultSize,
- style=wx.DEFAULT_DIALOG_STYLE
- ):
-
- wx.Frame.__init__(self,parentwindow,-1,title,pos,size,style)
-
- Icon.ScytherIcon(self)
-
- self.parent = parent
- self.thread = None
- self.Bind(wx.EVT_CLOSE, self.onCloseWindow)
-
- self.CreateStatusBar()
- self.BuildTable()
-
- def onViewButton(self,evt):
- btn = evt.GetEventObject()
- try:
- w = Attackwindow.AttackWindow(btn.claim)
- w.Show(True)
- except Error.PILError:
- Error.ShowAndReturn("Problem with PIL imaging library: disabled zooming. Please retry to verify the protocol again.")
- self.onCloseWindow(None)
-
- def onCloseWindow(self,evt):
- """ TODO we should kill self.thread """
-
- # Clean up
- self.parent.claims = None
-
- self.Destroy()
-
- def BuildTable(self):
- # Now continue with the normal construction of the dialog
- # contents
-
- # For these claims...
- claims = self.parent.claims
-
- # set up grid
- self.grid = grid = wx.GridBagSizer(0,0)
- #self.grid = grid = wx.GridBagSizer(7,1+len(claims))
-
- def titlebar(x,title,width=1):
- txt = wx.StaticText(self,-1,title)
- font = wx.Font(14,wx.FONTFAMILY_DEFAULT,wx.FONTSTYLE_NORMAL,wx.FONTWEIGHT_BOLD)
- txt.SetFont(font)
- grid.Add(txt,(0,x),(1,width),wx.ALL,10)
-
- titlebar(0,"Claim",4)
- titlebar(4,"Status",2)
- titlebar(6,"Comments",1)
-
- self.lastprot = None
- self.lastrole = None
- views = 0
- for index in range(0,len(claims)):
- views += self.BuildClaim(grid,claims[index],index+1)
-
- if views > 0:
- titlebar(7,"Patterns",1)
-
- self.SetSizer(grid)
- self.Fit()
-
- def BuildClaim(self,grid,cl,ypos):
- # a support function
- def addtxt(txt,column):
- txt = txt.replace("-","_") # Strange fix for wx.StaticText as it cuts off the display.
- grid.Add(wx.StaticText(self,-1,txt),(ypos,column),(1,1),wx.ALIGN_CENTER_VERTICAL|wx.ALL,10)
-
- n = len(cl.attacks)
- xpos = 0
-
- # protocol, role, label
- prot = str(cl.protocol)
- showP = False
- showR = False
- if prot != self.lastprot:
- self.lastprot = prot
- showP = True
- showR = True
- role = str(cl.role)
- if role != self.lastrole:
- self.lastrole = role
- showR = True
- if showP:
- addtxt(prot,xpos)
- if showR:
- addtxt(role,xpos+1)
- xpos += 2
-
- # claim id
- addtxt(str(cl.id),xpos)
- xpos += 1
-
- # claim parameters
- claimdetails = str(cl.claimtype)
- if cl.parameter:
- claimdetails += " %s" % (cl.parameter)
- # Cut off if very very long
- if len(claimdetails) > 50:
- claimdetails = claimdetails[:50] + "..."
- addtxt(claimdetails + " ",xpos)
- xpos += 1
-
- # button for ok/fail
- if None:
- # old style buttons (but they looked ugly on windows)
- tsize = (16,16)
- if cl.okay:
- bmp = wx.ArtProvider_GetBitmap(wx.ART_TICK_MARK,wx.ART_CMN_DIALOG,tsize)
- else:
- bmp = wx.ArtProvider_GetBitmap(wx.ART_CROSS_MARK,wx.ART_CMN_DIALOG,tsize)
- if not bmp.Ok():
- bmp = wx.EmptyBitmap(tsize)
- bmpfield = wx.StaticBitmap(self,-1,bmp)
- grid.Add(bmpfield,(ypos,xpos),(1,1),wx.ALIGN_CENTER_VERTICAL|wx.ALL,10)
- else:
- # new style text control Ok/Fail
- rankc = cl.getColour()
- rankt = cl.getOkay()
- txt = wx.StaticText(self,-1,rankt)
- font = wx.Font(11,wx.FONTFAMILY_DEFAULT,wx.FONTSTYLE_NORMAL,wx.FONTWEIGHT_BOLD)
- txt.SetFont(font)
- txt.SetForegroundColour(rankc)
- grid.Add(txt,(ypos,xpos),(1,1),wx.ALL,10)
- xpos += 1
-
- # verified?
- vt = cl.getVerified()
- if vt:
- addtxt(vt,xpos)
- xpos += 1
-
- # remark something
- addtxt(cl.getComment(),xpos)
- xpos += 1
-
- # add view button (enabled later if needed)
- if n > 0:
- cl.button = wx.Button(self,-1,"%i %s" % (n,cl.stateName(n)))
- cl.button.claim = cl
- grid.Add(cl.button,(ypos,xpos),(1,1),wx.ALIGN_CENTER_VERTICAL|wx.ALL,5)
- cl.button.Disable()
- if n > 0:
- # Aha, something to show
- self.Bind(wx.EVT_BUTTON, self.onViewButton,cl.button)
- else:
- cl.button = None
- xpos += 1
-
- # Return 1 if there is a view possible
- if n > 0:
- return 1
- else:
- return 0
-
-
-#---------------------------------------------------------------------------
-
-class ScytherRun(object):
-
- def __init__(self,mainwin,mode,spdl,errorcallback=None):
-
- self.mainwin = mainwin
- self.mode = mode
- self.spdl = spdl
- self.verified = False
- self.options = mainwin.settings.ScytherArguments(mode)
- self.errorcallback=errorcallback
- self.SThread = None
-
- self.main()
-
- def closer(self,ev):
- # Triggered when the window is closed/verification cancelled
- t = self.SThread
- if t != None:
- self.SThread = None
- t.cleanExit()
- try:
- self.verifywin.Destroy()
- except:
- pass
- self.verifywin = None
- ev.Skip()
-
- def main(self):
- """
- Start process
- """
-
- title = "Running Scyther %s process" % self.mode
- # start the window and show until something happens
- # if it terminates, this is a cancel, and should also kill the thread. (what happens to a spawned Scyther in that case?)
- # if the thread terminames, it should close the window normally, and we end up here as well.
- #val = self.verifywin.ShowModal()
- self.verifywin = VerificationWindow(self.mainwin,title)
-
- # Check sanity of Scyther thing here (as opposed to the thread)
- # which makes error reporting somewhat easier
- try:
- Scyther.Scyther.Check()
- except Scyther.Error.BinaryError, e:
- # e.file is the supposed location of the binary
- text = "Could not find Scyther binary at\n%s" % (e.file)
- Error.ShowAndExit(text)
-
- # start the thread
- self.verifywin.SetCursor(wx.StockCursor(wx.CURSOR_WAIT))
- self.verifywin.Bind(wx.EVT_CLOSE, self.closer)
- self.verifywin.Bind(wx.EVT_WINDOW_DESTROY, self.closer)
- self.verifywin.Bind(wx.EVT_BUTTON, self.closer, id=wx.ID_CANCEL)
-
- self.SThread = ScytherThread(self.spdl, self.options, self.verificationDone, self.mode)
- self.SThread.start()
-
- # after verification, we proceed to the callback below...
-
- def verificationDone(self, scyther, claims, summary):
- """
- This is where we end up after a callback from the thread, stating that verification succeeded.
- """
-
- if self.verifywin == None:
- return
-
- self.scyther = scyther
- self.claims = claims
- self.summary = summary
-
- self.verified = True
- self.verifywin.Close()
-
- # Process the claims
- if self.scyther.errorcount == 0:
- self.verificationOkay()
- else:
- self.verificationErrors()
-
- def verificationOkay(self):
-
- # Great, we verified stuff, progress to the claim report
- title = "Scyther results : %s" % self.mode
- self.resultwin = resultwin = ResultWindow(self,self.mainwin,title)
-
- def attackDone(attack,total,done):
- if resultwin:
- txt = "Generating attack graphs (%i of %i done)." % (done,total)
- resultwin.SetStatusText(txt)
- #resultwin.Refresh()
-
- def claimDone(claim):
- if resultwin:
- if claim.button and len(claim.attacks) > 0:
- claim.button.Enable()
-
- def allDone():
- if resultwin:
- resultwin.SetCursor(wx.StockCursor(wx.CURSOR_ARROW))
- resultwin.SetStatusText("Done.")
-
- resultwin.Center()
- resultwin.Show(True)
- resultwin.SetCursor(wx.StockCursor(wx.CURSOR_ARROWWAIT))
-
- wx.Yield()
-
- t = AttackThread(self,resultwin,claimDone,attackDone,allDone)
- t.start()
-
- resultwin.thread = t
-
- def verificationErrors(self):
- """
- Verification process generated errors. Show them.
- """
-
- if self.errorcallback:
- self.errorcallback(self.scyther.errors)
- title = "Scyther errors : %s" % self.mode
- errorwin = ErrorWindow(self.mainwin,title,errors=self.scyther.errors)
- errorwin.Center()
- val = errorwin.ShowModal()
-
-#---------------------------------------------------------------------------
-# vim: set ts=4 sw=4 et list lcs=tab\:>-:
diff --git a/Vagrant Files/shared/scyther/Gui/Settingswindow.py b/Vagrant Files/shared/scyther/Gui/Settingswindow.py
deleted file mode 100644
index 5bc5fa96a1f28ae189b80eef982cbb02d9194277..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Gui/Settingswindow.py
+++ /dev/null
@@ -1,196 +0,0 @@
-#!/usr/bin/python
-"""
- Scyther : An automatic verifier for security protocols.
- Copyright (C) 2007-2013 Cas Cremers
-
- This program is free software; you can redistribute it and/or
- modify it under the terms of the GNU General Public License
- as published by the Free Software Foundation; either version 2
- of the License, or (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-"""
-
-
-#---------------------------------------------------------------------------
-
-""" Import externals """
-import wx
-import sys
-
-#---------------------------------------------------------------------------
-
-""" Import scyther-gui components """
-import Preference
-import Scyther.Claim as Claim
-
-#---------------------------------------------------------------------------
-
-class MyGrid(wx.GridBagSizer):
-
- def __init__(self,parent):
- wx.GridBagSizer.__init__(self,hgap=5, vgap=5)
- self.ypos = 0
- self.parent = parent
-
- def stepAdd(self,ctrl,txt):
- self.Add(txt,(self.ypos,0),flag=wx.ALIGN_LEFT|wx.ALIGN_CENTER_VERTICAL)
- self.Add(ctrl,(self.ypos,1),flag=wx.ALIGN_LEFT)
- self.ypos += 1
-
- def lineAdd(self):
- return
- line = wx.StaticLine(self.parent,-1)
- # Currently it is not expanded, and thus invisible.
- self.Add(line,pos=(self.ypos,0),span=(1,2),flag=wx.TOP|wx.BOTTOM)
- self.ypos += 1
-
- def titleAdd(self,title,firstLine=True):
- if firstLine:
- self.lineAdd()
- self.ypos += 1
- txt = wx.StaticText(self.parent,-1,title)
- font = wx.Font(12,wx.FONTFAMILY_DEFAULT,wx.FONTSTYLE_NORMAL,wx.FONTWEIGHT_BOLD)
- txt.SetFont(font)
- self.Add(txt,pos=(self.ypos,0),span=(1,2),flag=wx.ALIGN_LEFT)
- self.ypos += 1
- self.lineAdd()
-
-#---------------------------------------------------------------------------
-
-class SettingsWindow(wx.Panel):
-
- def __init__(self,parent,daddy):
- wx.Panel.__init__(self,parent,-1)
- self.win = daddy
-
- # layout the stuff
- grid = MyGrid(self)
-
- ### Parameters
- grid.titleAdd("Verification parameters",False)
-
- # Bound on the number of runs
- self.maxruns = int(Preference.get('maxruns','5'))
- txt = wx.StaticText(self,-1,"Maximum number of runs\n(0 disables bound)")
- ctrl = wx.SpinCtrl(self, -1, "",style=wx.RIGHT)
- ctrl.SetRange(0,100)
- ctrl.SetValue(self.maxruns)
- self.Bind(wx.EVT_SPINCTRL,self.EvtRuns,ctrl)
- grid.stepAdd(ctrl,txt)
-
- # Matchin options
- self.match = int(Preference.get('match','0'))
- claimoptions = ['typed matching','find basic type flaws','find all type flaws']
- r2 = wx.StaticText(self,-1,"Matching type")
- l2 = self.ch = wx.Choice(self,-1,choices=claimoptions)
- l2.SetSelection(self.match)
- self.Bind(wx.EVT_CHOICE,self.EvtMatch,l2)
- grid.stepAdd(l2,r2)
-
- ### MISC expert stuff
- grid.titleAdd("Advanced parameters")
-
- # Continue after finding the first attack
- self.prune = int(Preference.get('prune','2'))
- claimoptions = ['Find all attacks','Find first attack','Find best attack']
- r8 = wx.StaticText(self,-1,"Search pruning")
- l8 = self.ch = wx.Choice(self,-1,choices=claimoptions)
- l8.SetSelection(self.prune)
- self.Bind(wx.EVT_CHOICE,self.EvtPrune,l8)
- grid.stepAdd(l8,r8)
-
- # Bound on the number of patterns
- self.maxattacks = int(Preference.get('maxattacks','10'))
- r9 = wx.StaticText(self,-1,"Maximum number of patterns\nper claim")
- l9 = wx.SpinCtrl(self, -1, "",style=wx.RIGHT)
- l9.SetRange(0,100)
- l9.SetValue(self.maxattacks)
- self.Bind(wx.EVT_SPINCTRL,self.EvtMaxAttacks,l9)
- grid.stepAdd(l9,r9)
-
- self.misc = Preference.get('scytheroptions','')
- r10 = wx.StaticText(self,-1,"Additional backend parameters")
- l10 = wx.TextCtrl(self,-1,self.misc,size=(200,-1))
- self.Bind(wx.EVT_TEXT,self.EvtMisc,l10)
- grid.stepAdd(l10,r10)
-
- ### Graph output stuff
- grid.titleAdd("Graph output parameters")
-
- # Bound on the number of classes/attacks
- if sys.platform.startswith("lin"):
- defsize = 14
- else:
- defsize = 11
- self.fontsize = int(Preference.get('fontsize',defsize))
- txt = wx.StaticText(self,-1,"Attack graph font size\n(in points)")
- ctrl = wx.SpinCtrl(self, -1, "",style=wx.RIGHT)
- ctrl.SetRange(6,32)
- ctrl.SetValue(self.fontsize)
- self.Bind(wx.EVT_SPINCTRL,self.EvtFontsize,ctrl)
- grid.stepAdd(ctrl,txt)
-
- ### Combine
- grid.lineAdd()
- self.SetSizer(grid)
- self.SetAutoLayout(True)
-
- def EvtMatch(self,evt):
- self.match = evt.GetInt()
-
- def EvtRuns(self,evt):
- self.maxruns = evt.GetInt()
-
- def EvtFontsize(self,evt):
- self.fontsize = evt.GetInt()
-
- def EvtPrune(self,evt):
- self.prune = evt.GetInt()
- Preference.set('prune',self.prune)
-
- def EvtMaxAttacks(self,evt):
- self.maxattacks = evt.GetInt()
-
- def EvtMisc(self,evt):
- self.misc = evt.GetString()
-
- def ScytherArguments(self,mode):
- """ Note: constructed strings should have a space at the end to
- correctly separate the options.
- """
-
- tstr = ""
-
- # Number of runs
- tstr += "--max-runs=%s " % (str(self.maxruns))
- # Matching type
- tstr += "--match=%s " % (str(self.match))
- # Prune (has to go BEFORE max attacks)
- tstr += "--prune=%s" % (str(self.prune))
- # Max attacks/classes
- if self.maxattacks != 0:
- tstr += "--max-attacks=%s " % (str(self.maxattacks))
-
- # Verification type
- if mode == "check":
- tstr += "--check "
- elif mode == "autoverify":
- tstr += "--auto-claims "
- elif mode == "characterize":
- tstr += "--state-space "
-
- # Anything else?
- if self.misc != "":
- tstr += " " + self.misc + " "
-
- return str(tstr) # turn it into a str (might have been unicode weirdness)
-
-#---------------------------------------------------------------------------
diff --git a/Vagrant Files/shared/scyther/Gui/Temporary.py b/Vagrant Files/shared/scyther/Gui/Temporary.py
deleted file mode 100644
index 61c24660cccd0e102bbfe8c6e5ab6e99bf2aaf4c..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Gui/Temporary.py
+++ /dev/null
@@ -1,64 +0,0 @@
-#!/usr/bin/python
-"""
- Scyther : An automatic verifier for security protocols.
- Copyright (C) 2007-2013 Cas Cremers
-
- This program is free software; you can redistribute it and/or
- modify it under the terms of the GNU General Public License
- as published by the Free Software Foundation; either version 2
- of the License, or (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-"""
-
-
-#---------------------------------------------------------------------------
-
-""" Import externals """
-import os
-import tempfile
-import atexit
-
-#---------------------------------------------------------------------------
-
-""" Local thing (can be done in numerous nicer ways) """
-tempfiles = []
-
-#---------------------------------------------------------------------------
-
-def tempremove(tuple):
- (fd,fpname) = tuple
- #os.close(fd)
- os.remove(fpname)
-
-def cleanupshop():
- global tempfiles
-
- for tuple in tempfiles:
- tempremove(tuple)
-
-def tempcleaned(post=""):
- global tempfiles
-
- tuple = tempfile.mkstemp(post,"scyther_")
- tempfiles.append(tuple)
- return tuple
-
-def tempcleanearly(tuple):
- global tempfiles
-
- tempfiles.remove(tuple)
- tempremove(tuple)
-
-atexit.register(cleanupshop)
-
-
-#---------------------------------------------------------------------------
-# vim: set ts=4 sw=4 et list lcs=tab\:>-:
diff --git a/Vagrant Files/shared/scyther/Gui/Version.py b/Vagrant Files/shared/scyther/Gui/Version.py
deleted file mode 100644
index d941e4bc6250f0640392ebe13657efc84b5db58d..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Gui/Version.py
+++ /dev/null
@@ -1 +0,0 @@
-SCYTHER_GUI_VERSION = "v1.1.3"
diff --git a/Vagrant Files/shared/scyther/Gui/__init__.py b/Vagrant Files/shared/scyther/Gui/__init__.py
deleted file mode 100644
index 6995b4393abbd705c22e0f8c76b114dc90728994..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Gui/__init__.py
+++ /dev/null
@@ -1,19 +0,0 @@
-"""
- Scyther : An automatic verifier for security protocols.
- Copyright (C) 2007-2013 Cas Cremers
-
- This program is free software; you can redistribute it and/or
- modify it under the terms of the GNU General Public License
- as published by the Free Software Foundation; either version 2
- of the License, or (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-"""
-
diff --git a/Vagrant Files/shared/scyther/INSTALL.md b/Vagrant Files/shared/scyther/INSTALL.md
deleted file mode 100644
index 67f772cc18c8631a32d9a8249a7e018fa842d713..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/INSTALL.md
+++ /dev/null
@@ -1,96 +0,0 @@
-Installation and usage of the Scyther tool
-==========================================
-
-Download
---------
-
-Downloads of binary archives of Scyther for all main platforms can be
-found at http://users.ox.ac.uk/~coml0529/scyther/index.html
-
-Requirements
-------------
-
-To be able to use all of Scyther's features, the following three
-dependencies are needed. If you only require the back-end tool (used
-from the command line) then you need only the first.
-
-1. ### The GraphViz library ###
-
- This library is used by the Scyther tool to draw graphs. It can be
- freely downloaded from:
-
- http://www.graphviz.org/
-
- Download the latest stable release and install it.
-
-
-2. ### Python ###
-
- Stable releases of the Python interpreter are available from:
-
- http://www.python.org/download/
-
- Scyther does not support Python 3. You are therefore recommended to
- choose the latest production release of Python 2, e.g., Python 2.7.
-
- * **Mac OS X**
-
- If the package yields an error when you try to install it,
- please use the following, in the directory where you downloaded
- it:
-
- ```
- $ sudo installer -pkg graphviz-2.34.0.pkg -target /
- ```
-
-
-3. ### wxPython libraries ###
-
- The GUI user interface uses the wxPython libraries.
-
- http://www.wxpython.org/download.php
-
- There are many different wxPython packages. You should choose a 32-bit
- package that matches your Python version (e.g., 2.7). It is
- recommended to select the unicode version from the stable releases.
-
- As of writing (May 2013) the following links lead to the appropriate
- wxPython packages for Python 2.7:
-
- * **Windows**
-
- http://downloads.sourceforge.net/wxpython/wxPython2.8-win32-unicode-2.8.12.1-py27.exe
-
- * **Mac OS X**
-
- http://downloads.sourceforge.net/wxpython/wxPython2.8-osx-unicode-2.8.12.1-universal-py2.7.dmg
-
- Note that this package is in an old format and you will probably
- get a warning "Package is damaged". This can be resolved by:
-
- ```
- $ sudo installer -pkg /Volume/.../wxPython2.8-osx-unicode-universal-py2.7.pkg/ -target /
- ```
-
- * **Ubuntu/Debian Linux**
-
- http://wiki.wxpython.org/InstallingOnUbuntuOrDebian
-
-
-Running Scyther
----------------
-
-Extract the Scyther archive and navigate to the extracted directory.
-
-Start Scyther by executing the file
-
- scyther-gui.py
-
-in the main directory of the extracted archive.
-
- * **Mac OS X**
-
- Right-click the file 'scyther-gui.py' and select "Open with" and
- then "Python Launcher".
-
-
diff --git a/Vagrant Files/shared/scyther/INSTALL.txt b/Vagrant Files/shared/scyther/INSTALL.txt
deleted file mode 100644
index 3662306cdd1be833d6a4401f1e226339766156b1..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/INSTALL.txt
+++ /dev/null
@@ -1,85 +0,0 @@
-Installation and usage of the Scyther tool
-==========================================
-
-Requirements
-------------
-
-To be able to use Scyther, you need the following three things:
-
-
-1. The GraphViz library.
-
- This library is used by the Scyther tool to draw graphs. It can be
- freely downloaded from:
-
- http://www.graphviz.org/
-
- Download the latest stable release and install it.
-
-
-
-The graphical user interface of Scyther is written in the Python
-language. Therefore, the GUI requires the following two items:
-
-
-2. Python
-
- Stable releases of the Python interpreter are available from:
-
- <a href="http://www.python.org/download/">
-
- Scyther does not support Python 3. You are therefore recommended to
- choose the latest production release of Python 2, e.g., Python 2.7.
-
- Mac OS X:
- If the package yields an error when you try to install it,
- please use the following, in the directory where you downloaded
- it:
-
- $ sudo installer -pkg graphviz-2.34.0.pkg -target /
-
-
-3. wxPython libraries.
-
- The GUI user interface uses the wxPython libraries.
-
- <a href="http://www.wxpython.org/download.php">
-
- There are many different wxPython packages. You should choose a 32-bit
- package that matches your Python version (e.g., 2.7). It is
- recommended to select the unicode version from the stable releases.
-
- As of writing (May 2013) the following links lead to the appropriate
- wxPython packages for Python 2.7:
-
- Windows:
- <a href="http://downloads.sourceforge.net/wxpython/wxPython2.8-win32-unicode-2.8.12.1-py27.exe">
-
- Mac OS X:
- <a href="http://downloads.sourceforge.net/wxpython/wxPython2.8-osx-unicode-2.8.12.1-universal-py2.7.dmg">
-
- Note that this package is in an old format and you will probably
- get a warning "Package is damaged". This can be resolved by:
-
- $ sudo installer -pkg /Volume/.../wxPython2.8-osx-unicode-universal-py2.7.pkg/ -target /
-
- Ubuntu/Debian Linux:
- <a href="http://wiki.wxpython.org/InstallingOnUbuntuOrDebian">
-
-
-Running Scyther
----------------
-
-
-Start Scyther by executing the file
-
- scyther-gui.py
-
-in the directory where you found this file.
-
- Mac OS X:
-
- Right-click the file 'scyther-gui.py' and select "Open with" and
- then "Python Launcher".
-
-
diff --git a/Vagrant Files/shared/scyther/Images/scyther-gui-16.ico b/Vagrant Files/shared/scyther/Images/scyther-gui-16.ico
deleted file mode 100644
index a92d8228d89417af4cfb8dfc4081c8df0e3a8e73..0000000000000000000000000000000000000000
Binary files a/Vagrant Files/shared/scyther/Images/scyther-gui-16.ico and /dev/null differ
diff --git a/Vagrant Files/shared/scyther/Images/scyther-gui-32.ico b/Vagrant Files/shared/scyther/Images/scyther-gui-32.ico
deleted file mode 100644
index b87d7f95499453981808d80573fadbe935c143f7..0000000000000000000000000000000000000000
Binary files a/Vagrant Files/shared/scyther/Images/scyther-gui-32.ico and /dev/null differ
diff --git a/Vagrant Files/shared/scyther/Images/scyther-gui-64.ico b/Vagrant Files/shared/scyther/Images/scyther-gui-64.ico
deleted file mode 100644
index 2fb682f62d1421d03c3963a78039c7c9519fb730..0000000000000000000000000000000000000000
Binary files a/Vagrant Files/shared/scyther/Images/scyther-gui-64.ico and /dev/null differ
diff --git a/Vagrant Files/shared/scyther/Images/scyther-icon.svg b/Vagrant Files/shared/scyther/Images/scyther-icon.svg
deleted file mode 100644
index 7586c82e5089e1a42a79a569fc4256f77b0f034c..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Images/scyther-icon.svg
+++ /dev/null
@@ -1,222 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<!-- Created with Inkscape (http://www.inkscape.org/) -->
-<svg
- xmlns:dc="http://purl.org/dc/elements/1.1/"
- xmlns:cc="http://web.resource.org/cc/"
- xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
- xmlns:svg="http://www.w3.org/2000/svg"
- xmlns="http://www.w3.org/2000/svg"
- xmlns:xlink="http://www.w3.org/1999/xlink"
- xmlns:sodipodi="http://inkscape.sourceforge.net/DTD/sodipodi-0.dtd"
- xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
- width="841.88977pt"
- height="595.27557pt"
- id="svg2"
- sodipodi:version="0.32"
- inkscape:version="0.43"
- version="1.0"
- sodipodi:docbase="/home/cas/bzr/scyther-gui/images"
- sodipodi:docname="scyther-icon.svg"
- inkscape:export-filename="/home/cas/svn/scyther/Design download page Scyther/scyther-icon16.png"
- inkscape:export-xdpi="1.6494846"
- inkscape:export-ydpi="1.6494846">
- <defs
- id="defs4">
- <linearGradient
- id="linearGradient11078">
- <stop
- id="stop11080"
- offset="0"
- style="stop-color:#000000;stop-opacity:0.57731956;" />
- <stop
- style="stop-color:#000000;stop-opacity:0;"
- offset="0.209216"
- id="stop11084" />
- <stop
- id="stop11086"
- offset="0.65205503"
- style="stop-color:#000000;stop-opacity:0.2371134;" />
- <stop
- id="stop11082"
- offset="1"
- style="stop-color:#000000;stop-opacity:0.67010307;" />
- </linearGradient>
- <linearGradient
- id="linearGradient11052">
- <stop
- id="stop11054"
- offset="0"
- style="stop-color:#000000;stop-opacity:1;" />
- <stop
- style="stop-color:#276816;stop-opacity:1;"
- offset="0.25145975"
- id="stop11060" />
- <stop
- id="stop11066"
- offset="0.57149941"
- style="stop-color:#000000;stop-opacity:1;" />
- <stop
- id="stop11062"
- offset="0.57149941"
- style="stop-color:#010400;stop-opacity:1;" />
- <stop
- style="stop-color:#002583;stop-opacity:1;"
- offset="0.8028897"
- id="stop11064" />
- <stop
- id="stop11056"
- offset="1"
- style="stop-color:#000000;stop-opacity:1;" />
- </linearGradient>
- <linearGradient
- id="linearGradient11044">
- <stop
- style="stop-color:#000000;stop-opacity:1;"
- offset="0"
- id="stop11046" />
- <stop
- style="stop-color:#000000;stop-opacity:0;"
- offset="1"
- id="stop11048" />
- </linearGradient>
- <linearGradient
- id="linearGradient7532">
- <stop
- id="stop7534"
- offset="0"
- style="stop-color:#9e9e9e;stop-opacity:1;" />
- <stop
- id="stop7536"
- offset="1"
- style="stop-color:#9e9e9e;stop-opacity:0;" />
- </linearGradient>
- <linearGradient
- inkscape:collect="always"
- xlink:href="#linearGradient11052"
- id="linearGradient5737"
- x1="521.7384"
- y1="589.8822"
- x2="521.7384"
- y2="174.88217"
- gradientUnits="userSpaceOnUse" />
- <linearGradient
- inkscape:collect="always"
- xlink:href="#linearGradient11044"
- id="linearGradient8364"
- gradientUnits="userSpaceOnUse"
- x1="323.7384"
- y1="278.88214"
- x2="477.7384"
- y2="322.88214" />
- </defs>
- <sodipodi:namedview
- id="base"
- pagecolor="#ffffff"
- bordercolor="#666666"
- borderopacity="1.0"
- inkscape:pageopacity="0.0"
- inkscape:pageshadow="2"
- inkscape:zoom="1"
- inkscape:cx="526.18109"
- inkscape:cy="372.04724"
- inkscape:document-units="px"
- inkscape:current-layer="layer1"
- showguides="true"
- inkscape:guide-bbox="true"
- inkscape:window-width="1280"
- inkscape:window-height="953"
- inkscape:window-x="0"
- inkscape:window-y="0">
- <sodipodi:guide
- orientation="horizontal"
- position="296.88141"
- id="guide1366" />
- <sodipodi:guide
- orientation="horizontal"
- position="571.88122"
- id="guide8421" />
- <sodipodi:guide
- orientation="vertical"
- position="206.87725"
- id="guide8423" />
- </sodipodi:namedview>
- <metadata
- id="metadata7">
- <rdf:RDF>
- <cc:Work
- rdf:about="">
- <dc:format>image/svg+xml</dc:format>
- <dc:type
- rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
- </cc:Work>
- </rdf:RDF>
- </metadata>
- <g
- inkscape:label="Black base"
- inkscape:groupmode="layer"
- id="layer1"
- style="display:inline"
- sodipodi:insensitive="true">
- <rect
- style="opacity:1;fill:url(#linearGradient5737);fill-opacity:1;stroke:#000000;stroke-width:6.73799992;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
- id="rect7546"
- width="323.44028"
- height="320.51846"
- x="194.92915"
- y="162.62292" />
- </g>
- <g
- inkscape:groupmode="layer"
- id="layer9"
- inkscape:label="inner fade"
- sodipodi:insensitive="true"
- style="display:inline">
- <rect
- style="opacity:1;fill:url(#linearGradient8364);fill-opacity:1;stroke:#000000;stroke-width:6.73799992;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;display:inline"
- id="rect7489"
- width="323.44028"
- height="320.51846"
- x="194.92915"
- y="162.62292" />
- </g>
- <g
- inkscape:groupmode="layer"
- id="layer7"
- inkscape:label="blacker fades"
- style="display:inline"
- sodipodi:insensitive="true" />
- <g
- inkscape:groupmode="layer"
- id="layer4"
- inkscape:label="white inner"
- style="display:inline">
- <path
- style="font-size:48px;font-style:oblique;font-variant:normal;font-weight:bold;font-stretch:normal;text-align:start;line-height:125%;writing-mode:lr-tb;text-anchor:start;opacity:1;fill:#ffffff;fill-opacity:1;stroke:#000000;stroke-width:15.39999962;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:8.60000038;stroke-dasharray:none;stroke-opacity:1;display:inline;font-family:Luxi Serif"
- d="M 439.625,186.5625 L 228.875,186.96875 L 229,447.625 L 298.46875,447.0625 C 330.87282,446.92031 358.52897,437.28122 380.09375,420.40625 C 401.65809,403.53126 412.43728,382.80494 412.4375,358.21875 C 412.43728,345.47874 408.75517,334.539 401.375,325.375 C 394.57101,316.65817 381.16868,305.92772 361.21875,293.1875 L 346,283.46875 C 335.8349,277.00229 328.44922,270.61422 323.78125,264.34375 C 307.04223,258.53812 294.42062,259.0563 268.875,259.90625 C 278.05518,239.8488 296.11407,242.38722 300.21875,237.3125 C 304.95019,231.46292 305.43096,234.13065 309.84375,229.25 C 321.81701,216.0073 334.34348,209.33336 346.96875,206.0625 C 353.47544,203.07236 360.58299,201.56871 368.3125,201.65625 C 397.62337,201.98826 427.75001,225.34375 427.75,225.34375 L 439.625,186.5625 z "
- id="path7544"
- sodipodi:nodetypes="ccccsscccccsscscc" />
- </g>
- <g
- inkscape:groupmode="layer"
- id="layer8"
- inkscape:label="upper white"
- style="display:inline">
- <path
- style="font-size:48px;font-style:oblique;font-variant:normal;font-weight:bold;font-stretch:normal;text-align:start;line-height:125%;writing-mode:lr-tb;text-anchor:start;opacity:1;fill:#ffffff;fill-opacity:1;stroke:none;stroke-width:8.89999962;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:8.60000038;stroke-dasharray:none;stroke-opacity:1;display:inline;font-family:Luxi Serif"
- d="M 439.625,186.5625 L 228.875,186.96875 L 229,447.625 L 298.46875,447.0625 C 330.87282,446.92031 358.52897,437.28122 380.09375,420.40625 C 401.65809,403.53126 412.43728,382.80494 412.4375,358.21875 C 412.43728,345.47874 408.75517,334.539 401.375,325.375 C 394.57101,316.65817 381.16868,305.92772 361.21875,293.1875 L 346,283.46875 C 335.8349,277.00229 328.44922,270.61422 323.78125,264.34375 C 307.04223,258.53812 294.42062,259.0563 268.875,259.90625 C 278.05518,239.8488 296.11407,242.38722 300.21875,237.3125 C 304.95019,231.46292 305.43096,234.13065 309.84375,229.25 C 321.81701,216.0073 334.34348,209.33336 346.96875,206.0625 C 353.47544,203.07236 360.58299,201.56871 368.3125,201.65625 C 397.62337,201.98826 427.75001,225.34375 427.75,225.34375 L 439.625,186.5625 z "
- id="path6613"
- sodipodi:nodetypes="ccccsscccccsscscc" />
- </g>
- <g
- inkscape:groupmode="layer"
- id="layer5"
- inkscape:label="beak"
- style="display:inline"
- sodipodi:insensitive="true" />
- <g
- inkscape:groupmode="layer"
- id="layer3"
- inkscape:label="cyther"
- style="display:inline"
- sodipodi:insensitive="true" />
-</svg>
diff --git a/Vagrant Files/shared/scyther/Images/scyther-splash.png b/Vagrant Files/shared/scyther/Images/scyther-splash.png
deleted file mode 100644
index 818997cab57b178f6dd05bd9cf694486ab5f7ada..0000000000000000000000000000000000000000
Binary files a/Vagrant Files/shared/scyther/Images/scyther-splash.png and /dev/null differ
diff --git a/Vagrant Files/shared/scyther/Protocols/Demo/ns3.spdl b/Vagrant Files/shared/scyther/Protocols/Demo/ns3.spdl
deleted file mode 100644
index c9235c512a0507ff53b2f98e2215d90166b12a92..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/Demo/ns3.spdl
+++ /dev/null
@@ -1,41 +0,0 @@
-/*
- * Needham-Schroeder protocol
- */
-
-// The protocol description
-
-protocol ns3(I,R)
-{
- role I
- {
- fresh ni: Nonce;
- var nr: Nonce;
-
- send_1(I,R, {I,ni}pk(R) );
- recv_2(R,I, {ni,nr}pk(I) );
- send_3(I,R, {nr}pk(R) );
-
- claim_i1(I,Secret,ni);
- claim_i2(I,Secret,nr);
- claim_i3(I,Niagree);
- claim_i4(I,Nisynch);
- }
-
- role R
- {
- var ni: Nonce;
- fresh nr: Nonce;
-
- recv_1(I,R, {I,ni}pk(R) );
- send_2(R,I, {ni,nr}pk(I) );
- recv_3(I,R, {nr}pk(R) );
-
- claim_r1(R,Secret,ni);
- claim_r2(R,Secret,nr);
- claim_r3(R,Niagree);
- claim_r4(R,Nisynch);
- }
-}
-
-
-
diff --git a/Vagrant Files/shared/scyther/Protocols/Demo/nsl3-broken.spdl b/Vagrant Files/shared/scyther/Protocols/Demo/nsl3-broken.spdl
deleted file mode 100644
index c635f916f595e1499e7acc617dd26559297b7115..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/Demo/nsl3-broken.spdl
+++ /dev/null
@@ -1,40 +0,0 @@
-/*
- * Needham-Schroeder-Lowe protocol,
- * broken version (wrong role name in first message)
- */
-
-// The protocol description
-
-protocol nsl3-broken(I,R)
-{
- role I
- {
- fresh ni: Nonce;
- var nr: Nonce;
-
- send_1(I,R, {R,ni}pk(R) );
- recv_2(R,I, {ni,nr,R}pk(I) );
- send_3(I,R, {nr}pk(R) );
-
- claim_i1(I,Secret,ni);
- claim_i2(I,Secret,nr);
- claim_i3(I,Niagree);
- claim_i4(I,Nisynch);
- }
-
- role R
- {
- var ni: Nonce;
- fresh nr: Nonce;
-
- recv_1(I,R, {R,ni}pk(R) );
- send_2(R,I, {ni,nr,R}pk(I) );
- recv_3(I,R, {nr}pk(R) );
-
- claim_r1(R,Secret,ni);
- claim_r2(R,Secret,nr);
- claim_r3(R,Niagree);
- claim_r4(R,Nisynch);
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/Demo/nsl3-updated-both.spdl b/Vagrant Files/shared/scyther/Protocols/Demo/nsl3-updated-both.spdl
deleted file mode 100644
index 076166e9ca08f5a37ac872f78777e49f730c4424..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/Demo/nsl3-updated-both.spdl
+++ /dev/null
@@ -1,78 +0,0 @@
-/*
- * Needham-Schroeder-Lowe protocol,
- * broken version (wrong role name in first message)
- */
-
-// The protocol description
-
-protocol nsl3-broken(I,R)
-{
- role I
- {
- fresh ni: Nonce;
- var nr: Nonce;
-
- send_1(I,R, {R,ni}pk(R) );
- recv_2(R,I, {ni,nr,R}pk(I) );
- send_3(I,R, {nr}pk(R) );
-
- claim_i1(I,Secret,ni);
- claim_i2(I,Secret,nr);
- claim_i3(I,Niagree);
- claim_i4(I,Nisynch);
- }
-
- role R
- {
- var ni: Nonce;
- fresh nr: Nonce;
-
- recv_1(I,R, {R,ni}pk(R) );
- send_2(R,I, {ni,nr,R}pk(I) );
- recv_3(I,R, {nr}pk(R) );
-
- claim_r1(R,Secret,ni);
- claim_r2(R,Secret,nr);
- claim_r3(R,Niagree);
- claim_r4(R,Nisynch);
- }
-}
-
-/*
- * Needham-Schroeder-Lowe protocol
- */
-
-// The protocol description
-
-protocol nsl3(I,R)
-{
- role I
- {
- fresh ni: Nonce;
- var nr: Nonce;
-
- send_1(I,R, {I,ni}pk(R) );
- recv_2(R,I, {ni,nr,R}pk(I) );
- send_3(I,R, {nr}pk(R) );
-
- claim_i1(I,Secret,ni);
- claim_i2(I,Secret,nr);
- claim_i3(I,Niagree);
- claim_i4(I,Nisynch);
- }
-
- role R
- {
- var ni: Nonce;
- fresh nr: Nonce;
-
- recv_1(I,R, {I,ni}pk(R) );
- send_2(R,I, {ni,nr,R}pk(I) );
- recv_3(I,R, {nr}pk(R) );
-
- claim_r1(R,Secret,ni);
- claim_r2(R,Secret,nr);
- claim_r3(R,Niagree);
- claim_r4(R,Nisynch);
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/Demo/nsl3.spdl b/Vagrant Files/shared/scyther/Protocols/Demo/nsl3.spdl
deleted file mode 100644
index ebf9031157eca52d3a5bbc72af6f330b30df088d..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/Demo/nsl3.spdl
+++ /dev/null
@@ -1,38 +0,0 @@
-/*
- * Needham-Schroeder-Lowe protocol
- */
-
-// The protocol description
-
-protocol nsl3(I,R)
-{
- role I
- {
- fresh ni: Nonce;
- var nr: Nonce;
-
- send_1(I,R, {I,ni}pk(R) );
- recv_2(R,I, {ni,nr,R}pk(I) );
- send_3(I,R, {nr}pk(R) );
-
- claim_i1(I,Secret,ni);
- claim_i2(I,Secret,nr);
- claim_i3(I,Niagree);
- claim_i4(I,Nisynch);
- }
-
- role R
- {
- var ni: Nonce;
- fresh nr: Nonce;
-
- recv_1(I,R, {I,ni}pk(R) );
- send_2(R,I, {ni,nr,R}pk(I) );
- recv_3(I,R, {nr}pk(R) );
-
- claim_r1(R,Secret,ni);
- claim_r2(R,Secret,nr);
- claim_r3(R,Niagree);
- claim_r4(R,Nisynch);
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IEEE-WIMAX/pkmv2rsa.spdl b/Vagrant Files/shared/scyther/Protocols/IEEE-WIMAX/pkmv2rsa.spdl
deleted file mode 100644
index 73133a7f00fdf1377861d1a55bdf3bf87b27dd0f..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IEEE-WIMAX/pkmv2rsa.spdl
+++ /dev/null
@@ -1,46 +0,0 @@
-/*
- * PKMv2-RSA
- *
- * Initial model by: Sjouke Mauw, Sasa Radomirovic (2007)
- * Model changes: Cas Cremers (Nov 2012)
- *
- * Analysed in: "A framework for compositional verification of security protocols"
- * With S. Andova, K. Gjosteen, S. Mauw, S. Mjolsnes, and S. Radomirovic.
- * Information and Computation, Special issue on Computer Security:
- * Foundations and Automated Reasoning, Volume 206, Issues 2-4, pp. 425-459,
- * Elsevier, 2008.
- */
-
-// The protocol description
-
-protocol pkmv2rsa(MS,BS)
-{
- role MS
- {
- fresh msrand, said: Nonce;
- var prepak, bsrand: Nonce;
-
- send_rsa1(MS,BS, {msrand, said, MS}sk(MS) );
- recv_rsa2(BS,MS, {msrand, bsrand,{prepak,MS}pk(MS),BS}sk(BS) );
- send_rsa3(MS,BS, {bsrand}sk(MS) );
-
- claim_rsai3(MS,Niagree);
- claim_rsai4(MS,Nisynch);
- claim_rsai5(MS,SKR,prepak);
- }
-
- role BS
- {
- var msrand, said: Nonce;
- fresh prepak, bsrand: Nonce;
-
- recv_rsa1(MS,BS, {msrand, said, MS}sk(MS) );
- send_rsa2(BS,MS, {msrand, bsrand,{prepak,MS}pk(MS),BS}sk(BS) );
- recv_rsa3(MS,BS, {bsrand}sk(MS) );
-
- claim_rsar3(BS,Niagree);
- claim_rsar4(BS,Nisynch);
- claim_rsar5(BS,SKR,prepak);
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/IEEE-WIMAX/pkmv2rsacorrected.spdl b/Vagrant Files/shared/scyther/Protocols/IEEE-WIMAX/pkmv2rsacorrected.spdl
deleted file mode 100644
index 4bd52056efc8fd08202eaa37d4b81401054dcf33..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IEEE-WIMAX/pkmv2rsacorrected.spdl
+++ /dev/null
@@ -1,46 +0,0 @@
-/*
- * PKMv2-RSA
- *
- * Initial model by: Sjouke Mauw, Sasa Radomirovic (2007)
- * Model changes: Cas Cremers (Nov 2012)
- *
- * Analysed in: "A framework for compositional verification of security protocols"
- * With S. Andova, K. Gjosteen, S. Mauw, S. Mjolsnes, and S. Radomirovic.
- * Information and Computation, Special issue on Computer Security:
- * Foundations and Automated Reasoning, Volume 206, Issues 2-4, pp. 425-459,
- * Elsevier, 2008.
- */
-
-// The protocol description
-
-protocol pkmv2rsa(MS,BS)
-{
- role MS
- {
- fresh msrand, said: Nonce;
- var prepak, bsrand: Nonce;
-
- send_rsa1(MS,BS, {msrand, said, MS}sk(MS) );
- recv_rsa2(BS,MS, {msrand, bsrand,{prepak,MS}pk(MS),BS}sk(BS) );
- send_rsa3(MS,BS, {bsrand,BS}sk(MS) );
-
- claim_rsai3(MS,Niagree);
- claim_rsai4(MS,Nisynch);
- claim_rsai5(MS,SKR,prepak);
- }
-
- role BS
- {
- var msrand, said: Nonce;
- fresh prepak, bsrand: Nonce;
-
- recv_rsa1(MS,BS, {msrand, said, MS}sk(MS) );
- send_rsa2(BS,MS, {msrand, bsrand,{prepak,MS}pk(MS),BS}sk(BS) );
- recv_rsa3(MS,BS, {bsrand,BS}sk(MS) );
-
- claim_rsar3(BS,Niagree);
- claim_rsar4(BS,Nisynch);
- claim_rsar5(BS,SKR,prepak);
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/IEEE-WIMAX/pkmv2satek.spdl b/Vagrant Files/shared/scyther/Protocols/IEEE-WIMAX/pkmv2satek.spdl
deleted file mode 100644
index b166a1b85195d4237b273a468307fdd766da5734..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IEEE-WIMAX/pkmv2satek.spdl
+++ /dev/null
@@ -1,63 +0,0 @@
-/*
- * PKMv2-SA-TEK
- *
- * Initial model by: Sjouke Mauw, Sasa Radomirovic (2007)
- * Model changes: Cas Cremers (Nov 2012)
- *
- * Analysed in: "A framework for compositional verification of security protocols"
- * With S. Andova, K. Gjosteen, S. Mauw, S. Mjolsnes, and S. Radomirovic.
- * Information and Computation, Special issue on Computer Security:
- * Foundations and Automated Reasoning, Volume 206, Issues 2-4, pp. 425-459,
- * Elsevier, 2008.
- */
-
-// Setup
-
-hashfunction hash;
-hashfunction prepak;
-const akid;
-const u,d;
-
-// The protocol description
-
-protocol pkmv2satek(MS,BS)
-{
- role MS
- {
- fresh msrand': Nonce;
- var bsrand', tek0, tek1: Nonce;
-
- recv_satek1(BS,MS, bsrand',akid,
- hash(d,prepak(MS,BS),BS,MS,bsrand',akid) );
- send_satek2(MS,BS, msrand',bsrand',akid,
- hash(u,prepak(MS,BS),BS,MS,msrand',bsrand',akid) );
- recv_satek3(BS,MS,
- msrand',bsrand',akid,{tek0,tek1}hash(prepak(MS,BS)),
- hash(d,prepak(MS,BS),msrand',bsrand',akid,{tek0,tek1}hash(prepak(MS,BS))));
-
- claim_rsai3(MS,Niagree);
- claim_rsai4(MS,Nisynch);
- claim_rsai6(MS,SKR,tek0);
- claim_rsai7(MS,SKR,tek1);
- }
-
- role BS
- {
- var msrand': Nonce;
- fresh bsrand', tek0, tek1: Nonce;
-
- send_satek1(BS,MS, bsrand',akid,
- hash(d,prepak(MS,BS),BS,MS,bsrand',akid) );
- recv_satek2(MS,BS, msrand',bsrand',akid,
- hash(u,prepak(MS,BS),BS,MS,msrand',bsrand',akid) );
- send_satek3(BS,MS,
- msrand',bsrand',akid,{tek0,tek1}hash(prepak(MS,BS)),
- hash(d,prepak(MS,BS),msrand',bsrand',akid,{tek0,tek1}hash(prepak(MS,BS))));
-
- claim_rsar3(BS,Niagree);
- claim_rsar4(BS,Nisynch);
- claim_rsar6(BS,SKR,tek0);
- claim_rsar7(BS,SKR,tek1);
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/IEEE-WIMAX/pqr.spdl b/Vagrant Files/shared/scyther/Protocols/IEEE-WIMAX/pqr.spdl
deleted file mode 100644
index 731d369bd5a9ae45badb52418c887904246b3d91..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IEEE-WIMAX/pqr.spdl
+++ /dev/null
@@ -1,84 +0,0 @@
-/*
- * PKMv2-RSA
- *
- * Initial model by: Sjouke Mauw, Sasa Radomirovic (2007)
- * Model changes: Cas Cremers (Nov 2012)
- *
- * Analysed in: "A framework for compositional verification of security protocols"
- * With S. Andova, K. Gjosteen, S. Mauw, S. Mjolsnes, and S. Radomirovic.
- * Information and Computation, Special issue on Computer Security:
- * Foundations and Automated Reasoning, Volume 206, Issues 2-4, pp. 425-459,
- * Elsevier, 2008.
- */
-
-// Setup
-
-hashfunction hash;
-hashfunction prepak;
-const akid;
-const u,d;
-
-// The protocol description
-
-protocol rsaplussatek(MS,BS)
-
-{
- role MS
- {
- fresh msrand, msrand', said, c: Nonce;
- var prepak, bsrand, bsrand', tek0, tek1, tek2, tek3: Nonce;
-
- send_rsa1(MS,BS, {msrand, said, MS}sk(MS) );
- recv_rsa2(BS,MS, {msrand, bsrand,{prepak,MS}pk(MS),BS}sk(BS) );
- send_rsa3(MS,BS, {bsrand, BS}sk(MS) );
-
- recv_satek1(BS,MS, bsrand',akid,
- hash(d,prepak,BS,MS,bsrand',akid) );
- send_satek2(MS,BS, msrand',bsrand',akid,
- hash(u,prepak,BS,MS,msrand',bsrand',akid) );
- recv_satek3(BS,MS,
- msrand',bsrand',akid,{tek0,tek1}hash(prepak),
- hash(d,prepak,msrand',bsrand',akid,{tek0,tek1}hash(prepak)));
-
- send_tekup1(MS,BS,{c}hash(prepak));
- recv_tekup2(BS,MS,{c,tek2,tek3}hash(prepak));
-
- claim_rsai3(MS,Niagree);
- claim_rsai4(MS,Nisynch);
- claim_rsai5(MS,SKR,prepak);
- claim_rsai6(MS,SKR,tek0);
- claim_rsai7(MS,SKR,tek1);
- claim_rsar8(MS,SKR,tek2);
- claim_rsar9(MS,SKR,tek3);
- }
-
- role BS
- {
- var msrand, msrand', said, c: Nonce;
- fresh prepak, bsrand, bsrand', tek0, tek1, tek2, tek3: Nonce;
-
- recv_rsa1(MS,BS, {msrand, said, MS}sk(MS) );
- send_rsa2(BS,MS, {msrand, bsrand,{prepak,MS}pk(MS),BS}sk(BS) );
- recv_rsa3(MS,BS, {bsrand, BS}sk(MS) );
-
- send_satek1(BS,MS, bsrand',akid,
- hash(d,prepak,BS,MS,bsrand',akid) );
- recv_satek2(MS,BS, msrand',bsrand',akid,
- hash(u,prepak,BS,MS,msrand',bsrand',akid) );
- send_satek3(BS,MS,
- msrand',bsrand',akid,{tek0,tek1}hash(prepak),
- hash(d,prepak,msrand',bsrand',akid,{tek0,tek1}hash(prepak)));
-
- recv_tekup1(MS,BS,{c}hash(prepak));
- send_tekup2(BS,MS,{c,tek2,tek3}hash(prepak));
-
- claim_rsar3(BS,Niagree);
- claim_rsar4(BS,Nisynch);
- claim_rsar5(BS,SKR,prepak);
- claim_rsar6(BS,SKR,tek0);
- claim_rsar7(BS,SKR,tek1);
- claim_rsar8(BS,SKR,tek2);
- claim_rsar9(BS,SKR,tek3);
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/IEEE-WIMAX/rsaplussatek.spdl b/Vagrant Files/shared/scyther/Protocols/IEEE-WIMAX/rsaplussatek.spdl
deleted file mode 100644
index eb15dde02dd57add4aa6c3fcb54fb80422335fe6..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IEEE-WIMAX/rsaplussatek.spdl
+++ /dev/null
@@ -1,74 +0,0 @@
-/*
- * PKMv2-RSA
- *
- * Initial model by: Sjouke Mauw, Sasa Radomirovic (2007)
- * Model changes: Cas Cremers (Nov 2012)
- *
- * Analysed in: "A framework for compositional verification of security protocols"
- * With S. Andova, K. Gjosteen, S. Mauw, S. Mjolsnes, and S. Radomirovic.
- * Information and Computation, Special issue on Computer Security:
- * Foundations and Automated Reasoning, Volume 206, Issues 2-4, pp. 425-459,
- * Elsevier, 2008.
- */
-
-// Setup
-
-hashfunction hash;
-hashfunction prepak;
-const akid;
-const u,d;
-
-// The protocol description
-
-protocol rsaplussatek(MS,BS)
-
-{
- role MS
- {
- fresh msrand, msrand', said: Nonce;
- var prepak, bsrand, bsrand', tek0, tek1: Nonce;
-
- send_rsa1(MS,BS, {msrand, said, MS}sk(MS) );
- recv_rsa2(BS,MS, {msrand, bsrand,{prepak,MS}pk(MS),BS}sk(BS) );
- send_rsa3(MS,BS, {bsrand}sk(MS) );
-
- recv_satek1(BS,MS, bsrand',akid,
- hash(d,prepak,BS,MS,bsrand',akid) );
- send_satek2(MS,BS, msrand',bsrand',akid,
- hash(u,prepak,BS,MS,msrand',bsrand',akid) );
- recv_satek3(BS,MS,
- msrand',bsrand',akid,{tek0,tek1}hash(prepak),
- hash(d,prepak,msrand',bsrand',akid,{tek0,tek1}hash(prepak)));
-
- claim_rsai3(MS,Niagree);
- claim_rsai4(MS,Nisynch);
-// claim_rsai5(MS,SKR,prepak);
-// claim_rsai6(MS,SKR,tek0);
-// claim_rsai7(MS,SKR,tek1);
- }
-
- role BS
- {
- var msrand, msrand', said: Nonce;
- fresh prepak, bsrand, bsrand', tek0, tek1: Nonce;
-
- recv_rsa1(MS,BS, {msrand, said, MS}sk(MS) );
- send_rsa2(BS,MS, {msrand, bsrand,{prepak,MS}pk(MS),BS}sk(BS) );
- recv_rsa3(MS,BS, {bsrand}sk(MS) );
-
- send_satek1(BS,MS, bsrand',akid,
- hash(d,prepak,BS,MS,bsrand',akid) );
- recv_satek2(MS,BS, msrand',bsrand',akid,
- hash(u,prepak,BS,MS,msrand',bsrand',akid) );
- send_satek3(BS,MS,
- msrand',bsrand',akid,{tek0,tek1}hash(prepak),
- hash(d,prepak,msrand',bsrand',akid,{tek0,tek1}hash(prepak)));
-
- claim_rsar3(BS,Niagree);
- claim_rsar4(BS,Nisynch);
-// claim_rsar5(BS,SKR,prepak);
-// claim_rsar6(BS,SKR,tek0);
-// claim_rsar7(BS,SKR,tek1);
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/IEEE-WIMAX/rsaplussatekcorrected.spdl b/Vagrant Files/shared/scyther/Protocols/IEEE-WIMAX/rsaplussatekcorrected.spdl
deleted file mode 100644
index b8051d8983450f45879db0663114907d9fb52203..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IEEE-WIMAX/rsaplussatekcorrected.spdl
+++ /dev/null
@@ -1,73 +0,0 @@
-/*
- * PKMv2-RSA
- *
- * Initial model by: Sjouke Mauw, Sasa Radomirovic (2007)
- * Model changes: Cas Cremers (Nov 2012)
- *
- * Analysed in: "A framework for compositional verification of security protocols"
- * With S. Andova, K. Gjosteen, S. Mauw, S. Mjolsnes, and S. Radomirovic.
- * Information and Computation, Special issue on Computer Security:
- * Foundations and Automated Reasoning, Volume 206, Issues 2-4, pp. 425-459,
- * Elsevier, 2008.
- */
-
-// Setup
-
-hashfunction hash;
-hashfunction prepak;
-const akid;
-const u,d;
-
-// The protocol description
-
-protocol rsaplussatek(MS,BS)
-
-{
- role MS
- {
- fresh msrand, msrand', said: Nonce;
- var prepak, bsrand, bsrand', tek0, tek1: Nonce;
-
- send_rsa1(MS,BS, {msrand, said, MS}sk(MS) );
- recv_rsa2(BS,MS, {msrand, bsrand,{prepak,MS}pk(MS),BS}sk(BS) );
- send_rsa3(MS,BS, {bsrand, BS}sk(MS) );
-
- recv_satek1(BS,MS, bsrand',akid,
- hash(d,prepak,BS,MS,bsrand',akid) );
- send_satek2(MS,BS, msrand',bsrand',akid,
- hash(u,prepak,BS,MS,msrand',bsrand',akid) );
- recv_satek3(BS,MS,
- msrand',bsrand',akid,{tek0,tek1}hash(prepak),
- hash(d,prepak,msrand',bsrand',akid,{tek0,tek1}hash(prepak)));
-
- claim_rsai3(MS,Niagree);
- claim_rsai4(MS,Nisynch);
- claim_rsai5(MS,SKR,prepak);
- claim_rsai6(MS,SKR,tek0);
- claim_rsai7(MS,SKR,tek1);
- }
-
- role BS
- {
- var msrand, msrand', said: Nonce;
- fresh prepak, bsrand, bsrand', tek0, tek1: Nonce;
-
- recv_rsa1(MS,BS, {msrand, said, MS}sk(MS) );
- send_rsa2(BS,MS, {msrand, bsrand,{prepak,MS}pk(MS),BS}sk(BS) );
- recv_rsa3(MS,BS, {bsrand, BS}sk(MS) );
-
- send_satek1(BS,MS, bsrand',akid,
- hash(d,prepak,BS,MS,bsrand',akid) );
- recv_satek2(MS,BS, msrand',bsrand',akid,
- hash(u,prepak,BS,MS,msrand',bsrand',akid) );
- send_satek3(BS,MS,
- msrand',bsrand',akid,{tek0,tek1}hash(prepak),
- hash(d,prepak,msrand',bsrand',akid,{tek0,tek1}hash(prepak)));
-
- claim_rsar3(BS,Niagree);
- claim_rsar4(BS,Nisynch);
- claim_rsar5(BS,SKR,prepak);
- claim_rsar6(BS,SKR,tek0);
- claim_rsar7(BS,SKR,tek1);
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/Makefile b/Vagrant Files/shared/scyther/Protocols/IKE/Makefile
deleted file mode 100644
index 7234a64ebf087e7efae859d31b2147dae1a81926..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/Makefile
+++ /dev/null
@@ -1,11 +0,0 @@
-CPPSRC= $(wildcard *.cpp)
-DEST= $(CPPSRC:.cpp=.spdl)
-
-default: $(DEST)
-
-%.spdl: %.cpp
- cpp $< >$@
-
-mpa: $(DEST) make-mpa.py
- ./make-mpa.py
-
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/common.h b/Vagrant Files/shared/scyther/Protocols/IKE/common.h
deleted file mode 100644
index 6dcb5d2d108bd084a527b9ebf79bc77bd5cdcb28..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/common.h
+++ /dev/null
@@ -1,157 +0,0 @@
-/****************************************************************************
- * THIS FILE CONTAINS DEFINITIONS OF COMMON MACROS AND TYPES *
- ****************************************************************************/
-
- hashfunction prf, KDF;
-
-/**********************************
- * DIFFIE-HELLMAN ABSTRACTIONS *
- * Zi = Gr^i = g^(ri)
- * Zr = Gi^r = g^(ir)
- **********************************/
-const g, h: Function;
-#define Zi h(Gr,i)
-#define Zr h(Gi,r)
-
-/**********************************
- * PROTOCOL DEPENDENT DEFINITIONS *
- **********************************/
-#ifdef __IKEV1__
-hashfunction H;
-#define SKi KDF(Ni, Nr, Zi, Ci, Cr)
-#define SKr KDF(Ni, Nr, Zr, Ci, Cr)
-#endif
-
-#ifdef __IKEV1_PSK__
-#define SKi prf(k(I,R), Ni, Nr, Zi, Ci, Cr)
-#define SKr prf(k(R,I), Ni, Nr, Zr, Ci, Cr)
-#endif
-
-#ifdef __IKEV1_QUICK__
-/* k(.,.) equals Kd from the spec */
-#define SKi KDF(k(I,R),Zi,Ni,Nr)
-#define SKr KDF(k(R,I),Zr,Ni,Nr)
-#endif
-
-#ifdef __IKEV1_QUICK_NOPFS__
-/* k(.,.) equals Kd from the spec */
-#define SKi KDF(k(I,R),Ni,Nr)
-#define SKr KDF(k(R,I),Ni,Nr)
-#endif
-
-#ifdef __IKEV2__
-hashfunction MAC;
-#define HDR (SPIi,SPIr)
-#define SKi KDF(Ni,Nr,Zi,SPIi,SPIr)
-#define SKr KDF(Ni,Nr,Zr,SPIi,SPIr)
-#endif
-
-#ifdef __IKEV2_CHILD__
-#define SKi KDF(k(I,R),Zi,Ni,Nr)
-#define SKr KDF(k(R,I),Zr,Ni,Nr)
-#endif
-
-#ifdef __IKEV2_CHILD_NOPFS__
-#define SKi KDF(k(I,R),Ni,Nr)
-#define SKr KDF(k(R,I),Ni,Nr)
-#endif
-
-#ifdef __JFK_CORE__
-hashfunction H;
-#define SKi KDF(Zi, Ni, Nr)
-#define SKr KDF(Zr, Ni, Nr)
-#endif
-
-#ifdef __JFK__
-hashfunction H;
-#define SKi KDF(Zi, H(Ni), Nr)
-#define SKr KDF(Zr, H(Ni), Nr)
-#endif
-
-#ifdef __OAKLEY__
-#define SKi KDF(Ni, Nr, Zi, Ci, Cr)
-#define SKr KDF(Ni, Nr, Zr, Ci, Cr)
-#endif
-
-#ifdef __OAKLEY_CONSERVATIVE__
-#define SKi KDF(Ni, Nr, Zi, Ci, Cr)
-#define SKr KDF(Ni, Nr, Zr, Ci, Cr)
-#endif
-
-#ifdef __SKEME__
-#define SKi KDF(Zi)
-#define SKr KDF(Zr)
-#endif
-
-#ifdef __SKEME_REKEY__
-#define SKi KDF(k(I,R),prf(k(I,R), Ni, Nr, R, I))
-#define SKr KDF(k(R,I),prf(k(R,I), Ni, Nr, R, I))
-#endif
-
-#ifdef __STS__
-#define SKi KDF(Zi)
-#define SKr KDF(Zr)
-hashfunction MAC;
-#endif
-
-protocol @oracle (DH, SWAP) {
-#define Gi g(i)
-#define Gr g(r)
-
- /* Diffie-Hellman oracle: If the adversary is in possession of g^xy, he
- * can obtain g^yx.
- * @obsolete The adversary does not need DH as long as SWAP exists
- */
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, Zi );
- send_!DH2( DH, DH, Zr );
- }
-
- /* Session key swap oracle: If the adversary is in possession of eg the
- * initiators session key, he can obtain the responders session key.
- */
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-
-#ifdef __IKEV1__
- var Ci, Cr: Nonce;
-#endif
-#ifdef __IKEV1_PSK__
- var Ci, Cr: Nonce;
- var I, R: Agent;
-#endif
-#ifdef __IKEV1_QUICK__
- var I, R: Agent;
-#endif
-#ifdef __IKEV1_QUICK_NOPFS__
- var I, R: Agent;
-#endif
-#ifdef __IKEV2__
- var SPIi, SPIr: Nonce;
-#endif
-#ifdef __IKEV2_CHILD__
- var I, R: Agent;
-#endif
-#ifdef __IKEV2_CHILD_NOPFS__
- var I, R: Agent;
-#endif
-#ifdef __OAKLEY__
- var Ci, Cr: Nonce;
-#endif
-#ifdef __OAKLEY_CONSERVATIVE__
- var Ci, Cr: Nonce;
-#endif
-#ifdef __SKEME_REKEY__
- var I, R: Agent;
-#endif
-
- recv_!SWAP1( SWAP, SWAP, SKi );
- send_!SWAP2( SWAP, SWAP, SKr );
-
- }
-#undef Gi
-#undef Gr
-}
-#define __ORACLE__
\ No newline at end of file
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk-a1.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk-a1.cpp
deleted file mode 100644
index 86947a875396938da6959163a6a605981618e06e..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk-a1.cpp
+++ /dev/null
@@ -1,96 +0,0 @@
-/**********************************************************************
- * @protocol Internet Key Exchange Protocol (IKEv1)
- * @reference RFC 2409,
- * Boyd C. and Mathuria A., Protocols for Authentication
- * and Key Agreement
- * @variant Public key authentication (aggressive mode),
- * last message not encrypted
- **********************************************************************/
-
-/**
- * MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
- */
-
-#define __IKEV1__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-#define SKEYID prf(H(Ni,Nr),Ci,Cr)
-#define HASH_Ii prf(Ni, Nr, Zi, g(i), Gr, Ci, Cr, list, I)
-#define HASH_Ir prf(Ni, Nr, Zr, Gi, g(r), Ci, Cr, list, I)
-#define HASH_Ri prf(Ni, Nr, Zi, Gr, g(i), Cr, Ci, list, R)
-#define HASH_Rr prf(Ni, Nr, Zr, g(r), Gi, Cr, Ci, list, R)
-#define HASH1 H(CERT(R))
-
-usertype String;
-const list, algo: String;
-
-
-/**
- * This role serves as an "oracle" to ensure the executability of the
- * protocol by taking care of the problems that arise from our way of
- * modelling Diffie-Hellman keys.
- */
-protocol @executability(O) {
-#define Gi g(i)
-#define Gr g(r)
- role O {
- var i, r, Ni, Nr, Ci, Cr: Nonce;
- var I, R: Agent;
-
- // msg 2
- recv_!O1( O, O, HASH_Rr );
- send_!O2( O, O, HASH_Ri );
-
- // msg 3
- recv_!O3( O, O, HASH_Ii );
- send_!O4( O, O, HASH_Ir );
-
- }
-#undef Gi
-#undef Gr
-}
-
-
-protocol ikev1-pk-a1(I, R)
-{
- role I {
- fresh i, Ni, Ci: Nonce;
- var Nr, Cr: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, Ci, list, g(i), {I}pk(R), {Ni}pk(R) );
- recv_!2( R, I, Ci, Cr, algo, Gr, {R}pk(I), {Nr}pk(I), HASH_Ri );
- claim( I, Running, R, g(i),Gr,Ci,Cr,Ni,Nr );
- send_!3( I, R, Ci, Cr, HASH_Ii );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, g(i),Gr,Ci,Cr,Ni,Nr );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Ci, list, Gi, {I}pk(R), {Ni}pk(R) );
- claim( R, Running, I, Gi,g(r),Ci,Cr,Ni,Nr );
- send_!2( R, I, Ci, Cr, algo, g(r), {R}pk(I), {Nr}pk(I), HASH_Rr );
- recv_!3( I, R, Ci, Cr, HASH_Ir );
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Gi,g(r),Ci,Cr,Ni,Nr );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk-a1.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk-a1.spdl
deleted file mode 100644
index b9b8f00eef120f460ed71c5a4c02c4ccbd14925c..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk-a1.spdl
+++ /dev/null
@@ -1,129 +0,0 @@
-# 1 "ikev1-pk-a1.cpp"
-# 1 "<command-line>"
-# 1 "ikev1-pk-a1.cpp"
-# 17 "ikev1-pk-a1.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-
-
-
-
-
-
-
-hashfunction H;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-
-
- var Ci, Cr: Nonce;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, KDF(Ni, Nr, h(g(r),i), Ci, Cr) );
- send_!SWAP2( SWAP, SWAP, KDF(Ni, Nr, h(g(i),r), Ci, Cr) );
-
- }
-
-
-}
-# 18 "ikev1-pk-a1.cpp" 2
-# 27 "ikev1-pk-a1.cpp"
-usertype String;
-const list, algo: String;
-
-
-
-
-
-
-
-protocol @executability(O) {
-
-
- role O {
- var i, r, Ni, Nr, Ci, Cr: Nonce;
- var I, R: Agent;
-
-
- recv_!O1( O, O, prf(Ni, Nr, h(g(i),r), g(r), g(i), Cr, Ci, list, R) );
- send_!O2( O, O, prf(Ni, Nr, h(g(r),i), g(r), g(i), Cr, Ci, list, R) );
-
-
- recv_!O3( O, O, prf(Ni, Nr, h(g(r),i), g(i), g(r), Ci, Cr, list, I) );
- send_!O4( O, O, prf(Ni, Nr, h(g(i),r), g(i), g(r), Ci, Cr, list, I) );
-
- }
-
-
-}
-
-
-protocol ikev1-pk-a1(I, R)
-{
- role I {
- fresh i, Ni, Ci: Nonce;
- var Nr, Cr: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, Ci, list, g(i), {I}pk(R), {Ni}pk(R) );
- recv_!2( R, I, Ci, Cr, algo, Gr, {R}pk(I), {Nr}pk(I), prf(Ni, Nr, h(Gr,i), Gr, g(i), Cr, Ci, list, R) );
- claim( I, Running, R, g(i),Gr,Ci,Cr,Ni,Nr );
- send_!3( I, R, Ci, Cr, prf(Ni, Nr, h(Gr,i), g(i), Gr, Ci, Cr, list, I) );
-
-
- claim( I, SKR, KDF(Ni, Nr, h(Gr,i), Ci, Cr) );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, g(i),Gr,Ci,Cr,Ni,Nr );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Ci, list, Gi, {I}pk(R), {Ni}pk(R) );
- claim( R, Running, I, Gi,g(r),Ci,Cr,Ni,Nr );
- send_!2( R, I, Ci, Cr, algo, g(r), {R}pk(I), {Nr}pk(I), prf(Ni, Nr, h(Gi,r), g(r), Gi, Cr, Ci, list, R) );
- recv_!3( I, R, Ci, Cr, prf(Ni, Nr, h(Gi,r), Gi, g(r), Ci, Cr, list, I) );
-
-
- claim( R, SKR, KDF(Ni, Nr, h(Gi,r), Ci, Cr) );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Gi,g(r),Ci,Cr,Ni,Nr );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk-a12.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk-a12.cpp
deleted file mode 100644
index 435479a7eedd24ec5e2881e207f4f835614f5b2b..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk-a12.cpp
+++ /dev/null
@@ -1,95 +0,0 @@
-/**********************************************************************
- * @protocol Internet Key Exchange Protocol (IKEv1)
- * @reference RFC 2409,
- * Boyd C. and Mathuria A., Protocols for Authentication
- * and Key Agreement
- * @variant Public key authentication (aggressive mode),
- * last message encrypted
- **********************************************************************/
-
-/**
- * MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
- */
-
-#define __IKEV1__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-#define SKEYID prf(H(Ni,Nr),Ci,Cr)
-#define HASH_Ii prf(Ni, Nr, Zi, g(i), Gr, Ci, Cr, list, I)
-#define HASH_Ir prf(Ni, Nr, Zr, Gi, g(r), Ci, Cr, list, I)
-#define HASH_Ri prf(Ni, Nr, Zi, Gr, g(i), Cr, Ci, list, R)
-#define HASH_Rr prf(Ni, Nr, Zr, g(r), Gi, Cr, Ci, list, R)
-#define HASH1 H(CERT(R))
-
-usertype String;
-const list, algo: String;
-
-
-/**
- * This role serves as an "oracle" to ensure the executability of the
- * protocol by taking care of the problems that arise from our way of
- * modelling Diffie-Hellman keys.
- */
-protocol @executability(O) {
-#define Gi g(i)
-#define Gr g(r)
- role O {
- var i, r, Ni, Nr, Ci, Cr: Nonce;
- var I, R: Agent;
-
- // msg 2
- recv_!O1( O, O, HASH_Rr );
- send_!O2( O, O, HASH_Ri );
-
- // msg 3
- recv_!O3( O, O, {HASH_Ii}SKi );
- send_!O4( O, O, {HASH_Ir}SKr );
-
- }
-#undef Gi
-#undef Gr
-}
-
-protocol ikev1-pk-a12(I, R)
-{
- role I {
- fresh i, Ni, Ci: Nonce;
- var Nr, Cr: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, Ci, list, g(i), {I}pk(R), {Ni}pk(R) );
- recv_!2( R, I, Ci, Cr, algo, Gr, {R}pk(I), {Nr}pk(I), HASH_Ri );
- claim( I, Running, R, g(i),Gr,Ci,Cr,Ni,Nr );
- send_!3( I, R, Ci, Cr, {HASH_Ii}SKi );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, g(i),Gr,Ci,Cr,Ni,Nr );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Ci, list, Gi, {I}pk(R), {Ni}pk(R) );
- claim( R, Running, I, Gi,g(r),Ci,Cr,Ni,Nr );
- send_!2( R, I, Ci, Cr, algo, g(r), {R}pk(I), {Nr}pk(I), HASH_Rr );
- recv_!3( I, R, Ci, Cr, {HASH_Ir}SKr );
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Gi,g(r),Ci,Cr,Ni,Nr );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk-a12.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk-a12.spdl
deleted file mode 100644
index 473ffc76bb89606aba874cf52d1200ded3a89e48..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk-a12.spdl
+++ /dev/null
@@ -1,128 +0,0 @@
-# 1 "ikev1-pk-a12.cpp"
-# 1 "<command-line>"
-# 1 "ikev1-pk-a12.cpp"
-# 17 "ikev1-pk-a12.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-
-
-
-
-
-
-
-hashfunction H;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-
-
- var Ci, Cr: Nonce;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, KDF(Ni, Nr, h(g(r),i), Ci, Cr) );
- send_!SWAP2( SWAP, SWAP, KDF(Ni, Nr, h(g(i),r), Ci, Cr) );
-
- }
-
-
-}
-# 18 "ikev1-pk-a12.cpp" 2
-# 27 "ikev1-pk-a12.cpp"
-usertype String;
-const list, algo: String;
-
-
-
-
-
-
-
-protocol @executability(O) {
-
-
- role O {
- var i, r, Ni, Nr, Ci, Cr: Nonce;
- var I, R: Agent;
-
-
- recv_!O1( O, O, prf(Ni, Nr, h(g(i),r), g(r), g(i), Cr, Ci, list, R) );
- send_!O2( O, O, prf(Ni, Nr, h(g(r),i), g(r), g(i), Cr, Ci, list, R) );
-
-
- recv_!O3( O, O, {prf(Ni, Nr, h(g(r),i), g(i), g(r), Ci, Cr, list, I)}KDF(Ni, Nr, h(g(r),i), Ci, Cr) );
- send_!O4( O, O, {prf(Ni, Nr, h(g(i),r), g(i), g(r), Ci, Cr, list, I)}KDF(Ni, Nr, h(g(i),r), Ci, Cr) );
-
- }
-
-
-}
-
-protocol ikev1-pk-a12(I, R)
-{
- role I {
- fresh i, Ni, Ci: Nonce;
- var Nr, Cr: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, Ci, list, g(i), {I}pk(R), {Ni}pk(R) );
- recv_!2( R, I, Ci, Cr, algo, Gr, {R}pk(I), {Nr}pk(I), prf(Ni, Nr, h(Gr,i), Gr, g(i), Cr, Ci, list, R) );
- claim( I, Running, R, g(i),Gr,Ci,Cr,Ni,Nr );
- send_!3( I, R, Ci, Cr, {prf(Ni, Nr, h(Gr,i), g(i), Gr, Ci, Cr, list, I)}KDF(Ni, Nr, h(Gr,i), Ci, Cr) );
-
-
- claim( I, SKR, KDF(Ni, Nr, h(Gr,i), Ci, Cr) );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, g(i),Gr,Ci,Cr,Ni,Nr );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Ci, list, Gi, {I}pk(R), {Ni}pk(R) );
- claim( R, Running, I, Gi,g(r),Ci,Cr,Ni,Nr );
- send_!2( R, I, Ci, Cr, algo, g(r), {R}pk(I), {Nr}pk(I), prf(Ni, Nr, h(Gi,r), g(r), Gi, Cr, Ci, list, R) );
- recv_!3( I, R, Ci, Cr, {prf(Ni, Nr, h(Gi,r), Gi, g(r), Ci, Cr, list, I)}KDF(Ni, Nr, h(Gi,r), Ci, Cr) );
-
-
- claim( R, SKR, KDF(Ni, Nr, h(Gi,r), Ci, Cr) );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Gi,g(r),Ci,Cr,Ni,Nr );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk-a2.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk-a2.cpp
deleted file mode 100644
index b149cfe78c02db2ed8758b0f710e0dc4f2a9f251..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk-a2.cpp
+++ /dev/null
@@ -1,97 +0,0 @@
-/**********************************************************************
- * @protocol Internet Key Exchange Protocol (IKEv1)
- * @reference RFC 2409,
- * Boyd C. and Mathuria A., Protocols for Authentication
- * and Key Agreement
- * @variant Public key authentication (aggressive mode),
- * last message not encrypted, nonce and id encrypted
- * together
- **********************************************************************/
-
-/**
- * MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
- */
-
-#define __IKEV1__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-#define SKEYID prf(H(Ni,Nr),Ci,Cr)
-#define HASH_Ii prf(Ni, Nr, Zi, g(i), Gr, Ci, Cr, list, I)
-#define HASH_Ir prf(Ni, Nr, Zr, Gi, g(r), Ci, Cr, list, I)
-#define HASH_Ri prf(Ni, Nr, Zi, Gr, g(i), Cr, Ci, list, R)
-#define HASH_Rr prf(Ni, Nr, Zr, g(r), Gi, Cr, Ci, list, R)
-#define HASH1 H(CERT(R))
-
-usertype String;
-const list, algo: String;
-
-
-/**
- * This role serves as an "oracle" to ensure the executability of the
- * protocol by taking care of the problems that arise from our way of
- * modelling Diffie-Hellman keys.
- */
-protocol @executability(O) {
-#define Gi g(i)
-#define Gr g(r)
- role O {
- var i, r, Ni, Nr, Ci, Cr: Nonce;
- var I, R: Agent;
-
- // msg 2
- recv_!O1( O, O, HASH_Rr );
- send_!O2( O, O, HASH_Ri );
-
- // msg 3
- recv_!O3( O, O, HASH_Ii );
- send_!O4( O, O, HASH_Ir );
-
- }
-#undef Gi
-#undef Gr
-}
-
-
-protocol ikev1-pk-a2(I, R)
-{
- role I {
- fresh i, Ni, Ci: Nonce;
- var Nr, Cr: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, Ci, list, g(i), {I,Ni}pk(R) );
- recv_!2( R, I, Ci, Cr, algo, Gr, {R,Nr}pk(I), HASH_Ri );
- claim( I, Running, R, g(i),Gr,Ci,Cr,Ni,Nr );
- send_!3( I, R, Ci, Cr, HASH_Ii );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, g(i),Gr,Ci,Cr,Ni,Nr );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Ci, list, Gi, {I,Ni}pk(R) );
- claim( R, Running, I, Gi,g(r),Ci,Cr,Ni,Nr );
- send_!2( R, I, Ci, Cr, algo, g(r), {R,Nr}pk(I), HASH_Rr );
- recv_!3( I, R, Ci, Cr, HASH_Ir );
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Gi,g(r),Ci,Cr,Ni,Nr );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk-a2.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk-a2.spdl
deleted file mode 100644
index 60b9fb4b7b547392fcee38ba0c7aa004eb3fb029..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk-a2.spdl
+++ /dev/null
@@ -1,129 +0,0 @@
-# 1 "ikev1-pk-a2.cpp"
-# 1 "<command-line>"
-# 1 "ikev1-pk-a2.cpp"
-# 18 "ikev1-pk-a2.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-
-
-
-
-
-
-
-hashfunction H;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-
-
- var Ci, Cr: Nonce;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, KDF(Ni, Nr, h(g(r),i), Ci, Cr) );
- send_!SWAP2( SWAP, SWAP, KDF(Ni, Nr, h(g(i),r), Ci, Cr) );
-
- }
-
-
-}
-# 19 "ikev1-pk-a2.cpp" 2
-# 28 "ikev1-pk-a2.cpp"
-usertype String;
-const list, algo: String;
-
-
-
-
-
-
-
-protocol @executability(O) {
-
-
- role O {
- var i, r, Ni, Nr, Ci, Cr: Nonce;
- var I, R: Agent;
-
-
- recv_!O1( O, O, prf(Ni, Nr, h(g(i),r), g(r), g(i), Cr, Ci, list, R) );
- send_!O2( O, O, prf(Ni, Nr, h(g(r),i), g(r), g(i), Cr, Ci, list, R) );
-
-
- recv_!O3( O, O, prf(Ni, Nr, h(g(r),i), g(i), g(r), Ci, Cr, list, I) );
- send_!O4( O, O, prf(Ni, Nr, h(g(i),r), g(i), g(r), Ci, Cr, list, I) );
-
- }
-
-
-}
-
-
-protocol ikev1-pk-a2(I, R)
-{
- role I {
- fresh i, Ni, Ci: Nonce;
- var Nr, Cr: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, Ci, list, g(i), {I,Ni}pk(R) );
- recv_!2( R, I, Ci, Cr, algo, Gr, {R,Nr}pk(I), prf(Ni, Nr, h(Gr,i), Gr, g(i), Cr, Ci, list, R) );
- claim( I, Running, R, g(i),Gr,Ci,Cr,Ni,Nr );
- send_!3( I, R, Ci, Cr, prf(Ni, Nr, h(Gr,i), g(i), Gr, Ci, Cr, list, I) );
-
-
- claim( I, SKR, KDF(Ni, Nr, h(Gr,i), Ci, Cr) );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, g(i),Gr,Ci,Cr,Ni,Nr );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Ci, list, Gi, {I,Ni}pk(R) );
- claim( R, Running, I, Gi,g(r),Ci,Cr,Ni,Nr );
- send_!2( R, I, Ci, Cr, algo, g(r), {R,Nr}pk(I), prf(Ni, Nr, h(Gi,r), g(r), Gi, Cr, Ci, list, R) );
- recv_!3( I, R, Ci, Cr, prf(Ni, Nr, h(Gi,r), Gi, g(r), Ci, Cr, list, I) );
-
-
- claim( R, SKR, KDF(Ni, Nr, h(Gi,r), Ci, Cr) );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Gi,g(r),Ci,Cr,Ni,Nr );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk-a22.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk-a22.cpp
deleted file mode 100644
index a71e20a29f6002012ad1148b760548c1885fc9dd..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk-a22.cpp
+++ /dev/null
@@ -1,95 +0,0 @@
-/**********************************************************************
- * @protocol Internet Key Exchange Protocol (IKEv1)
- * @reference RFC 2409,
- * Boyd C. and Mathuria A., Protocols for Authentication
- * and Key Agreement
- * @variant Public key authentication (aggressive mode),
- * last message encrypted, nonce and id encrypted together
- **********************************************************************/
-
-/**
- * MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
- */
-
-#define __IKEV1__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-#define SKEYID prf(H(Ni,Nr),Ci,Cr)
-#define HASH_Ii prf(Ni, Nr, Zi, g(i), Gr, Ci, Cr, list, I)
-#define HASH_Ir prf(Ni, Nr, Zr, Gi, g(r), Ci, Cr, list, I)
-#define HASH_Ri prf(Ni, Nr, Zi, Gr, g(i), Cr, Ci, list, R)
-#define HASH_Rr prf(Ni, Nr, Zr, g(r), Gi, Cr, Ci, list, R)
-#define HASH1 H(CERT(R))
-
-usertype String;
-const list, algo: String;
-
-
-/**
- * This role serves as an "oracle" to ensure the executability of the
- * protocol by taking care of the problems that arise from our way of
- * modelling Diffie-Hellman keys.
- */
-protocol @executability(O) {
-#define Gi g(i)
-#define Gr g(r)
- role O {
- var i, r, Ni, Nr, Ci, Cr: Nonce;
- var I, R: Agent;
-
- // msg 2
- recv_!O1( O, O, HASH_Rr );
- send_!O2( O, O, HASH_Ri );
-
- // msg 3
- recv_!O3( O, O, {HASH_Ii}SKi );
- send_!O4( O, O, {HASH_Ir}SKr );
-
- }
-#undef Gi
-#undef Gr
-}
-
-protocol ikev1-pk-a22(I, R)
-{
- role I {
- fresh i, Ni, Ci: Nonce;
- var Nr, Cr: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, Ci, list, g(i), {I,Ni}pk(R) );
- recv_!2( R, I, Ci, Cr, algo, Gr, {R,Nr}pk(I), HASH_Ri );
- claim( I, Running, R, g(i),Gr,Ci,Cr,Ni,Nr );
- send_!3( I, R, Ci, Cr, {HASH_Ii}SKi );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, g(i),Gr,Ci,Cr,Ni,Nr );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Ci, list, Gi, {I,Ni}pk(R) );
- claim( R, Running, I, Gi,g(r),Ci,Cr,Ni,Nr );
- send_!2( R, I, Ci, Cr, algo, g(r), {R,Nr}pk(I), HASH_Rr );
- recv_!3( I, R, Ci, Cr, {HASH_Ir}SKr );
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Gi,g(r),Ci,Cr,Ni,Nr );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk-a22.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk-a22.spdl
deleted file mode 100644
index 1c59323ef5a66c5b23c353d579459aa5f3013823..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk-a22.spdl
+++ /dev/null
@@ -1,128 +0,0 @@
-# 1 "ikev1-pk-a22.cpp"
-# 1 "<command-line>"
-# 1 "ikev1-pk-a22.cpp"
-# 17 "ikev1-pk-a22.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-
-
-
-
-
-
-
-hashfunction H;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-
-
- var Ci, Cr: Nonce;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, KDF(Ni, Nr, h(g(r),i), Ci, Cr) );
- send_!SWAP2( SWAP, SWAP, KDF(Ni, Nr, h(g(i),r), Ci, Cr) );
-
- }
-
-
-}
-# 18 "ikev1-pk-a22.cpp" 2
-# 27 "ikev1-pk-a22.cpp"
-usertype String;
-const list, algo: String;
-
-
-
-
-
-
-
-protocol @executability(O) {
-
-
- role O {
- var i, r, Ni, Nr, Ci, Cr: Nonce;
- var I, R: Agent;
-
-
- recv_!O1( O, O, prf(Ni, Nr, h(g(i),r), g(r), g(i), Cr, Ci, list, R) );
- send_!O2( O, O, prf(Ni, Nr, h(g(r),i), g(r), g(i), Cr, Ci, list, R) );
-
-
- recv_!O3( O, O, {prf(Ni, Nr, h(g(r),i), g(i), g(r), Ci, Cr, list, I)}KDF(Ni, Nr, h(g(r),i), Ci, Cr) );
- send_!O4( O, O, {prf(Ni, Nr, h(g(i),r), g(i), g(r), Ci, Cr, list, I)}KDF(Ni, Nr, h(g(i),r), Ci, Cr) );
-
- }
-
-
-}
-
-protocol ikev1-pk-a22(I, R)
-{
- role I {
- fresh i, Ni, Ci: Nonce;
- var Nr, Cr: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, Ci, list, g(i), {I,Ni}pk(R) );
- recv_!2( R, I, Ci, Cr, algo, Gr, {R,Nr}pk(I), prf(Ni, Nr, h(Gr,i), Gr, g(i), Cr, Ci, list, R) );
- claim( I, Running, R, g(i),Gr,Ci,Cr,Ni,Nr );
- send_!3( I, R, Ci, Cr, {prf(Ni, Nr, h(Gr,i), g(i), Gr, Ci, Cr, list, I)}KDF(Ni, Nr, h(Gr,i), Ci, Cr) );
-
-
- claim( I, SKR, KDF(Ni, Nr, h(Gr,i), Ci, Cr) );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, g(i),Gr,Ci,Cr,Ni,Nr );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Ci, list, Gi, {I,Ni}pk(R) );
- claim( R, Running, I, Gi,g(r),Ci,Cr,Ni,Nr );
- send_!2( R, I, Ci, Cr, algo, g(r), {R,Nr}pk(I), prf(Ni, Nr, h(Gi,r), g(r), Gi, Cr, Ci, list, R) );
- recv_!3( I, R, Ci, Cr, {prf(Ni, Nr, h(Gi,r), Gi, g(r), Ci, Cr, list, I)}KDF(Ni, Nr, h(Gi,r), Ci, Cr) );
-
-
- claim( R, SKR, KDF(Ni, Nr, h(Gi,r), Ci, Cr) );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Gi,g(r),Ci,Cr,Ni,Nr );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk-m.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk-m.cpp
deleted file mode 100644
index 1b27c5ff0422fe7b348d242342b771ae7e072909..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk-m.cpp
+++ /dev/null
@@ -1,103 +0,0 @@
-/**********************************************************************
- * @protocol Internet Key Exchange Protocol (IKEv1)
- * @reference RFC 2409,
- * Boyd C. and Mathuria A., Protocols for Authentication
- * and Key Agreement
- * @variant Public key authentication (main mode)
- **********************************************************************/
-
-/**
- * MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
- */
-
-#define __IKEV1__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-#define SKEYID prf(H(Ni,Nr),Ci,Cr)
-#define HASH_Ii prf(Ni, Nr, Zi, g(i), Gr, Ci, Cr, list, I)
-#define HASH_Ir prf(Ni, Nr, Zr, Gi, g(r), Ci, Cr, list, I)
-#define HASH_Ri prf(Ni, Nr, Zi, Gr, g(i), Cr, Ci, list, R)
-#define HASH_Rr prf(Ni, Nr, Zr, g(r), Gi, Cr, Ci, list, R)
-#define HASH1 H({R, pk(R)}sk(s))
-
-
-usertype String;
-const list, algo: String;
-
-
-/**
- * This role serves as an "oracle" to ensure the executability of the
- * protocol by taking care of the problems that arise from our way of
- * modelling Diffie-Hellman keys.
- */
-protocol @executability(O) {
-#define Gi g(i)
-#define Gr g(r)
- role O {
- var i, r, Ni, Nr, Ci, Cr: Nonce;
- var I, R: Agent;
-
- // msg 5
- recv_!O1( O, O, {HASH_Ii}SKi );
- send_!O2( O, O, {HASH_Ir}SKr );
-
- // msg 6
- recv_!O3( O, O, {HASH_Rr}SKr );
- send_!O4( O, O, {HASH_Ri}SKi );
-
- }
-#undef Gi
-#undef Gr
-}
-
-
-protocol ikev1-pk-m(I, R)
-{
- role I {
- fresh i, Ni, Ci: Nonce;
- var Nr, Cr: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, Ci, list );
- recv_2( R, I, Ci, Cr, algo );
- send_3( I, R, Ci, Cr, g(i), {I}pk(R), {Ni}pk(R) );
- recv_4( R, I, Ci, Cr, Gr, {R}pk(I), {Nr}pk(I) );
- claim( I, Running, R, g(i),Gr,Ci,Cr,Ni,Nr );
- send_!5( I, R, Ci, Cr, {HASH_Ii}SKi );
- recv_!6( R, I, Ci, Cr, {HASH_Ri}SKi );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, g(i),Gr,Ci,Cr,Ni,Nr );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Ci, list );
- send_2( R, I, Ci, Cr, algo );
- recv_3( I, R, Ci, Cr, Gi, {I}pk(R), {Ni}pk(R) );
- send_4( R, I, Ci, Cr, g(r), {R}pk(I), {Nr}pk(I) );
- recv_!5( I, R, Ci, Cr, {HASH_Ir}SKr );
- claim( R, Running, I, Gi,g(r),Ci,Cr,Ni,Nr );
- send_!6( R, I, Ci, Cr, {HASH_Rr}SKr );
-
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Gi,g(r),Ci,Cr,Ni,Nr );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk-m.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk-m.spdl
deleted file mode 100644
index 843613370c9b6bbbe84e63a52207f051d0027e04..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk-m.spdl
+++ /dev/null
@@ -1,136 +0,0 @@
-# 1 "ikev1-pk-m.cpp"
-# 1 "<command-line>"
-# 1 "ikev1-pk-m.cpp"
-# 16 "ikev1-pk-m.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-
-
-
-
-
-
-
-hashfunction H;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-
-
- var Ci, Cr: Nonce;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, KDF(Ni, Nr, h(g(r),i), Ci, Cr) );
- send_!SWAP2( SWAP, SWAP, KDF(Ni, Nr, h(g(i),r), Ci, Cr) );
-
- }
-
-
-}
-# 17 "ikev1-pk-m.cpp" 2
-# 27 "ikev1-pk-m.cpp"
-usertype String;
-const list, algo: String;
-
-
-
-
-
-
-
-protocol @executability(O) {
-
-
- role O {
- var i, r, Ni, Nr, Ci, Cr: Nonce;
- var I, R: Agent;
-
-
- recv_!O1( O, O, {prf(Ni, Nr, h(g(r),i), g(i), g(r), Ci, Cr, list, I)}KDF(Ni, Nr, h(g(r),i), Ci, Cr) );
- send_!O2( O, O, {prf(Ni, Nr, h(g(i),r), g(i), g(r), Ci, Cr, list, I)}KDF(Ni, Nr, h(g(i),r), Ci, Cr) );
-
-
- recv_!O3( O, O, {prf(Ni, Nr, h(g(i),r), g(r), g(i), Cr, Ci, list, R)}KDF(Ni, Nr, h(g(i),r), Ci, Cr) );
- send_!O4( O, O, {prf(Ni, Nr, h(g(r),i), g(r), g(i), Cr, Ci, list, R)}KDF(Ni, Nr, h(g(r),i), Ci, Cr) );
-
- }
-
-
-}
-
-
-protocol ikev1-pk-m(I, R)
-{
- role I {
- fresh i, Ni, Ci: Nonce;
- var Nr, Cr: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, Ci, list );
- recv_2( R, I, Ci, Cr, algo );
- send_3( I, R, Ci, Cr, g(i), {I}pk(R), {Ni}pk(R) );
- recv_4( R, I, Ci, Cr, Gr, {R}pk(I), {Nr}pk(I) );
- claim( I, Running, R, g(i),Gr,Ci,Cr,Ni,Nr );
- send_!5( I, R, Ci, Cr, {prf(Ni, Nr, h(Gr,i), g(i), Gr, Ci, Cr, list, I)}KDF(Ni, Nr, h(Gr,i), Ci, Cr) );
- recv_!6( R, I, Ci, Cr, {prf(Ni, Nr, h(Gr,i), Gr, g(i), Cr, Ci, list, R)}KDF(Ni, Nr, h(Gr,i), Ci, Cr) );
-
-
- claim( I, SKR, KDF(Ni, Nr, h(Gr,i), Ci, Cr) );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, g(i),Gr,Ci,Cr,Ni,Nr );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Ci, list );
- send_2( R, I, Ci, Cr, algo );
- recv_3( I, R, Ci, Cr, Gi, {I}pk(R), {Ni}pk(R) );
- send_4( R, I, Ci, Cr, g(r), {R}pk(I), {Nr}pk(I) );
- recv_!5( I, R, Ci, Cr, {prf(Ni, Nr, h(Gi,r), Gi, g(r), Ci, Cr, list, I)}KDF(Ni, Nr, h(Gi,r), Ci, Cr) );
- claim( R, Running, I, Gi,g(r),Ci,Cr,Ni,Nr );
- send_!6( R, I, Ci, Cr, {prf(Ni, Nr, h(Gi,r), g(r), Gi, Cr, Ci, list, R)}KDF(Ni, Nr, h(Gi,r), Ci, Cr) );
-
-
-
- claim( R, SKR, KDF(Ni, Nr, h(Gi,r), Ci, Cr) );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Gi,g(r),Ci,Cr,Ni,Nr );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk-m2.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk-m2.cpp
deleted file mode 100644
index fc08ea0e18493bf955f52faa68b77956533dd283..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk-m2.cpp
+++ /dev/null
@@ -1,102 +0,0 @@
-/**********************************************************************
- * @protocol Internet Key Exchange Protocol (IKEv1)
- * @reference RFC 2409,
- * Boyd C. and Mathuria A., Protocols for Authentication
- * and Key Agreement
- * @variant Public key authentication (main mode),
- * Nonce and id encrypted together
- **********************************************************************/
-
-/**
- * MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
- */
-
-#define __IKEV1__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-#define SKEYID prf(H(Ni,Nr),Ci,Cr)
-#define HASH_Ii prf(Ni, Nr, Zi, g(i), Gr, Ci, Cr, list, I)
-#define HASH_Ir prf(Ni, Nr, Zr, Gi, g(r), Ci, Cr, list, I)
-#define HASH_Ri prf(Ni, Nr, Zi, Gr, g(i), Cr, Ci, list, R)
-#define HASH_Rr prf(Ni, Nr, Zr, g(r), Gi, Cr, Ci, list, R)
-
-
-usertype String;
-const list, algo: String;
-
-
-/**
- * This role serves as an "oracle" to ensure the executability of the
- * protocol by taking care of the problems that arise from our way of
- * modelling Diffie-Hellman keys.
- */
-protocol @executability(O) {
-#define Gi g(i)
-#define Gr g(r)
- role O {
- var i, r, Ni, Nr, Ci, Cr: Nonce;
- var I, R: Agent;
-
- // msg 5
- recv_!O1( O, O, {HASH_Ii}SKi );
- send_!O2( O, O, {HASH_Ir}SKr );
-
- // msg 6
- recv_!O3( O, O, {HASH_Rr}SKr );
- send_!O4( O, O, {HASH_Ri}SKi );
-
- }
-#undef Gi
-#undef Gr
-}
-
-protocol ikev1-pk-m2(I, R)
-{
- role I {
- fresh i, Ni, Ci: Nonce;
- var Nr, Cr: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, Ci, list );
- recv_2( R, I, Ci, Cr, algo );
- send_3( I, R, Ci, Cr, g(i), {I,Ni}pk(R) );
- recv_4( R, I, Ci, Cr, Gr, {R,Nr}pk(I) );
- claim( I, Running, R, g(i),Gr,Ci,Cr,Ni,Nr );
- send_!5( I, R, Ci, Cr, {HASH_Ii}SKi );
- recv_!6( R, I, Ci, Cr, {HASH_Ri}SKi );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, g(i),Gr,Ci,Cr,Ni,Nr );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Ci, list );
- send_2( R, I, Ci, Cr, algo );
- recv_3( I, R, Ci, Cr, Gi, {I,Ni}pk(R) );
- send_4( R, I, Ci, Cr, g(r), {R,Nr}pk(I) );
- recv_!5( I, R, Ci, Cr, {HASH_Ir}SKr );
- claim( R, Running, I, Gi,g(r),Ci,Cr,Ni,Nr );
- send_!6( R, I, Ci, Cr, {HASH_Rr}SKr );
-
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Gi,g(r),Ci,Cr,Ni,Nr );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk-m2.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk-m2.spdl
deleted file mode 100644
index b625de59f3e42d90ead5b0cf8a83fba0a7cd80f6..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk-m2.spdl
+++ /dev/null
@@ -1,135 +0,0 @@
-# 1 "ikev1-pk-m2.cpp"
-# 1 "<command-line>"
-# 1 "ikev1-pk-m2.cpp"
-# 17 "ikev1-pk-m2.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-
-
-
-
-
-
-
-hashfunction H;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-
-
- var Ci, Cr: Nonce;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, KDF(Ni, Nr, h(g(r),i), Ci, Cr) );
- send_!SWAP2( SWAP, SWAP, KDF(Ni, Nr, h(g(i),r), Ci, Cr) );
-
- }
-
-
-}
-# 18 "ikev1-pk-m2.cpp" 2
-# 27 "ikev1-pk-m2.cpp"
-usertype String;
-const list, algo: String;
-
-
-
-
-
-
-
-protocol @executability(O) {
-
-
- role O {
- var i, r, Ni, Nr, Ci, Cr: Nonce;
- var I, R: Agent;
-
-
- recv_!O1( O, O, {prf(Ni, Nr, h(g(r),i), g(i), g(r), Ci, Cr, list, I)}KDF(Ni, Nr, h(g(r),i), Ci, Cr) );
- send_!O2( O, O, {prf(Ni, Nr, h(g(i),r), g(i), g(r), Ci, Cr, list, I)}KDF(Ni, Nr, h(g(i),r), Ci, Cr) );
-
-
- recv_!O3( O, O, {prf(Ni, Nr, h(g(i),r), g(r), g(i), Cr, Ci, list, R)}KDF(Ni, Nr, h(g(i),r), Ci, Cr) );
- send_!O4( O, O, {prf(Ni, Nr, h(g(r),i), g(r), g(i), Cr, Ci, list, R)}KDF(Ni, Nr, h(g(r),i), Ci, Cr) );
-
- }
-
-
-}
-
-protocol ikev1-pk-m2(I, R)
-{
- role I {
- fresh i, Ni, Ci: Nonce;
- var Nr, Cr: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, Ci, list );
- recv_2( R, I, Ci, Cr, algo );
- send_3( I, R, Ci, Cr, g(i), {I,Ni}pk(R) );
- recv_4( R, I, Ci, Cr, Gr, {R,Nr}pk(I) );
- claim( I, Running, R, g(i),Gr,Ci,Cr,Ni,Nr );
- send_!5( I, R, Ci, Cr, {prf(Ni, Nr, h(Gr,i), g(i), Gr, Ci, Cr, list, I)}KDF(Ni, Nr, h(Gr,i), Ci, Cr) );
- recv_!6( R, I, Ci, Cr, {prf(Ni, Nr, h(Gr,i), Gr, g(i), Cr, Ci, list, R)}KDF(Ni, Nr, h(Gr,i), Ci, Cr) );
-
-
- claim( I, SKR, KDF(Ni, Nr, h(Gr,i), Ci, Cr) );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, g(i),Gr,Ci,Cr,Ni,Nr );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Ci, list );
- send_2( R, I, Ci, Cr, algo );
- recv_3( I, R, Ci, Cr, Gi, {I,Ni}pk(R) );
- send_4( R, I, Ci, Cr, g(r), {R,Nr}pk(I) );
- recv_!5( I, R, Ci, Cr, {prf(Ni, Nr, h(Gi,r), Gi, g(r), Ci, Cr, list, I)}KDF(Ni, Nr, h(Gi,r), Ci, Cr) );
- claim( R, Running, I, Gi,g(r),Ci,Cr,Ni,Nr );
- send_!6( R, I, Ci, Cr, {prf(Ni, Nr, h(Gi,r), g(r), Gi, Cr, Ci, list, R)}KDF(Ni, Nr, h(Gi,r), Ci, Cr) );
-
-
-
- claim( R, SKR, KDF(Ni, Nr, h(Gi,r), Ci, Cr) );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Gi,g(r),Ci,Cr,Ni,Nr );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk2-a.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk2-a.cpp
deleted file mode 100644
index 9549e44a977c46e509e6e578669ca8f6a783b7ea..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk2-a.cpp
+++ /dev/null
@@ -1,97 +0,0 @@
-/**********************************************************************
- * @protocol Internet Key Exchange Protocol (IKEv1)
- * @reference RFC 2409,
- * Boyd C. and Mathuria A., Protocols for Authentication
- * and Key Agreement
- * @variant Revised public key authentication (aggressive mode)
- **********************************************************************/
-
-/**
- * MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
- */
-
-#define __IKEV1__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-#define SKEYID prf(H(Ni,Nr),Ci,Cr)
-#define HASH_Ii prf(Ni, Nr, Zi, g(i), Gr, Ci, Cr, list, I)
-#define HASH_Ir prf(Ni, Nr, Zr, Gi, g(r), Ci, Cr, list, I)
-#define HASH_Ri prf(Ni, Nr, Zi, Gr, g(i), Cr, Ci, list, R)
-#define HASH_Rr prf(Ni, Nr, Zr, g(r), Gi, Cr, Ci, list, R)
-#define Nei prf(Ni, Ci)
-#define Ner prf(Nr, Cr)
-
-
-usertype String;
-const list, algo: String;
-
-
-/**
- * This role serves as an "oracle" to ensure the executability of the
- * protocol by taking care of the problems that arise from our way of
- * modelling Diffie-Hellman keys.
- */
-protocol @executability(O) {
-#define Gi g(i)
-#define Gr g(r)
- role O {
- var i, r, Ni, Nr, Ci, Cr: Nonce;
- var I, R: Agent;
-
- // msg 2
- recv_!O1( O, O, HASH_Rr );
- send_!O2( O, O, HASH_Ri );
-
- // msg 3
- recv_!O3( O, O, HASH_Ir );
- send_!O4( O, O, HASH_Ii );
-
- }
-#undef Gi
-#undef Gr
-}
-
-
-protocol ikev1-pk2-a(I, R)
-{
- role I {
- fresh i, Ni, Ci: Nonce;
- var Nr, Cr: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, Ci, list, {Ni}pk(R), {g(i)}Nei, {I}Nei );
- recv_!2( R, I, Ci, Cr, algo, {Nr}pk(I), {Gr}Ner, {R}Ner, HASH_Ri );
- claim( I, Running, R, g(i),Gr,Ci,Cr,Ni,Nr );
- send_!3( I, R, Ci, Cr, HASH_Ii );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, g(i),Gr,Ci,Cr,Ni,Nr );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Ci, list, {Ni}pk(R), {Gi}Nei, {I}Nei );
- claim( R, Running, I, Gi,g(r),Ci,Cr,Ni,Nr );
- send_!2( R, I, Ci, Cr, algo, {Nr}pk(I), {g(r)}Ner, {R}Ner, HASH_Rr );
- recv_!3( I, R, Ci, Cr, HASH_Ir );
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Gi,g(r),Ci,Cr,Ni,Nr );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk2-a.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk2-a.spdl
deleted file mode 100644
index 971122ae220e4e956b74969726930104d5271986..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk2-a.spdl
+++ /dev/null
@@ -1,129 +0,0 @@
-# 1 "ikev1-pk2-a.cpp"
-# 1 "<command-line>"
-# 1 "ikev1-pk2-a.cpp"
-# 16 "ikev1-pk2-a.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-
-
-
-
-
-
-
-hashfunction H;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-
-
- var Ci, Cr: Nonce;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, KDF(Ni, Nr, h(g(r),i), Ci, Cr) );
- send_!SWAP2( SWAP, SWAP, KDF(Ni, Nr, h(g(i),r), Ci, Cr) );
-
- }
-
-
-}
-# 17 "ikev1-pk2-a.cpp" 2
-# 28 "ikev1-pk2-a.cpp"
-usertype String;
-const list, algo: String;
-
-
-
-
-
-
-
-protocol @executability(O) {
-
-
- role O {
- var i, r, Ni, Nr, Ci, Cr: Nonce;
- var I, R: Agent;
-
-
- recv_!O1( O, O, prf(Ni, Nr, h(g(i),r), g(r), g(i), Cr, Ci, list, R) );
- send_!O2( O, O, prf(Ni, Nr, h(g(r),i), g(r), g(i), Cr, Ci, list, R) );
-
-
- recv_!O3( O, O, prf(Ni, Nr, h(g(i),r), g(i), g(r), Ci, Cr, list, I) );
- send_!O4( O, O, prf(Ni, Nr, h(g(r),i), g(i), g(r), Ci, Cr, list, I) );
-
- }
-
-
-}
-
-
-protocol ikev1-pk2-a(I, R)
-{
- role I {
- fresh i, Ni, Ci: Nonce;
- var Nr, Cr: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, Ci, list, {Ni}pk(R), {g(i)}prf(Ni, Ci), {I}prf(Ni, Ci) );
- recv_!2( R, I, Ci, Cr, algo, {Nr}pk(I), {Gr}prf(Nr, Cr), {R}prf(Nr, Cr), prf(Ni, Nr, h(Gr,i), Gr, g(i), Cr, Ci, list, R) );
- claim( I, Running, R, g(i),Gr,Ci,Cr,Ni,Nr );
- send_!3( I, R, Ci, Cr, prf(Ni, Nr, h(Gr,i), g(i), Gr, Ci, Cr, list, I) );
-
-
- claim( I, SKR, KDF(Ni, Nr, h(Gr,i), Ci, Cr) );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, g(i),Gr,Ci,Cr,Ni,Nr );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Ci, list, {Ni}pk(R), {Gi}prf(Ni, Ci), {I}prf(Ni, Ci) );
- claim( R, Running, I, Gi,g(r),Ci,Cr,Ni,Nr );
- send_!2( R, I, Ci, Cr, algo, {Nr}pk(I), {g(r)}prf(Nr, Cr), {R}prf(Nr, Cr), prf(Ni, Nr, h(Gi,r), g(r), Gi, Cr, Ci, list, R) );
- recv_!3( I, R, Ci, Cr, prf(Ni, Nr, h(Gi,r), Gi, g(r), Ci, Cr, list, I) );
-
-
- claim( R, SKR, KDF(Ni, Nr, h(Gi,r), Ci, Cr) );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Gi,g(r),Ci,Cr,Ni,Nr );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk2-a2.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk2-a2.cpp
deleted file mode 100644
index a8536fbe952f2f8d5c7b86ac6208bb626aa0f437..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk2-a2.cpp
+++ /dev/null
@@ -1,97 +0,0 @@
-/**********************************************************************
- * @protocol Internet Key Exchange Protocol (IKEv1)
- * @reference RFC 2409,
- * Boyd C. and Mathuria A., Protocols for Authentication
- * and Key Agreement
- * @variant Revised public key authentication (aggressive mode),
- * Diffie-Hellman token encrypted together with identity
- **********************************************************************/
-
-/**
- * MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
- */
-
-#define __IKEV1__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-#define SKEYID prf(H(Ni,Nr),Ci,Cr)
-#define HASH_Ii prf(Ni, Nr, Zi, g(i), Gr, Ci, Cr, list, I)
-#define HASH_Ir prf(Ni, Nr, Zr, Gi, g(r), Ci, Cr, list, I)
-#define HASH_Ri prf(Ni, Nr, Zi, Gr, g(i), Cr, Ci, list, R)
-#define HASH_Rr prf(Ni, Nr, Zr, g(r), Gi, Cr, Ci, list, R)
-#define Nei prf(Ni, Ci)
-#define Ner prf(Nr, Cr)
-
-
-usertype String;
-const list, algo: String;
-
-
-/**
- * This role serves as an "oracle" to ensure the executability of the
- * protocol by taking care of the problems that arise from our way of
- * modelling Diffie-Hellman keys.
- */
-protocol @executability(O) {
-#define Gi g(i)
-#define Gr g(r)
- role O {
- var i, r, Ni, Nr, Ci, Cr: Nonce;
- var I, R: Agent;
-
- // msg 2
- recv_!O1( O, O, HASH_Rr );
- send_!O2( O, O, HASH_Ri );
-
- // msg 3
- recv_!O3( O, O, HASH_Ir );
- send_!O4( O, O, HASH_Ii );
-
- }
-#undef Gi
-#undef Gr
-}
-
-protocol ikev1-pk2-a2(I, R)
-{
- role I {
- fresh i, Ni, Ci: Nonce;
- var Nr, Cr: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, Ci, list, {Ni}pk(R), {g(i),I}Nei );
- recv_!2( R, I, Ci, Cr, algo, {Nr}pk(I), {Gr,R}Ner, HASH_Ri );
- claim( I, Running, R, g(i),Gr,Ci,Cr,Ni,Nr );
- send_!3( I, R, Ci, Cr, HASH_Ii );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, g(i),Gr,Ci,Cr,Ni,Nr );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Ci, list, {Ni}pk(R), {Gi,I}Nei );
- claim( R, Running, I, Gi,g(r),Ci,Cr,Ni,Nr );
- send_!2( R, I, Ci, Cr, algo, {Nr}pk(I), {g(r),R}Ner, HASH_Rr );
- recv_!3( I, R, Ci, Cr, HASH_Ir );
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Gi,g(r),Ci,Cr,Ni,Nr );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk2-a2.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk2-a2.spdl
deleted file mode 100644
index 51e0d179122a74b46efd8935524f77fa96fb250a..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk2-a2.spdl
+++ /dev/null
@@ -1,128 +0,0 @@
-# 1 "ikev1-pk2-a2.cpp"
-# 1 "<command-line>"
-# 1 "ikev1-pk2-a2.cpp"
-# 17 "ikev1-pk2-a2.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-
-
-
-
-
-
-
-hashfunction H;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-
-
- var Ci, Cr: Nonce;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, KDF(Ni, Nr, h(g(r),i), Ci, Cr) );
- send_!SWAP2( SWAP, SWAP, KDF(Ni, Nr, h(g(i),r), Ci, Cr) );
-
- }
-
-
-}
-# 18 "ikev1-pk2-a2.cpp" 2
-# 29 "ikev1-pk2-a2.cpp"
-usertype String;
-const list, algo: String;
-
-
-
-
-
-
-
-protocol @executability(O) {
-
-
- role O {
- var i, r, Ni, Nr, Ci, Cr: Nonce;
- var I, R: Agent;
-
-
- recv_!O1( O, O, prf(Ni, Nr, h(g(i),r), g(r), g(i), Cr, Ci, list, R) );
- send_!O2( O, O, prf(Ni, Nr, h(g(r),i), g(r), g(i), Cr, Ci, list, R) );
-
-
- recv_!O3( O, O, prf(Ni, Nr, h(g(i),r), g(i), g(r), Ci, Cr, list, I) );
- send_!O4( O, O, prf(Ni, Nr, h(g(r),i), g(i), g(r), Ci, Cr, list, I) );
-
- }
-
-
-}
-
-protocol ikev1-pk2-a2(I, R)
-{
- role I {
- fresh i, Ni, Ci: Nonce;
- var Nr, Cr: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, Ci, list, {Ni}pk(R), {g(i),I}prf(Ni, Ci) );
- recv_!2( R, I, Ci, Cr, algo, {Nr}pk(I), {Gr,R}prf(Nr, Cr), prf(Ni, Nr, h(Gr,i), Gr, g(i), Cr, Ci, list, R) );
- claim( I, Running, R, g(i),Gr,Ci,Cr,Ni,Nr );
- send_!3( I, R, Ci, Cr, prf(Ni, Nr, h(Gr,i), g(i), Gr, Ci, Cr, list, I) );
-
-
- claim( I, SKR, KDF(Ni, Nr, h(Gr,i), Ci, Cr) );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, g(i),Gr,Ci,Cr,Ni,Nr );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Ci, list, {Ni}pk(R), {Gi,I}prf(Ni, Ci) );
- claim( R, Running, I, Gi,g(r),Ci,Cr,Ni,Nr );
- send_!2( R, I, Ci, Cr, algo, {Nr}pk(I), {g(r),R}prf(Nr, Cr), prf(Ni, Nr, h(Gi,r), g(r), Gi, Cr, Ci, list, R) );
- recv_!3( I, R, Ci, Cr, prf(Ni, Nr, h(Gi,r), Gi, g(r), Ci, Cr, list, I) );
-
-
- claim( R, SKR, KDF(Ni, Nr, h(Gi,r), Ci, Cr) );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Gi,g(r),Ci,Cr,Ni,Nr );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk2-m.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk2-m.cpp
deleted file mode 100644
index 42f2d9d86fa179e530952980202c5f259c09d866..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk2-m.cpp
+++ /dev/null
@@ -1,104 +0,0 @@
-/**********************************************************************
- * @protocol Internet Key Exchange Protocol (IKEv1)
- * @reference RFC 2409,
- * Boyd C. and Mathuria A., Protocols for Authentication
- * and Key Agreement
- * @variant Revised public key authentication (main mode)
- **********************************************************************/
-
-/**
- * MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
- */
-
-#define __IKEV1__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-#define SKEYID prf(H(Ni,Nr),Ci,Cr)
-#define HASH_Ii prf(Ni, Nr, Zi, g(i), Gr, Ci, Cr, list, I)
-#define HASH_Ir prf(Ni, Nr, Zr, Gi, g(r), Ci, Cr, list, I)
-#define HASH_Ri prf(Ni, Nr, Zi, Gr, g(i), Cr, Ci, list, R)
-#define HASH_Rr prf(Ni, Nr, Zr, g(r), Gi, Cr, Ci, list, R)
-#define Nei prf(Ni, Ci)
-#define Ner prf(Nr, Cr)
-
-
-usertype String;
-const list, algo: String;
-
-
-/**
- * This role serves as an "oracle" to ensure the executability of the
- * protocol by taking care of the problems that arise from our way of
- * modelling Diffie-Hellman keys.
- */
-protocol @executability(O) {
-#define Gi g(i)
-#define Gr g(r)
- role O {
- var i, r, Ni, Nr, Ci, Cr: Nonce;
- var I, R: Agent;
-
- // msg 5
- recv_!O1( O, O, {HASH_Ii}SKi );
- send_!O2( O, O, {HASH_Ir}SKr );
-
- // msg 6
- recv_!O3( O, O, {HASH_Rr}SKr );
- send_!O4( O, O, {HASH_Ri}SKi );
-
- }
-#undef Gi
-#undef Gr
-}
-
-
-protocol ikev1-pk2-m(I, R)
-{
- role I {
- fresh i, Ni, Ci: Nonce;
- var Nr, Cr: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, Ci, list );
- recv_2( R, I, Ci, Cr, algo );
- send_3( I, R, Ci, Cr, {Ni}pk(R), {g(i)}Nei, {I}Nei );
- recv_4( R, I, Ci, Cr, {Nr}pk(I), {Gr}Ner, {R}Ner );
- claim( I, Running, R, g(i),Gr,Ci,Cr,Ni,Nr );
- send_!5( I, R, Ci, Cr, {HASH_Ii}SKi );
- recv_!6( R, I, Ci, Cr, {HASH_Ri}SKi );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, g(i),Gr,Ci,Cr,Ni,Nr );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Ci, list );
- send_2( R, I, Ci, Cr, algo );
- recv_3( I, R, Ci, Cr, {Ni}pk(R), {Gi}Nei, {I}Nei );
- send_4( R, I, Ci, Cr, {Nr}pk(I), {g(r)}Ner, {R}Ner );
- recv_!5( I, R, Ci, Cr, {HASH_Ir}SKr );
- claim( R, Running, I, Gi,g(r),Ci,Cr,Ni,Nr );
- send_!6( R, I, Ci, Cr, {HASH_Rr}SKr );
-
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Gi,g(r),Ci,Cr,Ni,Nr );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk2-m.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk2-m.spdl
deleted file mode 100644
index e32dd5b1f6d43fa88d628e068616818bafadc0ea..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk2-m.spdl
+++ /dev/null
@@ -1,136 +0,0 @@
-# 1 "ikev1-pk2-m.cpp"
-# 1 "<command-line>"
-# 1 "ikev1-pk2-m.cpp"
-# 16 "ikev1-pk2-m.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-
-
-
-
-
-
-
-hashfunction H;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-
-
- var Ci, Cr: Nonce;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, KDF(Ni, Nr, h(g(r),i), Ci, Cr) );
- send_!SWAP2( SWAP, SWAP, KDF(Ni, Nr, h(g(i),r), Ci, Cr) );
-
- }
-
-
-}
-# 17 "ikev1-pk2-m.cpp" 2
-# 28 "ikev1-pk2-m.cpp"
-usertype String;
-const list, algo: String;
-
-
-
-
-
-
-
-protocol @executability(O) {
-
-
- role O {
- var i, r, Ni, Nr, Ci, Cr: Nonce;
- var I, R: Agent;
-
-
- recv_!O1( O, O, {prf(Ni, Nr, h(g(r),i), g(i), g(r), Ci, Cr, list, I)}KDF(Ni, Nr, h(g(r),i), Ci, Cr) );
- send_!O2( O, O, {prf(Ni, Nr, h(g(i),r), g(i), g(r), Ci, Cr, list, I)}KDF(Ni, Nr, h(g(i),r), Ci, Cr) );
-
-
- recv_!O3( O, O, {prf(Ni, Nr, h(g(i),r), g(r), g(i), Cr, Ci, list, R)}KDF(Ni, Nr, h(g(i),r), Ci, Cr) );
- send_!O4( O, O, {prf(Ni, Nr, h(g(r),i), g(r), g(i), Cr, Ci, list, R)}KDF(Ni, Nr, h(g(r),i), Ci, Cr) );
-
- }
-
-
-}
-
-
-protocol ikev1-pk2-m(I, R)
-{
- role I {
- fresh i, Ni, Ci: Nonce;
- var Nr, Cr: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, Ci, list );
- recv_2( R, I, Ci, Cr, algo );
- send_3( I, R, Ci, Cr, {Ni}pk(R), {g(i)}prf(Ni, Ci), {I}prf(Ni, Ci) );
- recv_4( R, I, Ci, Cr, {Nr}pk(I), {Gr}prf(Nr, Cr), {R}prf(Nr, Cr) );
- claim( I, Running, R, g(i),Gr,Ci,Cr,Ni,Nr );
- send_!5( I, R, Ci, Cr, {prf(Ni, Nr, h(Gr,i), g(i), Gr, Ci, Cr, list, I)}KDF(Ni, Nr, h(Gr,i), Ci, Cr) );
- recv_!6( R, I, Ci, Cr, {prf(Ni, Nr, h(Gr,i), Gr, g(i), Cr, Ci, list, R)}KDF(Ni, Nr, h(Gr,i), Ci, Cr) );
-
-
- claim( I, SKR, KDF(Ni, Nr, h(Gr,i), Ci, Cr) );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, g(i),Gr,Ci,Cr,Ni,Nr );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Ci, list );
- send_2( R, I, Ci, Cr, algo );
- recv_3( I, R, Ci, Cr, {Ni}pk(R), {Gi}prf(Ni, Ci), {I}prf(Ni, Ci) );
- send_4( R, I, Ci, Cr, {Nr}pk(I), {g(r)}prf(Nr, Cr), {R}prf(Nr, Cr) );
- recv_!5( I, R, Ci, Cr, {prf(Ni, Nr, h(Gi,r), Gi, g(r), Ci, Cr, list, I)}KDF(Ni, Nr, h(Gi,r), Ci, Cr) );
- claim( R, Running, I, Gi,g(r),Ci,Cr,Ni,Nr );
- send_!6( R, I, Ci, Cr, {prf(Ni, Nr, h(Gi,r), g(r), Gi, Cr, Ci, list, R)}KDF(Ni, Nr, h(Gi,r), Ci, Cr) );
-
-
-
- claim( R, SKR, KDF(Ni, Nr, h(Gi,r), Ci, Cr) );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Gi,g(r),Ci,Cr,Ni,Nr );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk2-m2.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk2-m2.cpp
deleted file mode 100644
index 653a83936b281e50d86c098ad742e660b47dfe23..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk2-m2.cpp
+++ /dev/null
@@ -1,106 +0,0 @@
-/**********************************************************************
- * @protocol Internet Key Exchange Protocol (IKEv1)
- * @reference RFC 2409,
- * Boyd C. and Mathuria A., Protocols for Authentication
- * and Key Agreement
- * @variant Revised public key authentication (aggressive mode),
- * Diffie-Hellman token encrypted together with identity
- **********************************************************************/
-
-/**
- * MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
- */
-
-#define __IKEV1__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-#define SKEYID prf(H(Ni,Nr),Ci,Cr)
-#define HASH_Ii prf(Ni, Nr, Zi, g(i), Gr, Ci, Cr, list, I)
-#define HASH_Ir prf(Ni, Nr, Zr, Gi, g(r), Ci, Cr, list, I)
-#define HASH_Ri prf(Ni, Nr, Zi, Gr, g(i), Cr, Ci, list, R)
-#define HASH_Rr prf(Ni, Nr, Zr, g(r), Gi, Cr, Ci, list, R)
-#define HASH1 H({R, pk(R)}sk(s))
-#define Nei prf(Ni, Ci)
-#define Ner prf(Nr, Cr)
-
-
-usertype String;
-const list, algo: String;
-
-
-/**
- * This role serves as an "oracle" to ensure the executability of the
- * protocol by taking care of the problems that arise from our way of
- * modelling Diffie-Hellman keys.
- */
-protocol @executability(O) {
-#define Gi g(i)
-#define Gr g(r)
- role O {
- var i, r, Ni, Nr, Ci, Cr: Nonce;
- var I, R: Agent;
-
- // msg 5
- recv_!O1( O, O, {HASH_Ii}SKi );
- send_!O2( O, O, {HASH_Ir}SKr );
-
- // msg 6
- recv_!O3( O, O, {HASH_Rr}SKr );
- send_!O4( O, O, {HASH_Ri}SKi );
-
- }
-#undef Gi
-#undef Gr
-}
-
-
-protocol ikev1-pk2-m2(I, R)
-{
- role I {
- fresh i, Ni, Ci: Nonce;
- var Nr, Cr: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, Ci, list );
- recv_2( R, I, Ci, Cr, algo );
- send_3( I, R, Ci, Cr, {Ni}pk(R), {g(i),I}Nei );
- recv_4( R, I, Ci, Cr, {Nr}pk(I), {Gr,R}Ner );
- claim( I, Running, R, g(i),Gr,Ci,Cr,Ni,Nr );
- send_!5( I, R, Ci, Cr, {HASH_Ii}SKi );
- recv_!6( R, I, Ci, Cr, {HASH_Ri}SKi );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, g(i),Gr,Ci,Cr,Ni,Nr );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Ci, list );
- send_2( R, I, Ci, Cr, algo );
- recv_3( I, R, Ci, Cr, {Ni}pk(R), {Gi,I}Nei );
- send_4( R, I, Ci, Cr, {Nr}pk(I), {g(r),R}Ner );
- recv_!5( I, R, Ci, Cr, {HASH_Ir}SKr );
- claim( R, Running, I, Gi,g(r),Ci,Cr,Ni,Nr );
- send_!6( R, I, Ci, Cr, {HASH_Rr}SKr );
-
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Gi,g(r),Ci,Cr,Ni,Nr );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk2-m2.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk2-m2.spdl
deleted file mode 100644
index 62e5b7452f7494bc90b41cd224e987a702019d67..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-pk2-m2.spdl
+++ /dev/null
@@ -1,136 +0,0 @@
-# 1 "ikev1-pk2-m2.cpp"
-# 1 "<command-line>"
-# 1 "ikev1-pk2-m2.cpp"
-# 17 "ikev1-pk2-m2.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-
-
-
-
-
-
-
-hashfunction H;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-
-
- var Ci, Cr: Nonce;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, KDF(Ni, Nr, h(g(r),i), Ci, Cr) );
- send_!SWAP2( SWAP, SWAP, KDF(Ni, Nr, h(g(i),r), Ci, Cr) );
-
- }
-
-
-}
-# 18 "ikev1-pk2-m2.cpp" 2
-# 30 "ikev1-pk2-m2.cpp"
-usertype String;
-const list, algo: String;
-
-
-
-
-
-
-
-protocol @executability(O) {
-
-
- role O {
- var i, r, Ni, Nr, Ci, Cr: Nonce;
- var I, R: Agent;
-
-
- recv_!O1( O, O, {prf(Ni, Nr, h(g(r),i), g(i), g(r), Ci, Cr, list, I)}KDF(Ni, Nr, h(g(r),i), Ci, Cr) );
- send_!O2( O, O, {prf(Ni, Nr, h(g(i),r), g(i), g(r), Ci, Cr, list, I)}KDF(Ni, Nr, h(g(i),r), Ci, Cr) );
-
-
- recv_!O3( O, O, {prf(Ni, Nr, h(g(i),r), g(r), g(i), Cr, Ci, list, R)}KDF(Ni, Nr, h(g(i),r), Ci, Cr) );
- send_!O4( O, O, {prf(Ni, Nr, h(g(r),i), g(r), g(i), Cr, Ci, list, R)}KDF(Ni, Nr, h(g(r),i), Ci, Cr) );
-
- }
-
-
-}
-
-
-protocol ikev1-pk2-m2(I, R)
-{
- role I {
- fresh i, Ni, Ci: Nonce;
- var Nr, Cr: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, Ci, list );
- recv_2( R, I, Ci, Cr, algo );
- send_3( I, R, Ci, Cr, {Ni}pk(R), {g(i),I}prf(Ni, Ci) );
- recv_4( R, I, Ci, Cr, {Nr}pk(I), {Gr,R}prf(Nr, Cr) );
- claim( I, Running, R, g(i),Gr,Ci,Cr,Ni,Nr );
- send_!5( I, R, Ci, Cr, {prf(Ni, Nr, h(Gr,i), g(i), Gr, Ci, Cr, list, I)}KDF(Ni, Nr, h(Gr,i), Ci, Cr) );
- recv_!6( R, I, Ci, Cr, {prf(Ni, Nr, h(Gr,i), Gr, g(i), Cr, Ci, list, R)}KDF(Ni, Nr, h(Gr,i), Ci, Cr) );
-
-
- claim( I, SKR, KDF(Ni, Nr, h(Gr,i), Ci, Cr) );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, g(i),Gr,Ci,Cr,Ni,Nr );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Ci, list );
- send_2( R, I, Ci, Cr, algo );
- recv_3( I, R, Ci, Cr, {Ni}pk(R), {Gi,I}prf(Ni, Ci) );
- send_4( R, I, Ci, Cr, {Nr}pk(I), {g(r),R}prf(Nr, Cr) );
- recv_!5( I, R, Ci, Cr, {prf(Ni, Nr, h(Gi,r), Gi, g(r), Ci, Cr, list, I)}KDF(Ni, Nr, h(Gi,r), Ci, Cr) );
- claim( R, Running, I, Gi,g(r),Ci,Cr,Ni,Nr );
- send_!6( R, I, Ci, Cr, {prf(Ni, Nr, h(Gi,r), g(r), Gi, Cr, Ci, list, R)}KDF(Ni, Nr, h(Gi,r), Ci, Cr) );
-
-
-
- claim( R, SKR, KDF(Ni, Nr, h(Gi,r), Ci, Cr) );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Gi,g(r),Ci,Cr,Ni,Nr );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-psk-a.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-psk-a.cpp
deleted file mode 100644
index bdd5b4cf8ee3ce77c3dc29f6dbd804245e1c8479..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-psk-a.cpp
+++ /dev/null
@@ -1,94 +0,0 @@
-/**********************************************************************
- * @protocol Internet Key Exchange Protocol (IKEv1)
- * @reference RFC 2409,
- * Boyd C. and Mathuria A., Protocols for Authentication
- * and Key Agreement
- * @variant Pre-shared key authentication (aggressive mode)
- **********************************************************************/
-
-/**
- * MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
- */
-
-#define __IKEV1_PSK__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-#define HASH_Ii prf(k(I,R), Ni, Nr, g(i), Gr, Ci, Cr, list, I)
-#define HASH_Ir prf(k(R,I), Ni, Nr, Gi, g(r), Ci, Cr, list, I)
-#define HASH_Ri prf(k(I,R), Ni, Nr, Gr, g(i), Cr, Ci, list, R)
-#define HASH_Rr prf(k(R,I), Ni, Nr, g(r), Gi, Cr, Ci, list, R)
-
-
-usertype String;
-const list, algo: String;
-
-
-/**
- * This role serves as an "oracle" to ensure the executability of the
- * protocol by taking care of the problems that arise from our way of
- * modelling Diffie-Hellman keys.
- */
-protocol @executability(O) {
-#define Gi g(i)
-#define Gr g(r)
- role O {
- var i, r, Ni, Nr, Ci, Cr: Nonce;
- var I, R: Agent;
-
- // msg 2
- recv_!O1( O, O, HASH_Rr );
- send_!O2( O, O, HASH_Ri );
-
- // msg 3
- recv_!O3( O, O, HASH_Ii );
- send_!O4( O, O, HASH_Ir );
-
- }
-#undef Gi
-#undef Gr
-}
-
-
-protocol ikev1-psk-a(I, R)
-{
- role I {
- fresh i, Ni, Ci: Nonce;
- var Nr, Cr: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, Ci, list, g(i), Ni, I );
- recv_!2( R, I, Ci, Cr, algo, Gr, Nr, R, HASH_Ri );
- claim( I, Running, R, Ni, Nr, g(i), Gr, Ci, Cr );
- send_!3( I, R, Ci, Cr, HASH_Ii );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, Ni, Nr, g(i), Gr, Ci, Cr );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Ci, list, Gi, Ni, I );
- claim( R, Running, I, Ni, Nr, Gi, g(r), Ci, Cr );
- send_!2( R, I, Ci, Cr, algo, g(r), Nr, R, HASH_Rr );
- recv_!3( I, R, Ci, Cr, HASH_Ir );
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Ni, Nr, Gi, g(r), Ci, Cr );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-psk-a.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-psk-a.spdl
deleted file mode 100644
index 788dde03cab4461f9cc471f67597bbd13a087529..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-psk-a.spdl
+++ /dev/null
@@ -1,125 +0,0 @@
-# 1 "ikev1-psk-a.cpp"
-# 1 "<command-line>"
-# 1 "ikev1-psk-a.cpp"
-# 16 "ikev1-psk-a.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-
-
-
-
-
- var Ci, Cr: Nonce;
- var I, R: Agent;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, prf(k(I,R), Ni, Nr, h(g(r),i), Ci, Cr) );
- send_!SWAP2( SWAP, SWAP, prf(k(R,I), Ni, Nr, h(g(i),r), Ci, Cr) );
-
- }
-
-
-}
-# 17 "ikev1-psk-a.cpp" 2
-# 25 "ikev1-psk-a.cpp"
-usertype String;
-const list, algo: String;
-
-
-
-
-
-
-
-protocol @executability(O) {
-
-
- role O {
- var i, r, Ni, Nr, Ci, Cr: Nonce;
- var I, R: Agent;
-
-
- recv_!O1( O, O, prf(k(R,I), Ni, Nr, g(r), g(i), Cr, Ci, list, R) );
- send_!O2( O, O, prf(k(I,R), Ni, Nr, g(r), g(i), Cr, Ci, list, R) );
-
-
- recv_!O3( O, O, prf(k(I,R), Ni, Nr, g(i), g(r), Ci, Cr, list, I) );
- send_!O4( O, O, prf(k(R,I), Ni, Nr, g(i), g(r), Ci, Cr, list, I) );
-
- }
-
-
-}
-
-
-protocol ikev1-psk-a(I, R)
-{
- role I {
- fresh i, Ni, Ci: Nonce;
- var Nr, Cr: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, Ci, list, g(i), Ni, I );
- recv_!2( R, I, Ci, Cr, algo, Gr, Nr, R, prf(k(I,R), Ni, Nr, Gr, g(i), Cr, Ci, list, R) );
- claim( I, Running, R, Ni, Nr, g(i), Gr, Ci, Cr );
- send_!3( I, R, Ci, Cr, prf(k(I,R), Ni, Nr, g(i), Gr, Ci, Cr, list, I) );
-
-
- claim( I, SKR, prf(k(I,R), Ni, Nr, h(Gr,i), Ci, Cr) );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, Ni, Nr, g(i), Gr, Ci, Cr );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Ci, list, Gi, Ni, I );
- claim( R, Running, I, Ni, Nr, Gi, g(r), Ci, Cr );
- send_!2( R, I, Ci, Cr, algo, g(r), Nr, R, prf(k(R,I), Ni, Nr, g(r), Gi, Cr, Ci, list, R) );
- recv_!3( I, R, Ci, Cr, prf(k(R,I), Ni, Nr, Gi, g(r), Ci, Cr, list, I) );
-
-
- claim( R, SKR, prf(k(R,I), Ni, Nr, h(Gi,r), Ci, Cr) );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Ni, Nr, Gi, g(r), Ci, Cr );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-psk-m-perlman.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-psk-m-perlman.cpp
deleted file mode 100644
index 01640add7624ed88ea12b9abb3825214feaa639a..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-psk-m-perlman.cpp
+++ /dev/null
@@ -1,101 +0,0 @@
-/**********************************************************************
- * @protocol Internet Key Exchange Protocol (IKEv1)
- * @reference RFC 2409,
- * Boyd C. and Mathuria A., Protocols for Authentication
- * and Key Agreement
- * @variant Pre-shared key authentication (main mode) incorporating
- * a fix by Perlman et. al.
- **********************************************************************/
-
-/**
- * MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
- */
-
-#define __IKEV1_PSK__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-#define HASH_Ii prf(k(I,R), Ni, Nr, g(i), Gr, Ci, Cr, list, I)
-#define HASH_Ir prf(k(R,I), Ni, Nr, Gi, g(r), Ci, Cr, list, I)
-#define HASH_Ri prf(k(I,R), Ni, Nr, Gr, g(i), Cr, Ci, list, R)
-#define HASH_Rr prf(k(R,I), Ni, Nr, g(r), Gi, Cr, Ci, list, R)
-
-
-usertype String;
-const list, algo: String;
-
-
-/**
- * This role serves as an "oracle" to ensure the executability of the
- * protocol by taking care of the problems that arise from our way of
- * modelling Diffie-Hellman keys.
- */
-protocol @executability(O) {
-#define Gi g(i)
-#define Gr g(r)
- role O {
- var i, r, Ni, Nr, Ci, Cr: Nonce;
- var I, R: Agent;
-
- // msg 5
- recv_!O1( O, O, {I, HASH_Ii}Zi );
- send_!O2( O, O, {I, HASH_Ir}Zr );
-
- // msg 6
- recv_!O3( O, O, {R, HASH_Rr}Zr );
- send_!O4( O, O, {R, HASH_Ri}Zi );
-
- }
-#undef Gi
-#undef Gr
-}
-
-
-protocol ikev1-psk-m-perlman(I, R)
-{
- role I {
- fresh i, Ni, Ci: Nonce;
- var Nr, Cr: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, Ci, list );
- recv_2( R, I, Ci, Cr, algo );
- send_3( I, R, Ci, Cr, g(i), Ni );
- recv_4( R, I, Ci, Cr, Gr, Nr );
- claim( I, Running, R, Ni, Nr, g(i), Gr, Ci, Cr );
- send_!5( I, R, Ci, Cr, {I, HASH_Ii}Zi );
- recv_!6( R, I, Ci, Cr, {R, HASH_Ri}Zi );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, Ni, Nr, g(i), Gr, Ci, Cr );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Ci, list );
- send_2( R, I, Ci, Cr, algo );
- recv_3( I, R, Ci, Cr, Gi, Ni );
- send_4( R, I, Ci, Cr, g(r), Nr );
- recv_!5( I, R, Ci, Cr, {I, HASH_Ir}Zr );
- claim( R, Running, I, Ni, Nr, Gi, g(r), Ci, Cr );
- send_!6( R, I, Ci, Cr, {R, HASH_Rr}Zr );
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Ni, Nr, Gi, g(r), Ci, Cr );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-psk-m-perlman.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-psk-m-perlman.spdl
deleted file mode 100644
index fa9436a2db4fd51aefddef8f1b82985ff070ee02..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-psk-m-perlman.spdl
+++ /dev/null
@@ -1,131 +0,0 @@
-# 1 "ikev1-psk-m-perlman.cpp"
-# 1 "<command-line>"
-# 1 "ikev1-psk-m-perlman.cpp"
-# 17 "ikev1-psk-m-perlman.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-
-
-
-
-
- var Ci, Cr: Nonce;
- var I, R: Agent;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, prf(k(I,R), Ni, Nr, h(g(r),i), Ci, Cr) );
- send_!SWAP2( SWAP, SWAP, prf(k(R,I), Ni, Nr, h(g(i),r), Ci, Cr) );
-
- }
-
-
-}
-# 18 "ikev1-psk-m-perlman.cpp" 2
-# 26 "ikev1-psk-m-perlman.cpp"
-usertype String;
-const list, algo: String;
-
-
-
-
-
-
-
-protocol @executability(O) {
-
-
- role O {
- var i, r, Ni, Nr, Ci, Cr: Nonce;
- var I, R: Agent;
-
-
- recv_!O1( O, O, {I, prf(k(I,R), Ni, Nr, g(i), g(r), Ci, Cr, list, I)}h(g(r),i) );
- send_!O2( O, O, {I, prf(k(R,I), Ni, Nr, g(i), g(r), Ci, Cr, list, I)}h(g(i),r) );
-
-
- recv_!O3( O, O, {R, prf(k(R,I), Ni, Nr, g(r), g(i), Cr, Ci, list, R)}h(g(i),r) );
- send_!O4( O, O, {R, prf(k(I,R), Ni, Nr, g(r), g(i), Cr, Ci, list, R)}h(g(r),i) );
-
- }
-
-
-}
-
-
-protocol ikev1-psk-m-perlman(I, R)
-{
- role I {
- fresh i, Ni, Ci: Nonce;
- var Nr, Cr: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, Ci, list );
- recv_2( R, I, Ci, Cr, algo );
- send_3( I, R, Ci, Cr, g(i), Ni );
- recv_4( R, I, Ci, Cr, Gr, Nr );
- claim( I, Running, R, Ni, Nr, g(i), Gr, Ci, Cr );
- send_!5( I, R, Ci, Cr, {I, prf(k(I,R), Ni, Nr, g(i), Gr, Ci, Cr, list, I)}h(Gr,i) );
- recv_!6( R, I, Ci, Cr, {R, prf(k(I,R), Ni, Nr, Gr, g(i), Cr, Ci, list, R)}h(Gr,i) );
-
-
- claim( I, SKR, prf(k(I,R), Ni, Nr, h(Gr,i), Ci, Cr) );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, Ni, Nr, g(i), Gr, Ci, Cr );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Ci, list );
- send_2( R, I, Ci, Cr, algo );
- recv_3( I, R, Ci, Cr, Gi, Ni );
- send_4( R, I, Ci, Cr, g(r), Nr );
- recv_!5( I, R, Ci, Cr, {I, prf(k(R,I), Ni, Nr, Gi, g(r), Ci, Cr, list, I)}h(Gi,r) );
- claim( R, Running, I, Ni, Nr, Gi, g(r), Ci, Cr );
- send_!6( R, I, Ci, Cr, {R, prf(k(R,I), Ni, Nr, g(r), Gi, Cr, Ci, list, R)}h(Gi,r) );
-
-
- claim( R, SKR, prf(k(R,I), Ni, Nr, h(Gi,r), Ci, Cr) );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Ni, Nr, Gi, g(r), Ci, Cr );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-psk-m.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-psk-m.cpp
deleted file mode 100644
index f2030186b00dcbe7278d030ad2f7a2b7e6977078..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-psk-m.cpp
+++ /dev/null
@@ -1,100 +0,0 @@
-/**********************************************************************
- * @protocol Internet Key Exchange Protocol (IKEv1)
- * @reference RFC 2409,
- * Boyd C. and Mathuria A., Protocols for Authentication
- * and Key Agreement
- * @variant Pre-shared key authentication (main mode)
- **********************************************************************/
-
-/**
- * MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
- */
-
-#define __IKEV1_PSK__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-#define SKEYID prf(k(I,R),Ni,Nr)
-#define HASH_Ii prf(k(I,R), Ni, Nr, g(i), Gr, Ci, Cr, list, I)
-#define HASH_Ir prf(k(R,I), Ni, Nr, Gi, g(r), Ci, Cr, list, I)
-#define HASH_Ri prf(k(I,R), Ni, Nr, Gr, g(i), Cr, Ci, list, R)
-#define HASH_Rr prf(k(R,I), Ni, Nr, g(r), Gi, Cr, Ci, list, R)
-
-
-usertype String;
-const list, algo: String;
-
-
-/**
- * This role serves as an "oracle" to ensure the executability of the
- * protocol by taking care of the problems that arise from our way of
- * modelling Diffie-Hellman keys.
- */
-protocol @executability(O) {
-#define Gi g(i)
-#define Gr g(r)
- role O {
- var i, r, Ni, Nr, Ci, Cr: Nonce;
- var I, R: Agent;
-
- // msg 5
- recv_!O1( O, O, {I, HASH_Ii}SKi );
- send_!O2( O, O, {I, HASH_Ir}SKr );
-
- // msg 6
- recv_!O3( O, O, {R, HASH_Rr}SKr );
- send_!O4( O, O, {R, HASH_Ri}SKi );
-
- }
-#undef Gi
-#undef Gr
-}
-
-protocol ikev1-psk-m(I, R)
-{
- role I {
- fresh i, Ni, Ci: Nonce;
- var Nr, Cr: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, Ci, list );
- recv_2( R, I, Ci, Cr, algo );
- send_3( I, R, Ci, Cr, g(i), Ni );
- recv_4( R, I, Ci, Cr, Gr, Nr );
- claim( I, Running, R, Ni, Nr, g(i), Gr, Ci, Cr );
- send_!5( I, R, Ci, Cr, {I, HASH_Ii}SKi );
- recv_!6( R, I, Ci, Cr, {R, HASH_Ri}SKi );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, Ni, Nr, g(i), Gr, Ci, Cr );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Ci, list );
- send_2( R, I, Ci, Cr, algo );
- recv_3( I, R, Ci, Cr, Gi, Ni );
- send_4( R, I, Ci, Cr, g(r), Nr );
- recv_!5( I, R, Ci, Cr, {I, HASH_Ir}SKr );
- claim( R, Running, I, Ni, Nr, Gi, g(r), Ci, Cr );
- send_!6( R, I, Ci, Cr, {R, HASH_Rr}SKr );
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Ni, Nr, Gi, g(r), Ci, Cr );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-psk-m.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-psk-m.spdl
deleted file mode 100644
index ca7a6888664db131ae5db199e9b56aab363e4711..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-psk-m.spdl
+++ /dev/null
@@ -1,130 +0,0 @@
-# 1 "ikev1-psk-m.cpp"
-# 1 "<command-line>"
-# 1 "ikev1-psk-m.cpp"
-# 16 "ikev1-psk-m.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-
-
-
-
-
- var Ci, Cr: Nonce;
- var I, R: Agent;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, prf(k(I,R), Ni, Nr, h(g(r),i), Ci, Cr) );
- send_!SWAP2( SWAP, SWAP, prf(k(R,I), Ni, Nr, h(g(i),r), Ci, Cr) );
-
- }
-
-
-}
-# 17 "ikev1-psk-m.cpp" 2
-# 26 "ikev1-psk-m.cpp"
-usertype String;
-const list, algo: String;
-
-
-
-
-
-
-
-protocol @executability(O) {
-
-
- role O {
- var i, r, Ni, Nr, Ci, Cr: Nonce;
- var I, R: Agent;
-
-
- recv_!O1( O, O, {I, prf(k(I,R), Ni, Nr, g(i), g(r), Ci, Cr, list, I)}prf(k(I,R), Ni, Nr, h(g(r),i), Ci, Cr) );
- send_!O2( O, O, {I, prf(k(R,I), Ni, Nr, g(i), g(r), Ci, Cr, list, I)}prf(k(R,I), Ni, Nr, h(g(i),r), Ci, Cr) );
-
-
- recv_!O3( O, O, {R, prf(k(R,I), Ni, Nr, g(r), g(i), Cr, Ci, list, R)}prf(k(R,I), Ni, Nr, h(g(i),r), Ci, Cr) );
- send_!O4( O, O, {R, prf(k(I,R), Ni, Nr, g(r), g(i), Cr, Ci, list, R)}prf(k(I,R), Ni, Nr, h(g(r),i), Ci, Cr) );
-
- }
-
-
-}
-
-protocol ikev1-psk-m(I, R)
-{
- role I {
- fresh i, Ni, Ci: Nonce;
- var Nr, Cr: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, Ci, list );
- recv_2( R, I, Ci, Cr, algo );
- send_3( I, R, Ci, Cr, g(i), Ni );
- recv_4( R, I, Ci, Cr, Gr, Nr );
- claim( I, Running, R, Ni, Nr, g(i), Gr, Ci, Cr );
- send_!5( I, R, Ci, Cr, {I, prf(k(I,R), Ni, Nr, g(i), Gr, Ci, Cr, list, I)}prf(k(I,R), Ni, Nr, h(Gr,i), Ci, Cr) );
- recv_!6( R, I, Ci, Cr, {R, prf(k(I,R), Ni, Nr, Gr, g(i), Cr, Ci, list, R)}prf(k(I,R), Ni, Nr, h(Gr,i), Ci, Cr) );
-
-
- claim( I, SKR, prf(k(I,R), Ni, Nr, h(Gr,i), Ci, Cr) );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, Ni, Nr, g(i), Gr, Ci, Cr );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Ci, list );
- send_2( R, I, Ci, Cr, algo );
- recv_3( I, R, Ci, Cr, Gi, Ni );
- send_4( R, I, Ci, Cr, g(r), Nr );
- recv_!5( I, R, Ci, Cr, {I, prf(k(R,I), Ni, Nr, Gi, g(r), Ci, Cr, list, I)}prf(k(R,I), Ni, Nr, h(Gi,r), Ci, Cr) );
- claim( R, Running, I, Ni, Nr, Gi, g(r), Ci, Cr );
- send_!6( R, I, Ci, Cr, {R, prf(k(R,I), Ni, Nr, g(r), Gi, Cr, Ci, list, R)}prf(k(R,I), Ni, Nr, h(Gi,r), Ci, Cr) );
-
-
- claim( R, SKR, prf(k(R,I), Ni, Nr, h(Gi,r), Ci, Cr) );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Ni, Nr, Gi, g(r), Ci, Cr );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-quick-noid.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-quick-noid.cpp
deleted file mode 100644
index f6f57127d1a372a3463cc3c8ada9419e919e40c0..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-quick-noid.cpp
+++ /dev/null
@@ -1,102 +0,0 @@
-/**********************************************************************
- * @protocol Internet Key Exchange Protocol (IKEv1)
- * @reference RFC 2409,
- * Boyd C. and Mathuria A., Protocols for Authentication
- * and Key Agreement
- * @variant Quick mode (pfs), without optional identities
- **********************************************************************/
-
-/**
- * MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
- */
-
-#define __IKEV1_QUICK__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-/* k(I,R)=k(R,I) equal Ka from the spec */
-#define HASH1i prf(k(I,R), mid, list, Ni, g(i))
-#define HASH1r prf(k(R,I), mid, list, Ni, Gi)
-#define HASH2i prf(k(I,R), mid, Ni, algo, Nr, Gr)
-#define HASH2r prf(k(R,I), mid, Ni, algo, Nr, g(r))
-#define HASH3i prf(k(I,R), mid, Ni, Nr)
-#define HASH3r prf(k(R,I), mid, Ni, Nr)
-
-usertype String;
-const list, algo: String;
-
-/**
- * This role serves as an "oracle" to ensure the executability of the
- * protocol by taking care of the problems that arise from our way of
- * modelling k(I,R) = k(R,I).
- */
-protocol @executability(O) {
-#define Gi g(i)
-#define Gr g(r)
- role O {
- var mid, i, r, Ni, Nr: Nonce;
- var I, R: Agent;
-
- // msg 1
- recv_!O1( O, O, {HASH1i, list, Ni, g(i)}k(I,R) );
- send_!O2( O, O, {HASH1r, list, Ni, Gi}k(R,I) );
-
- // msg 2
- recv_!O3( O, O, {HASH2r, algo, Nr, g(r)}k(R,I) );
- send_!O4( O, O, {HASH2i, algo, Nr, Gr}k(I,R) );
-
- // msg 3
- recv_!O5( O, O, {HASH3i}k(I,R) );
- send_!O6( O, O, {HASH3r}k(R,I) );
-
- }
-#undef Gi
-#undef Gr
-}
-
-
-protocol ikev1-quick-noid(I, R)
-{
- role I {
- fresh i, Ni, Ci, mid: Nonce;
- var Nr, Cr: Nonce;
- var Gr: Ticket;
-
- send_!1( I, R, mid, {HASH1i, list, Ni, g(i)}k(I,R) );
- recv_!2( R, I, mid, {HASH2i, algo, Nr, Gr}k(I,R) );
- claim( I, Running, R, Ni, Nr, g(i), Gr );
- send_!3( I, R, mid, {HASH3i}k(I,R) );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, Ni, Nr, g(i), Gr );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci, mid: Nonce;
- var Gi: Ticket;
-
- recv_!1( I, R, mid, {HASH1r, list, Ni, Gi}k(R,I) );
- claim( R, Running, I, Ni, Nr, Gi, g(r) );
- send_!2( R, I, mid, {HASH2r, algo, Nr, g(r)}k(R,I) );
- recv_!3( I, R, mid, {HASH3r}k(R,I) );
-
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Ni, Nr, Gi, g(r) );
-
- }
-}
-// TODO: Incorporate into various phase 1 protocols (see spec for adaptions)
-// NOTE: If incorporated in phase 1, make sure to model with and without optional identities in msg 2 & 3
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-quick-noid.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-quick-noid.spdl
deleted file mode 100644
index 03e9c05c647160e0e160a560d7c1ffe63ce30d96..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-quick-noid.spdl
+++ /dev/null
@@ -1,124 +0,0 @@
-# 1 "ikev1-quick-noid.cpp"
-# 1 "<command-line>"
-# 1 "ikev1-quick-noid.cpp"
-# 16 "ikev1-quick-noid.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-# 126 "common.h"
- var I, R: Agent;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, KDF(k(I,R),h(g(r),i),Ni,Nr) );
- send_!SWAP2( SWAP, SWAP, KDF(k(R,I),h(g(i),r),Ni,Nr) );
-
- }
-
-
-}
-# 17 "ikev1-quick-noid.cpp" 2
-# 27 "ikev1-quick-noid.cpp"
-usertype String;
-const list, algo: String;
-
-
-
-
-
-
-protocol @executability(O) {
-
-
- role O {
- var mid, i, r, Ni, Nr: Nonce;
- var I, R: Agent;
-
-
- recv_!O1( O, O, {prf(k(I,R), mid, list, Ni, g(i)), list, Ni, g(i)}k(I,R) );
- send_!O2( O, O, {prf(k(R,I), mid, list, Ni, g(i)), list, Ni, g(i)}k(R,I) );
-
-
- recv_!O3( O, O, {prf(k(R,I), mid, Ni, algo, Nr, g(r)), algo, Nr, g(r)}k(R,I) );
- send_!O4( O, O, {prf(k(I,R), mid, Ni, algo, Nr, g(r)), algo, Nr, g(r)}k(I,R) );
-
-
- recv_!O5( O, O, {prf(k(I,R), mid, Ni, Nr)}k(I,R) );
- send_!O6( O, O, {prf(k(R,I), mid, Ni, Nr)}k(R,I) );
-
- }
-
-
-}
-
-
-protocol ikev1-quick-noid(I, R)
-{
- role I {
- fresh i, Ni, Ci, mid: Nonce;
- var Nr, Cr: Nonce;
- var Gr: Ticket;
-
- send_!1( I, R, mid, {prf(k(I,R), mid, list, Ni, g(i)), list, Ni, g(i)}k(I,R) );
- recv_!2( R, I, mid, {prf(k(I,R), mid, Ni, algo, Nr, Gr), algo, Nr, Gr}k(I,R) );
- claim( I, Running, R, Ni, Nr, g(i), Gr );
- send_!3( I, R, mid, {prf(k(I,R), mid, Ni, Nr)}k(I,R) );
-
-
- claim( I, SKR, KDF(k(I,R),h(Gr,i),Ni,Nr) );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, Ni, Nr, g(i), Gr );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci, mid: Nonce;
- var Gi: Ticket;
-
- recv_!1( I, R, mid, {prf(k(R,I), mid, list, Ni, Gi), list, Ni, Gi}k(R,I) );
- claim( R, Running, I, Ni, Nr, Gi, g(r) );
- send_!2( R, I, mid, {prf(k(R,I), mid, Ni, algo, Nr, g(r)), algo, Nr, g(r)}k(R,I) );
- recv_!3( I, R, mid, {prf(k(R,I), mid, Ni, Nr)}k(R,I) );
-
-
-
- claim( R, SKR, KDF(k(R,I),h(Gi,r),Ni,Nr) );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Ni, Nr, Gi, g(r) );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-quick-nopfs.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-quick-nopfs.cpp
deleted file mode 100644
index 38a1fc4691595f88f193458b73ff5b5ea5c98103..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-quick-nopfs.cpp
+++ /dev/null
@@ -1,96 +0,0 @@
-/**********************************************************************
- * @protocol Internet Key Exchange Protocol (IKEv1)
- * @reference RFC 2409,
- * Boyd C. and Mathuria A., Protocols for Authentication
- * and Key Agreement
- * @variant Quick mode (no pfs), without optional identities
- **********************************************************************/
-
-/**
- * MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
- */
-
-#define __IKEV1_QUICK_NOPFS__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-/* k(I,R)=k(R,I) equal Ka from the spec */
-#define HASH1i prf(k(I,R), mid, list, Ni)
-#define HASH1r prf(k(R,I), mid, list, Ni)
-#define HASH2i prf(k(I,R), mid, Ni, algo, Nr)
-#define HASH2r prf(k(R,I), mid, Ni, algo, Nr)
-#define HASH3i prf(k(I,R), mid, Ni, Nr)
-#define HASH3r prf(k(R,I), mid, Ni, Nr)
-
-usertype String;
-const list, algo: String;
-
-/**
- * This role serves as an "oracle" to ensure the executability of the
- * protocol by taking care of the problems that arise from our way of
- * modelling k(I,R) = k(R,I).
- */
-protocol @executability(O) {
- role O {
- var mid, Ni, Nr: Nonce;
- var I, R: Agent;
-
- // msg 1
- recv_!O1( O, O, {HASH1i, list, Ni}k(I,R) );
- send_!O2( O, O, {HASH1r, list, Ni}k(R,I) );
-
- // msg 2
- recv_!O3( O, O, {HASH2r, algo, Nr}k(R,I) );
- send_!O4( O, O, {HASH2i, algo, Nr}k(I,R) );
-
- // msg 3
- recv_!O5( O, O, {HASH3i}k(I,R) );
- send_!O6( O, O, {HASH3r}k(R,I) );
-
- }
-}
-
-
-protocol ikev1-quick-nopfs(I, R)
-{
- role I {
- fresh i, Ni, Ci, mid: Nonce;
- var Nr, Cr: Nonce;
-
- send_!1( I, R, mid, {HASH1i, list, Ni}k(I,R) );
- recv_!2( R, I, mid, {HASH2i, algo, Nr}k(I,R) );
- claim( I, Running, R, Ni, Nr );
- send_!3( I, R, mid, {HASH3i}k(I,R) );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, Ni, Nr );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci, mid: Nonce;
-
- recv_!1( I, R, mid, {HASH1r, list, Ni}k(R,I) );
- claim( R, Running, I, Ni, Nr );
- send_!2( R, I, mid, {HASH2r, algo, Nr}k(R,I) );
- recv_!3( I, R, mid, {HASH3r}k(R,I) );
-
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Ni, Nr );
-
- }
-}
-// TODO: Incorporate into various phase 1 protocols (see spec for adaptions)
-// NOTE: If incorporated in phase 1, make sure to model with and without optional identities in msg 2 & 3
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-quick-nopfs.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-quick-nopfs.spdl
deleted file mode 100644
index c7d2f992cecb058650ba0261bac3a574c8b5f4af..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-quick-nopfs.spdl
+++ /dev/null
@@ -1,118 +0,0 @@
-# 1 "ikev1-quick-nopfs.cpp"
-# 1 "<command-line>"
-# 1 "ikev1-quick-nopfs.cpp"
-# 16 "ikev1-quick-nopfs.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-# 129 "common.h"
- var I, R: Agent;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, KDF(k(I,R),Ni,Nr) );
- send_!SWAP2( SWAP, SWAP, KDF(k(R,I),Ni,Nr) );
-
- }
-
-
-}
-# 17 "ikev1-quick-nopfs.cpp" 2
-# 27 "ikev1-quick-nopfs.cpp"
-usertype String;
-const list, algo: String;
-
-
-
-
-
-
-protocol @executability(O) {
- role O {
- var mid, Ni, Nr: Nonce;
- var I, R: Agent;
-
-
- recv_!O1( O, O, {prf(k(I,R), mid, list, Ni), list, Ni}k(I,R) );
- send_!O2( O, O, {prf(k(R,I), mid, list, Ni), list, Ni}k(R,I) );
-
-
- recv_!O3( O, O, {prf(k(R,I), mid, Ni, algo, Nr), algo, Nr}k(R,I) );
- send_!O4( O, O, {prf(k(I,R), mid, Ni, algo, Nr), algo, Nr}k(I,R) );
-
-
- recv_!O5( O, O, {prf(k(I,R), mid, Ni, Nr)}k(I,R) );
- send_!O6( O, O, {prf(k(R,I), mid, Ni, Nr)}k(R,I) );
-
- }
-}
-
-
-protocol ikev1-quick-nopfs(I, R)
-{
- role I {
- fresh i, Ni, Ci, mid: Nonce;
- var Nr, Cr: Nonce;
-
- send_!1( I, R, mid, {prf(k(I,R), mid, list, Ni), list, Ni}k(I,R) );
- recv_!2( R, I, mid, {prf(k(I,R), mid, Ni, algo, Nr), algo, Nr}k(I,R) );
- claim( I, Running, R, Ni, Nr );
- send_!3( I, R, mid, {prf(k(I,R), mid, Ni, Nr)}k(I,R) );
-
-
- claim( I, SKR, KDF(k(I,R),Ni,Nr) );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, Ni, Nr );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci, mid: Nonce;
-
- recv_!1( I, R, mid, {prf(k(R,I), mid, list, Ni), list, Ni}k(R,I) );
- claim( R, Running, I, Ni, Nr );
- send_!2( R, I, mid, {prf(k(R,I), mid, Ni, algo, Nr), algo, Nr}k(R,I) );
- recv_!3( I, R, mid, {prf(k(R,I), mid, Ni, Nr)}k(R,I) );
-
-
-
- claim( R, SKR, KDF(k(R,I),Ni,Nr) );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Ni, Nr );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-quick.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-quick.cpp
deleted file mode 100644
index 60e9fccfe7f3e7253b99c148912152914aec196e..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-quick.cpp
+++ /dev/null
@@ -1,70 +0,0 @@
-/**********************************************************************
- * @protocol Internet Key Exchange Protocol (IKEv1)
- * @reference RFC 2409,
- * Boyd C. and Mathuria A., Protocols for Authentication
- * and Key Agreement
- * @variant Quick mode (pfs), optional identities included
- **********************************************************************/
-
-/**
- * MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
- */
-
-#define __IKEV1_QUICK__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-/* k(I,R) equals Ka from the spec */
-#define HASH1i prf(k(I,R), mid, list, Ni, g(i), I, R)
-#define HASH1r prf(k(R,I), mid, list, Ni, Gi, I, R)
-#define HASH2i prf(k(I,R), mid, Ni, algo, Nr, Gr, I, R)
-#define HASH2r prf(k(R,I), mid, Ni, algo, Nr, g(r), I, R)
-#define HASH3i prf(k(I,R), mid, Ni, Nr)
-#define HASH3r prf(k(R,I), mid, Ni, Nr)
-
-
-protocol ikev1-quick(I, R)
-{
- role I {
- fresh i, Ni, Ci, mid, list: Nonce;
- var Nr, Cr, algo: Nonce;
- var Gr: Ticket;
-
- send_!1( I, R, mid, {HASH1i, list, Ni, g(i), I, R}k(I,R) );
- recv_!2( R, I, mid, {HASH2i, algo, Nr, Gr, I, R}k(I,R) );
- claim( I, Running, R, Ni, Nr, g(i), Gr );
- send_!3( I, R, mid, {HASH3i}k(I,R) );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, Ni, Nr, g(i), Gr );
-
- }
-
- role R {
- fresh r, Nr, Cr, algo: Nonce;
- var Ni, Ci, mid, list: Nonce;
- var Gi: Ticket;
-
- recv_!1( I, R, mid, {HASH1r, list, Ni, Gi, I, R}k(I,R) );
- claim( R, Running, I, Ni, Nr, Gi, g(r) );
- send_!2( R, I, mid, {HASH2r, algo, Nr, g(r), I, R}k(I,R) );
- recv_!3( I, R, mid, {HASH3r}k(I,R) );
-
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Ni, Nr, Gi, g(r) );
-
- }
-}
-// TODO: Incorporate into various phase 1 protocols (see spec for adaptions)
-// NOTE: If incorporated in phase 1, make sure to model with and without optional identities in msg 2 & 3
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-quick.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-quick.spdl
deleted file mode 100644
index 6a723c72a8d708953cfc64987229a06b38c800bb..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-quick.spdl
+++ /dev/null
@@ -1,91 +0,0 @@
-# 1 "ikev1-quick.cpp"
-# 1 "<command-line>"
-# 1 "ikev1-quick.cpp"
-# 16 "ikev1-quick.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-# 126 "common.h"
- var I, R: Agent;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, KDF(k(I,R),h(g(r),i),Ni,Nr) );
- send_!SWAP2( SWAP, SWAP, KDF(k(R,I),h(g(i),r),Ni,Nr) );
-
- }
-
-
-}
-# 17 "ikev1-quick.cpp" 2
-# 28 "ikev1-quick.cpp"
-protocol ikev1-quick(I, R)
-{
- role I {
- fresh i, Ni, Ci, mid, list: Nonce;
- var Nr, Cr, algo: Nonce;
- var Gr: Ticket;
-
- send_!1( I, R, mid, {prf(k(I,R), mid, list, Ni, g(i), I, R), list, Ni, g(i), I, R}k(I,R) );
- recv_!2( R, I, mid, {prf(k(I,R), mid, Ni, algo, Nr, Gr, I, R), algo, Nr, Gr, I, R}k(I,R) );
- claim( I, Running, R, Ni, Nr, g(i), Gr );
- send_!3( I, R, mid, {prf(k(I,R), mid, Ni, Nr)}k(I,R) );
-
-
- claim( I, SKR, KDF(k(I,R),h(Gr,i),Ni,Nr) );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, Ni, Nr, g(i), Gr );
-
- }
-
- role R {
- fresh r, Nr, Cr, algo: Nonce;
- var Ni, Ci, mid, list: Nonce;
- var Gi: Ticket;
-
- recv_!1( I, R, mid, {prf(k(R,I), mid, list, Ni, Gi, I, R), list, Ni, Gi, I, R}k(I,R) );
- claim( R, Running, I, Ni, Nr, Gi, g(r) );
- send_!2( R, I, mid, {prf(k(R,I), mid, Ni, algo, Nr, g(r), I, R), algo, Nr, g(r), I, R}k(I,R) );
- recv_!3( I, R, mid, {prf(k(R,I), mid, Ni, Nr)}k(I,R) );
-
-
-
- claim( R, SKR, KDF(k(R,I),h(Gi,r),Ni,Nr) );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Ni, Nr, Gi, g(r) );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-sig-a-perlman1.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-sig-a-perlman1.cpp
deleted file mode 100644
index ddebfcbbfce70721b1d9d40768cf03a63f246e68..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-sig-a-perlman1.cpp
+++ /dev/null
@@ -1,99 +0,0 @@
-/***********************************************************************
- * @protocol Internet Key Exchange Protocol (IKEv1)
- * @reference RFC 2409,
- * Boyd C. and Mathuria A., Protocols for Authentication
- * and Key Agreement
- * @variant Digital signature authentication (aggressive mode) with
- * a modification suggested by Perlman et al. (last msg not
- * encrypted)
- ***********************************************************************/
-
-/**
- * MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
- */
-
-#define __IKEV1__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-#define HDR (Ci,Cr)
-#define SKEYIDi prf(Ni,Nr,Zi)
-#define SKEYIDr prf(Ni,Nr,Zr)
-#define HASH_Ii prf(Ni, Nr, Zi, g(i), Gr, Ci, Cr, list, I)
-#define HASH_Ir prf(Ni, Nr, Zr, Gi, g(r), Ci, Cr, list, I)
-#define HASH_Ri prf(Ni, Nr, Zi, Gr, g(i), Cr, Ci, list, R)
-#define HASH_Rr prf(Ni, Nr, Zr, g(r), Gi, Cr, Ci, list, R)
-
-usertype String;
-const list, algo: String;
-
-
-/**
- * This role serves as an "oracle" to ensure the executability of the
- * protocol by taking care of the problems that arise from our way of
- * modelling Diffie-Hellman keys.
- */
-protocol @executability(O) {
-#define Gi g(i)
-#define Gr g(r)
- role O {
- var i, r, Ni, Nr, Ci, Cr: Nonce;
- var I, R: Agent;
-
- // msg 2
- recv_!O1( O, O, {R}SKr, {HASH_Rr}sk(R) );
- send_!O2( O, O, {R}SKi, {HASH_Ri}sk(R) );
-
- // msg 3
- recv_!O3( O, O, {I}SKi, {HASH_Ii}sk(I) );
- send_!O4( O, O, {I}SKr, {HASH_Ir}sk(I) );
-
- }
-#undef Gi
-#undef Gr
-}
-
-
-protocol ikev1-sig-a-perlman1(I, R)
-{
-
- role I {
- fresh i, Ni, Ci: Nonce;
- var Nr, Cr: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, Ci, list, g(i), Ni );
- recv_!2( R, I, HDR, algo, Gr, Nr, {R}SKi, {HASH_Ri}sk(R) );
- claim( I, Running, R, Ni, Nr, g(i), Gr, Ci, Cr );
- send_!3( I, R, HDR, {I}SKi, {HASH_Ii}sk(I) );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, Ni, Nr, g(i), Gr, Ci, Cr );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Ci, list, Gi, Ni );
- claim( R, Running, I, Ni, Nr, Gi, g(r), Ci, Cr );
- send_!2( R, I, HDR, algo, g(r), Nr, R, {R}SKr, {HASH_Rr}sk(R) );
- recv_!3( I, R, HDR, {I}SKr, {HASH_Ir}sk(I) );
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Ni, Nr, Gi, g(r), Ci, Cr );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-sig-a-perlman1.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-sig-a-perlman1.spdl
deleted file mode 100644
index f758a99fc3757563feedbddba9d8c3e21e4aa864..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-sig-a-perlman1.spdl
+++ /dev/null
@@ -1,130 +0,0 @@
-# 1 "ikev1-sig-a-perlman1.cpp"
-# 1 "<command-line>"
-# 1 "ikev1-sig-a-perlman1.cpp"
-# 18 "ikev1-sig-a-perlman1.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-
-
-
-
-
-
-
-hashfunction H;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-
-
- var Ci, Cr: Nonce;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, KDF(Ni, Nr, h(g(r),i), Ci, Cr) );
- send_!SWAP2( SWAP, SWAP, KDF(Ni, Nr, h(g(i),r), Ci, Cr) );
-
- }
-
-
-}
-# 19 "ikev1-sig-a-perlman1.cpp" 2
-# 29 "ikev1-sig-a-perlman1.cpp"
-usertype String;
-const list, algo: String;
-
-
-
-
-
-
-
-protocol @executability(O) {
-
-
- role O {
- var i, r, Ni, Nr, Ci, Cr: Nonce;
- var I, R: Agent;
-
-
- recv_!O1( O, O, {R}KDF(Ni, Nr, h(g(i),r), Ci, Cr), {prf(Ni, Nr, h(g(i),r), g(r), g(i), Cr, Ci, list, R)}sk(R) );
- send_!O2( O, O, {R}KDF(Ni, Nr, h(g(r),i), Ci, Cr), {prf(Ni, Nr, h(g(r),i), g(r), g(i), Cr, Ci, list, R)}sk(R) );
-
-
- recv_!O3( O, O, {I}KDF(Ni, Nr, h(g(r),i), Ci, Cr), {prf(Ni, Nr, h(g(r),i), g(i), g(r), Ci, Cr, list, I)}sk(I) );
- send_!O4( O, O, {I}KDF(Ni, Nr, h(g(i),r), Ci, Cr), {prf(Ni, Nr, h(g(i),r), g(i), g(r), Ci, Cr, list, I)}sk(I) );
-
- }
-
-
-}
-
-
-protocol ikev1-sig-a-perlman1(I, R)
-{
-
- role I {
- fresh i, Ni, Ci: Nonce;
- var Nr, Cr: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, Ci, list, g(i), Ni );
- recv_!2( R, I, (Ci,Cr), algo, Gr, Nr, {R}KDF(Ni, Nr, h(Gr,i), Ci, Cr), {prf(Ni, Nr, h(Gr,i), Gr, g(i), Cr, Ci, list, R)}sk(R) );
- claim( I, Running, R, Ni, Nr, g(i), Gr, Ci, Cr );
- send_!3( I, R, (Ci,Cr), {I}KDF(Ni, Nr, h(Gr,i), Ci, Cr), {prf(Ni, Nr, h(Gr,i), g(i), Gr, Ci, Cr, list, I)}sk(I) );
-
-
- claim( I, SKR, KDF(Ni, Nr, h(Gr,i), Ci, Cr) );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, Ni, Nr, g(i), Gr, Ci, Cr );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Ci, list, Gi, Ni );
- claim( R, Running, I, Ni, Nr, Gi, g(r), Ci, Cr );
- send_!2( R, I, (Ci,Cr), algo, g(r), Nr, R, {R}KDF(Ni, Nr, h(Gi,r), Ci, Cr), {prf(Ni, Nr, h(Gi,r), g(r), Gi, Cr, Ci, list, R)}sk(R) );
- recv_!3( I, R, (Ci,Cr), {I}KDF(Ni, Nr, h(Gi,r), Ci, Cr), {prf(Ni, Nr, h(Gi,r), Gi, g(r), Ci, Cr, list, I)}sk(I) );
-
-
- claim( R, SKR, KDF(Ni, Nr, h(Gi,r), Ci, Cr) );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Ni, Nr, Gi, g(r), Ci, Cr );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-sig-a-perlman2.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-sig-a-perlman2.cpp
deleted file mode 100644
index e39a7b90f03a25100a35ee722708bf45b10ab1ae..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-sig-a-perlman2.cpp
+++ /dev/null
@@ -1,99 +0,0 @@
-/**********************************************************************
- * @protocol Internet Key Exchange Protocol (IKEv1)
- * @reference RFC 2409,
- * Boyd C. and Mathuria A., Protocols for Authentication
- * and Key Agreement
- * @variant Digital signature authentication (aggressive mode) with
- * a modification suggested by Perlman et al. (last msg
- * encrypted)
- **********************************************************************/
-
-/**
- * MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
- */
-
-#define __IKEV1__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-#define HDR (Ci,Cr)
-#define SKEYIDi prf(Ni,Nr,Zi)
-#define SKEYIDr prf(Ni,Nr,Zr)
-#define HASH_Ii prf(Ni, Nr, Zi, g(i), Gr, Ci, Cr, list, I)
-#define HASH_Ir prf(Ni, Nr, Zr, Gi, g(r), Ci, Cr, list, I)
-#define HASH_Ri prf(Ni, Nr, Zi, Gr, g(i), Cr, Ci, list, R)
-#define HASH_Rr prf(Ni, Nr, Zr, g(r), Gi, Cr, Ci, list, R)
-
-usertype String;
-const list, algo: String;
-
-
-/**
- * This role serves as an "oracle" to ensure the executability of the
- * protocol by taking care of the problems that arise from our way of
- * modelling Diffie-Hellman keys.
- */
-protocol @executability(O) {
-#define Gi g(i)
-#define Gr g(r)
- role O {
- var i, r, Ni, Nr, Ci, Cr: Nonce;
- var I, R: Agent;
-
- // msg 2
- recv_!O1( O, O, {R}SKr, {HASH_Rr}sk(R) );
- send_!O2( O, O, {R}SKi, {HASH_Ri}sk(R) );
-
- // msg 3
- recv_!O3( O, O, {I, {HASH_Ii}sk(I)}SKi );
- send_!O4( O, O, {I, {HASH_Ir}sk(I)}SKr );
-
- }
-#undef Gi
-#undef Gr
-}
-
-
-protocol ikev1-sig-a-perlman2(I, R)
-{
-
- role I {
- fresh i, Ni, Ci: Nonce;
- var Nr, Cr: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, Ci, list, g(i), Ni );
- recv_!2( R, I, HDR, algo, Gr, Nr, {R}SKi, {HASH_Ri}sk(R) );
- claim( I, Running, R, Ni, Nr, g(i), Gr, Ci, Cr );
- send_!3( I, R, HDR, {I, {HASH_Ii}sk(I)}SKi );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, Ni, Nr, g(i), Gr, Ci, Cr );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Ci, list, Gi, Ni );
- claim( R, Running, I, Ni, Nr, Gi, g(r), Ci, Cr );
- send_!2( R, I, HDR, algo, g(r), Nr, R, {R}SKr, {HASH_Rr}sk(R) );
- recv_!3( I, R, HDR, {I, {HASH_Ir}sk(I)}SKr );
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Ni, Nr, Gi, g(r), Ci, Cr );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-sig-a-perlman2.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-sig-a-perlman2.spdl
deleted file mode 100644
index c2edf7d670b607ae011aaea618b2cad7346d49db..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-sig-a-perlman2.spdl
+++ /dev/null
@@ -1,130 +0,0 @@
-# 1 "ikev1-sig-a-perlman2.cpp"
-# 1 "<command-line>"
-# 1 "ikev1-sig-a-perlman2.cpp"
-# 18 "ikev1-sig-a-perlman2.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-
-
-
-
-
-
-
-hashfunction H;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-
-
- var Ci, Cr: Nonce;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, KDF(Ni, Nr, h(g(r),i), Ci, Cr) );
- send_!SWAP2( SWAP, SWAP, KDF(Ni, Nr, h(g(i),r), Ci, Cr) );
-
- }
-
-
-}
-# 19 "ikev1-sig-a-perlman2.cpp" 2
-# 29 "ikev1-sig-a-perlman2.cpp"
-usertype String;
-const list, algo: String;
-
-
-
-
-
-
-
-protocol @executability(O) {
-
-
- role O {
- var i, r, Ni, Nr, Ci, Cr: Nonce;
- var I, R: Agent;
-
-
- recv_!O1( O, O, {R}KDF(Ni, Nr, h(g(i),r), Ci, Cr), {prf(Ni, Nr, h(g(i),r), g(r), g(i), Cr, Ci, list, R)}sk(R) );
- send_!O2( O, O, {R}KDF(Ni, Nr, h(g(r),i), Ci, Cr), {prf(Ni, Nr, h(g(r),i), g(r), g(i), Cr, Ci, list, R)}sk(R) );
-
-
- recv_!O3( O, O, {I, {prf(Ni, Nr, h(g(r),i), g(i), g(r), Ci, Cr, list, I)}sk(I)}KDF(Ni, Nr, h(g(r),i), Ci, Cr) );
- send_!O4( O, O, {I, {prf(Ni, Nr, h(g(i),r), g(i), g(r), Ci, Cr, list, I)}sk(I)}KDF(Ni, Nr, h(g(i),r), Ci, Cr) );
-
- }
-
-
-}
-
-
-protocol ikev1-sig-a-perlman2(I, R)
-{
-
- role I {
- fresh i, Ni, Ci: Nonce;
- var Nr, Cr: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, Ci, list, g(i), Ni );
- recv_!2( R, I, (Ci,Cr), algo, Gr, Nr, {R}KDF(Ni, Nr, h(Gr,i), Ci, Cr), {prf(Ni, Nr, h(Gr,i), Gr, g(i), Cr, Ci, list, R)}sk(R) );
- claim( I, Running, R, Ni, Nr, g(i), Gr, Ci, Cr );
- send_!3( I, R, (Ci,Cr), {I, {prf(Ni, Nr, h(Gr,i), g(i), Gr, Ci, Cr, list, I)}sk(I)}KDF(Ni, Nr, h(Gr,i), Ci, Cr) );
-
-
- claim( I, SKR, KDF(Ni, Nr, h(Gr,i), Ci, Cr) );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, Ni, Nr, g(i), Gr, Ci, Cr );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Ci, list, Gi, Ni );
- claim( R, Running, I, Ni, Nr, Gi, g(r), Ci, Cr );
- send_!2( R, I, (Ci,Cr), algo, g(r), Nr, R, {R}KDF(Ni, Nr, h(Gi,r), Ci, Cr), {prf(Ni, Nr, h(Gi,r), g(r), Gi, Cr, Ci, list, R)}sk(R) );
- recv_!3( I, R, (Ci,Cr), {I, {prf(Ni, Nr, h(Gi,r), Gi, g(r), Ci, Cr, list, I)}sk(I)}KDF(Ni, Nr, h(Gi,r), Ci, Cr) );
-
-
- claim( R, SKR, KDF(Ni, Nr, h(Gi,r), Ci, Cr) );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Ni, Nr, Gi, g(r), Ci, Cr );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-sig-a1.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-sig-a1.cpp
deleted file mode 100644
index 418492e69ea13476cf63d52bad95dea2b469560d..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-sig-a1.cpp
+++ /dev/null
@@ -1,98 +0,0 @@
-/**********************************************************************
- * @protocol Internet Key Exchange Protocol (IKEv1)
- * @reference RFC 2409,
- * Boyd C. and Mathuria A., Protocols for Authentication
- * and Key Agreement
- * @variant Digital signature authentication (aggressive mode)
- * where the last message is not encrypted
- **********************************************************************/
-
-/**
- * MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
- */
-
-#define __IKEV1__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-#define HDR (Ci,Cr)
-#define SKEYIDi prf(Ni,Nr,Zi)
-#define SKEYIDr prf(Ni,Nr,Zr)
-#define HASH_Ii prf(Ni, Nr, Zi, g(i), Gr, Ci, Cr, list, I)
-#define HASH_Ir prf(Ni, Nr, Zr, Gi, g(r), Ci, Cr, list, I)
-#define HASH_Ri prf(Ni, Nr, Zi, Gr, g(i), Cr, Ci, list, R)
-#define HASH_Rr prf(Ni, Nr, Zr, g(r), Gi, Cr, Ci, list, R)
-
-usertype String;
-const list, algo: String;
-
-
-/**
- * This role serves as an "oracle" to ensure the executability of the
- * protocol by taking care of the problems that arise from our way of
- * modelling Diffie-Hellman keys.
- */
-protocol @executability(O) {
-#define Gi g(i)
-#define Gr g(r)
- role O {
- var i, r, Ni, Nr, Ci, Cr: Nonce;
- var I, R: Agent;
-
- // msg 2
- recv_!O1( O, O, {HASH_Rr}sk(R) );
- send_!O2( O, O, {HASH_Ri}sk(R) );
-
- // msg 3
- recv_!O3( O, O, {HASH_Ii}sk(I) );
- send_!O4( O, O, {HASH_Ir}sk(I) );
-
- }
-#undef Gi
-#undef Gr
-}
-
-
-protocol ikev1-sig-a1(I, R)
-{
-
- role I {
- fresh i, Ni, Ci: Nonce;
- var Nr, Cr: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, Ci, list, g(i), Ni, I );
- recv_!2( R, I, HDR, algo, Gr, Nr, R, {HASH_Ri}sk(R) );
- claim( I, Running, R, Ni, Nr, g(i), Gr, Ci, Cr );
- send_!3( I, R, HDR, {HASH_Ii}sk(I) );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, Ni, Nr, g(i), Gr, Ci, Cr );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Ci, list, Gi, Ni, I );
- claim( R, Running, I, Ni, Nr, Gi, g(r), Ci, Cr );
- send_!2( R, I, HDR, algo, g(r), Nr, R, {HASH_Rr}sk(R) );
- recv_!3( I, R, HDR, {HASH_Ir}sk(I) );
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Ni, Nr, Gi, g(r), Ci, Cr );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-sig-a1.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-sig-a1.spdl
deleted file mode 100644
index 327c4fe6b183204d86e2a6bdd43a4f8f081d7fb3..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-sig-a1.spdl
+++ /dev/null
@@ -1,130 +0,0 @@
-# 1 "ikev1-sig-a1.cpp"
-# 1 "<command-line>"
-# 1 "ikev1-sig-a1.cpp"
-# 17 "ikev1-sig-a1.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-
-
-
-
-
-
-
-hashfunction H;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-
-
- var Ci, Cr: Nonce;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, KDF(Ni, Nr, h(g(r),i), Ci, Cr) );
- send_!SWAP2( SWAP, SWAP, KDF(Ni, Nr, h(g(i),r), Ci, Cr) );
-
- }
-
-
-}
-# 18 "ikev1-sig-a1.cpp" 2
-# 28 "ikev1-sig-a1.cpp"
-usertype String;
-const list, algo: String;
-
-
-
-
-
-
-
-protocol @executability(O) {
-
-
- role O {
- var i, r, Ni, Nr, Ci, Cr: Nonce;
- var I, R: Agent;
-
-
- recv_!O1( O, O, {prf(Ni, Nr, h(g(i),r), g(r), g(i), Cr, Ci, list, R)}sk(R) );
- send_!O2( O, O, {prf(Ni, Nr, h(g(r),i), g(r), g(i), Cr, Ci, list, R)}sk(R) );
-
-
- recv_!O3( O, O, {prf(Ni, Nr, h(g(r),i), g(i), g(r), Ci, Cr, list, I)}sk(I) );
- send_!O4( O, O, {prf(Ni, Nr, h(g(i),r), g(i), g(r), Ci, Cr, list, I)}sk(I) );
-
- }
-
-
-}
-
-
-protocol ikev1-sig-a1(I, R)
-{
-
- role I {
- fresh i, Ni, Ci: Nonce;
- var Nr, Cr: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, Ci, list, g(i), Ni, I );
- recv_!2( R, I, (Ci,Cr), algo, Gr, Nr, R, {prf(Ni, Nr, h(Gr,i), Gr, g(i), Cr, Ci, list, R)}sk(R) );
- claim( I, Running, R, Ni, Nr, g(i), Gr, Ci, Cr );
- send_!3( I, R, (Ci,Cr), {prf(Ni, Nr, h(Gr,i), g(i), Gr, Ci, Cr, list, I)}sk(I) );
-
-
- claim( I, SKR, KDF(Ni, Nr, h(Gr,i), Ci, Cr) );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, Ni, Nr, g(i), Gr, Ci, Cr );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Ci, list, Gi, Ni, I );
- claim( R, Running, I, Ni, Nr, Gi, g(r), Ci, Cr );
- send_!2( R, I, (Ci,Cr), algo, g(r), Nr, R, {prf(Ni, Nr, h(Gi,r), g(r), Gi, Cr, Ci, list, R)}sk(R) );
- recv_!3( I, R, (Ci,Cr), {prf(Ni, Nr, h(Gi,r), Gi, g(r), Ci, Cr, list, I)}sk(I) );
-
-
- claim( R, SKR, KDF(Ni, Nr, h(Gi,r), Ci, Cr) );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Ni, Nr, Gi, g(r), Ci, Cr );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-sig-a2.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-sig-a2.cpp
deleted file mode 100644
index 1c81dab28f63a04bd0c5fe2c12704b9249575c8e..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-sig-a2.cpp
+++ /dev/null
@@ -1,99 +0,0 @@
-/**********************************************************************
- * @protocol Internet Key Exchange Protocol (IKEv1)
- * @reference RFC 2409,
- * Boyd C. and Mathuria A., Protocols for Authentication
- * and Key Agreement
- * @variant Digital signature authentication (aggressive mode)
- * where thelast message is encrypted with the session key
- **********************************************************************/
-
-/**
- * MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
- */
-
-#define __IKEV1__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-#define HDR (Ci,Cr)
-#define SKEYIDi prf(Ni,Nr,Zi)
-#define SKEYIDr prf(Ni,Nr,Zr)
-#define HASH_Ii prf(Ni, Nr, Zi, g(i), Gr, Ci, Cr, list, I)
-#define HASH_Ir prf(Ni, Nr, Zr, Gi, g(r), Ci, Cr, list, I)
-#define HASH_Ri prf(Ni, Nr, Zi, Gr, g(i), Cr, Ci, list, R)
-#define HASH_Rr prf(Ni, Nr, Zr, g(r), Gi, Cr, Ci, list, R)
-
-
-usertype String;
-const list, algo: String;
-
-
-/**
- * This role serves as an "oracle" to ensure the executability of the
- * protocol by taking care of the problems that arise from our way of
- * modelling Diffie-Hellman keys.
- */
-protocol @executability(O) {
-#define Gi g(i)
-#define Gr g(r)
- role O {
- var i, r, Ni, Nr, Ci, Cr: Nonce;
- var I, R: Agent;
-
- // msg 2
- recv_!O1( O, O, {HASH_Rr}sk(R) );
- send_!O2( O, O, {HASH_Ri}sk(R) );
-
- // msg 3
- recv_!O3( O, O, {{HASH_Ii}sk(I)}SKi );
- send_!O4( O, O, {{HASH_Ir}sk(I)}SKr );
-
- }
-#undef Gi
-#undef Gr
-}
-
-
-protocol ikev1-sig-a2(I, R)
-{
-
- role I {
- fresh i, Ni, Ci: Nonce;
- var Nr, Cr: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, Ci, list, g(i), Ni, I );
- recv_!2( R, I, HDR, algo, Gr, Nr, R, {HASH_Ri}sk(R) );
- claim( I, Running, R, Ni, Nr, g(i), Gr, Ci, Cr );
- send_!3( I, R, HDR, {{HASH_Ii}sk(I)}SKi );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, Ni, Nr, g(i), Gr, Ci, Cr );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Ci, list, Gi, Ni, I );
- claim( R, Running, I, Ni, Nr, Gi, g(r), Ci, Cr );
- send_!2( R, I, HDR, algo, g(r), Nr, R, {HASH_Rr}sk(R) );
- recv_!3( I, R, HDR, {{HASH_Ir}sk(I)}SKr );
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Ni, Nr, Gi, g(r), Ci, Cr );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-sig-a2.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-sig-a2.spdl
deleted file mode 100644
index b0e6e07cb50087e2ec19c11cb2c15b763931cf38..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-sig-a2.spdl
+++ /dev/null
@@ -1,130 +0,0 @@
-# 1 "ikev1-sig-a2.cpp"
-# 1 "<command-line>"
-# 1 "ikev1-sig-a2.cpp"
-# 17 "ikev1-sig-a2.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-
-
-
-
-
-
-
-hashfunction H;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-
-
- var Ci, Cr: Nonce;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, KDF(Ni, Nr, h(g(r),i), Ci, Cr) );
- send_!SWAP2( SWAP, SWAP, KDF(Ni, Nr, h(g(i),r), Ci, Cr) );
-
- }
-
-
-}
-# 18 "ikev1-sig-a2.cpp" 2
-# 29 "ikev1-sig-a2.cpp"
-usertype String;
-const list, algo: String;
-
-
-
-
-
-
-
-protocol @executability(O) {
-
-
- role O {
- var i, r, Ni, Nr, Ci, Cr: Nonce;
- var I, R: Agent;
-
-
- recv_!O1( O, O, {prf(Ni, Nr, h(g(i),r), g(r), g(i), Cr, Ci, list, R)}sk(R) );
- send_!O2( O, O, {prf(Ni, Nr, h(g(r),i), g(r), g(i), Cr, Ci, list, R)}sk(R) );
-
-
- recv_!O3( O, O, {{prf(Ni, Nr, h(g(r),i), g(i), g(r), Ci, Cr, list, I)}sk(I)}KDF(Ni, Nr, h(g(r),i), Ci, Cr) );
- send_!O4( O, O, {{prf(Ni, Nr, h(g(i),r), g(i), g(r), Ci, Cr, list, I)}sk(I)}KDF(Ni, Nr, h(g(i),r), Ci, Cr) );
-
- }
-
-
-}
-
-
-protocol ikev1-sig-a2(I, R)
-{
-
- role I {
- fresh i, Ni, Ci: Nonce;
- var Nr, Cr: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, Ci, list, g(i), Ni, I );
- recv_!2( R, I, (Ci,Cr), algo, Gr, Nr, R, {prf(Ni, Nr, h(Gr,i), Gr, g(i), Cr, Ci, list, R)}sk(R) );
- claim( I, Running, R, Ni, Nr, g(i), Gr, Ci, Cr );
- send_!3( I, R, (Ci,Cr), {{prf(Ni, Nr, h(Gr,i), g(i), Gr, Ci, Cr, list, I)}sk(I)}KDF(Ni, Nr, h(Gr,i), Ci, Cr) );
-
-
- claim( I, SKR, KDF(Ni, Nr, h(Gr,i), Ci, Cr) );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, Ni, Nr, g(i), Gr, Ci, Cr );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Ci, list, Gi, Ni, I );
- claim( R, Running, I, Ni, Nr, Gi, g(r), Ci, Cr );
- send_!2( R, I, (Ci,Cr), algo, g(r), Nr, R, {prf(Ni, Nr, h(Gi,r), g(r), Gi, Cr, Ci, list, R)}sk(R) );
- recv_!3( I, R, (Ci,Cr), {{prf(Ni, Nr, h(Gi,r), Gi, g(r), Ci, Cr, list, I)}sk(I)}KDF(Ni, Nr, h(Gi,r), Ci, Cr) );
-
-
- claim( R, SKR, KDF(Ni, Nr, h(Gi,r), Ci, Cr) );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Ni, Nr, Gi, g(r), Ci, Cr );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-sig-m-perlman.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-sig-m-perlman.cpp
deleted file mode 100644
index 4129ae25b1cbc4703b74bf4f164b6a87929f2d8c..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-sig-m-perlman.cpp
+++ /dev/null
@@ -1,100 +0,0 @@
-/**********************************************************************
- * @protocol Internet Key Exchange Protocol (IKEv1)
- * @reference RFC 2409,
- * Boyd C. and Mathuria A., Protocols for Authentication
- * and Key Agreement
- * @variant Digital signature authentication (aggressive mode) with
- * a modification suggested by Perlman et al.
- **********************************************************************/
-
-/**
- * MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
- */
-
-#define __IKEV1__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-#define SKEYIDi prf(Ni,Nr,Zi)
-#define SKEYIDr prf(Ni,Nr,Zr)
-#define HASH_Ii prf(Ni, Nr, Zi, g(i), Gr, Ci, Cr, list, I)
-#define HASH_Ir prf(Ni, Nr, Zr, Gi, g(r), Ci, Cr, list, I)
-#define HASH_Ri prf(Ni, Nr, Zi, Gr, g(i), Cr, Ci, list, R)
-#define HASH_Rr prf(Ni, Nr, Zr, g(r), Gi, Cr, Ci, list, R)
-
-usertype String;
-const list, algo: String;
-
-
-/**
- * This role serves as an "oracle" to ensure the executability of the
- * protocol by taking care of the problems that arise from our way of
- * modelling Diffie-Hellman keys.
- */
-protocol @executability(O) {
-#define Gi g(i)
-#define Gr g(r)
- role O {
- var i, r, Ni, Nr, Ci, Cr: Nonce;
- var I, R: Agent;
-
- // msg 4
- recv_!O1( O, O, {R, {HASH_Rr}sk(R)}SKr );
- send_!O2( O, O, {R, {HASH_Ri}sk(R)}SKi );
-
- // msg 5
- recv_!O3( O, O, {I, {HASH_Ii}sk(I)}SKi );
- send_!O4( O, O, {I, {HASH_Ir}sk(I)}SKr );
-
- }
-#undef Gi
-#undef Gr
-}
-
-
-protocol ikev1-sig-m-perlman(I, R)
-{
- role I {
- fresh i, Ni, Ci: Nonce;
- var Nr, Cr: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, Ci, list );
- recv_2( R, I, Ci, Cr, algo );
- send_3( I, R, Ci, Cr, g(i), Ni );
- recv_!4( R, I, Ci, Cr, Gr, Nr, {R, {HASH_Ri}sk(R)}SKi );
- claim( I, Running, R, Ni, Nr, g(i), Gr, Ci, Cr );
- send_!5( I, R, Ci, Cr, {I, {HASH_Ii}sk(I)}SKi );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, Ni, Nr, g(i), Gr, Ci, Cr );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Ci, list );
- send_2( R, I, Ci, Cr, algo );
- recv_3( I, R, Ci, Cr, Gi, Ni );
- claim( R, Running, I, Ni, Nr, Gi, g(r), Ci, Cr );
- send_!4( R, I, Ci, Cr, g(r), Nr, {R, {HASH_Rr}sk(R)}SKr );
- recv_!5( I, R, Ci, Cr, {I, {HASH_Ir}sk(I)}SKr );
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Ni, Nr, Gi, g(r), Ci, Cr );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-sig-m-perlman.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-sig-m-perlman.spdl
deleted file mode 100644
index 321fc1b2c8b331587c33d5d7de6205b6293e6045..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-sig-m-perlman.spdl
+++ /dev/null
@@ -1,133 +0,0 @@
-# 1 "ikev1-sig-m-perlman.cpp"
-# 1 "<command-line>"
-# 1 "ikev1-sig-m-perlman.cpp"
-# 17 "ikev1-sig-m-perlman.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-
-
-
-
-
-
-
-hashfunction H;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-
-
- var Ci, Cr: Nonce;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, KDF(Ni, Nr, h(g(r),i), Ci, Cr) );
- send_!SWAP2( SWAP, SWAP, KDF(Ni, Nr, h(g(i),r), Ci, Cr) );
-
- }
-
-
-}
-# 18 "ikev1-sig-m-perlman.cpp" 2
-# 27 "ikev1-sig-m-perlman.cpp"
-usertype String;
-const list, algo: String;
-
-
-
-
-
-
-
-protocol @executability(O) {
-
-
- role O {
- var i, r, Ni, Nr, Ci, Cr: Nonce;
- var I, R: Agent;
-
-
- recv_!O1( O, O, {R, {prf(Ni, Nr, h(g(i),r), g(r), g(i), Cr, Ci, list, R)}sk(R)}KDF(Ni, Nr, h(g(i),r), Ci, Cr) );
- send_!O2( O, O, {R, {prf(Ni, Nr, h(g(r),i), g(r), g(i), Cr, Ci, list, R)}sk(R)}KDF(Ni, Nr, h(g(r),i), Ci, Cr) );
-
-
- recv_!O3( O, O, {I, {prf(Ni, Nr, h(g(r),i), g(i), g(r), Ci, Cr, list, I)}sk(I)}KDF(Ni, Nr, h(g(r),i), Ci, Cr) );
- send_!O4( O, O, {I, {prf(Ni, Nr, h(g(i),r), g(i), g(r), Ci, Cr, list, I)}sk(I)}KDF(Ni, Nr, h(g(i),r), Ci, Cr) );
-
- }
-
-
-}
-
-
-protocol ikev1-sig-m-perlman(I, R)
-{
- role I {
- fresh i, Ni, Ci: Nonce;
- var Nr, Cr: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, Ci, list );
- recv_2( R, I, Ci, Cr, algo );
- send_3( I, R, Ci, Cr, g(i), Ni );
- recv_!4( R, I, Ci, Cr, Gr, Nr, {R, {prf(Ni, Nr, h(Gr,i), Gr, g(i), Cr, Ci, list, R)}sk(R)}KDF(Ni, Nr, h(Gr,i), Ci, Cr) );
- claim( I, Running, R, Ni, Nr, g(i), Gr, Ci, Cr );
- send_!5( I, R, Ci, Cr, {I, {prf(Ni, Nr, h(Gr,i), g(i), Gr, Ci, Cr, list, I)}sk(I)}KDF(Ni, Nr, h(Gr,i), Ci, Cr) );
-
-
- claim( I, SKR, KDF(Ni, Nr, h(Gr,i), Ci, Cr) );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, Ni, Nr, g(i), Gr, Ci, Cr );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Ci, list );
- send_2( R, I, Ci, Cr, algo );
- recv_3( I, R, Ci, Cr, Gi, Ni );
- claim( R, Running, I, Ni, Nr, Gi, g(r), Ci, Cr );
- send_!4( R, I, Ci, Cr, g(r), Nr, {R, {prf(Ni, Nr, h(Gi,r), g(r), Gi, Cr, Ci, list, R)}sk(R)}KDF(Ni, Nr, h(Gi,r), Ci, Cr) );
- recv_!5( I, R, Ci, Cr, {I, {prf(Ni, Nr, h(Gi,r), Gi, g(r), Ci, Cr, list, I)}sk(I)}KDF(Ni, Nr, h(Gi,r), Ci, Cr) );
-
-
- claim( R, SKR, KDF(Ni, Nr, h(Gi,r), Ci, Cr) );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Ni, Nr, Gi, g(r), Ci, Cr );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-sig-m.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-sig-m.cpp
deleted file mode 100644
index f24b78f9c291e0ea1bbeadb96094819d542cab2e..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-sig-m.cpp
+++ /dev/null
@@ -1,102 +0,0 @@
-/**********************************************************************
- * @protocol Internet Key Exchange Protocol (IKEv1)
- * @reference RFC 2409,
- * Boyd C. and Mathuria A., Protocols for Authentication
- * and Key Agreement
- * @variant Digital signature authentication (aggressive mode)
- **********************************************************************/
-
-/**
- * MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
- */
-
-#define __IKEV1__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-#define HDR (Ci,Cr)
-#define SKEYIDi prf(Ni,Nr,Zi)
-#define SKEYIDr prf(Ni,Nr,Zr)
-#define HASH_Ii prf(Ni, Nr, Zi, g(i), Gr, Ci, Cr, list, I)
-#define HASH_Ir prf(Ni, Nr, Zr, Gi, g(r), Ci, Cr, list, I)
-#define HASH_Ri prf(Ni, Nr, Zi, Gr, g(i), Cr, Ci, list, R)
-#define HASH_Rr prf(Ni, Nr, Zr, g(r), Gi, Cr, Ci, list, R)
-
-
-usertype String;
-const list, algo: String;
-
-
-/**
- * This role serves as an "oracle" to ensure the executability of the
- * protocol by taking care of the problems that arise from our way of
- * modelling Diffie-Hellman keys.
- */
-protocol @executability(O) {
-#define Gi g(i)
-#define Gr g(r)
- role O {
- var i, r, Ni, Nr, Ci, Cr: Nonce;
- var I, R: Agent;
-
- // msg 5
- recv_!O1( O, O, {I, {HASH_Ii}sk(I)}SKi );
- send_!O2( O, O, {I, {HASH_Ir}sk(I)}SKr );
-
- // msg 6
- recv_!O3( O, O, {R, {HASH_Rr}sk(R)}SKr );
- send_!O4( O, O, {R, {HASH_Ri}sk(R)}SKi );
-
- }
-#undef Gi
-#undef Gr
-}
-
-protocol ikev1-sig-m(I, R)
-{
- role I {
- fresh i, Ni, Ci: Nonce;
- var Nr, Cr: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, Ci, list );
- recv_2( R, I, HDR, algo );
- send_3( I, R, HDR, g(i), Ni );
- recv_4( R, I, HDR, Gr, Nr );
- claim( I, Running, R, Ni, Nr, g(i), Gr, Ci, Cr );
- send_!5( I, R, HDR, {I, {HASH_Ii}sk(I)}SKi );
- recv_!6( R, I, HDR, {R, {HASH_Ri}sk(R)}SKi );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, Ni, Nr, g(i), Gr, Ci, Cr );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Ci, list );
- send_2( R, I, HDR, algo );
- recv_3( I, R, HDR, Gi, Ni );
- send_4( R, I, HDR, g(r), Nr );
- recv_!5( I, R, HDR, {I, {HASH_Ir}sk(I)}SKr );
- claim( R, Running, I, Ni, Nr, Gi, g(r), Ci, Cr );
- send_!6( R, I, HDR, {R, {HASH_Rr}sk(R)}SKr );
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Ni, Nr, Gi, g(r), Ci, Cr );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-sig-m.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-sig-m.spdl
deleted file mode 100644
index 28150b0db685a0a77f8cd3a1e32ee0e886dd7fde..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev1-sig-m.spdl
+++ /dev/null
@@ -1,134 +0,0 @@
-# 1 "ikev1-sig-m.cpp"
-# 1 "<command-line>"
-# 1 "ikev1-sig-m.cpp"
-# 16 "ikev1-sig-m.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-
-
-
-
-
-
-
-hashfunction H;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-
-
- var Ci, Cr: Nonce;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, KDF(Ni, Nr, h(g(r),i), Ci, Cr) );
- send_!SWAP2( SWAP, SWAP, KDF(Ni, Nr, h(g(i),r), Ci, Cr) );
-
- }
-
-
-}
-# 17 "ikev1-sig-m.cpp" 2
-# 28 "ikev1-sig-m.cpp"
-usertype String;
-const list, algo: String;
-
-
-
-
-
-
-
-protocol @executability(O) {
-
-
- role O {
- var i, r, Ni, Nr, Ci, Cr: Nonce;
- var I, R: Agent;
-
-
- recv_!O1( O, O, {I, {prf(Ni, Nr, h(g(r),i), g(i), g(r), Ci, Cr, list, I)}sk(I)}KDF(Ni, Nr, h(g(r),i), Ci, Cr) );
- send_!O2( O, O, {I, {prf(Ni, Nr, h(g(i),r), g(i), g(r), Ci, Cr, list, I)}sk(I)}KDF(Ni, Nr, h(g(i),r), Ci, Cr) );
-
-
- recv_!O3( O, O, {R, {prf(Ni, Nr, h(g(i),r), g(r), g(i), Cr, Ci, list, R)}sk(R)}KDF(Ni, Nr, h(g(i),r), Ci, Cr) );
- send_!O4( O, O, {R, {prf(Ni, Nr, h(g(r),i), g(r), g(i), Cr, Ci, list, R)}sk(R)}KDF(Ni, Nr, h(g(r),i), Ci, Cr) );
-
- }
-
-
-}
-
-protocol ikev1-sig-m(I, R)
-{
- role I {
- fresh i, Ni, Ci: Nonce;
- var Nr, Cr: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, Ci, list );
- recv_2( R, I, (Ci,Cr), algo );
- send_3( I, R, (Ci,Cr), g(i), Ni );
- recv_4( R, I, (Ci,Cr), Gr, Nr );
- claim( I, Running, R, Ni, Nr, g(i), Gr, Ci, Cr );
- send_!5( I, R, (Ci,Cr), {I, {prf(Ni, Nr, h(Gr,i), g(i), Gr, Ci, Cr, list, I)}sk(I)}KDF(Ni, Nr, h(Gr,i), Ci, Cr) );
- recv_!6( R, I, (Ci,Cr), {R, {prf(Ni, Nr, h(Gr,i), Gr, g(i), Cr, Ci, list, R)}sk(R)}KDF(Ni, Nr, h(Gr,i), Ci, Cr) );
-
-
- claim( I, SKR, KDF(Ni, Nr, h(Gr,i), Ci, Cr) );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, Ni, Nr, g(i), Gr, Ci, Cr );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Ci, list );
- send_2( R, I, (Ci,Cr), algo );
- recv_3( I, R, (Ci,Cr), Gi, Ni );
- send_4( R, I, (Ci,Cr), g(r), Nr );
- recv_!5( I, R, (Ci,Cr), {I, {prf(Ni, Nr, h(Gi,r), Gi, g(r), Ci, Cr, list, I)}sk(I)}KDF(Ni, Nr, h(Gi,r), Ci, Cr) );
- claim( R, Running, I, Ni, Nr, Gi, g(r), Ci, Cr );
- send_!6( R, I, (Ci,Cr), {R, {prf(Ni, Nr, h(Gi,r), g(r), Gi, Cr, Ci, list, R)}sk(R)}KDF(Ni, Nr, h(Gi,r), Ci, Cr) );
-
-
- claim( R, SKR, KDF(Ni, Nr, h(Gi,r), Ci, Cr) );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Ni, Nr, Gi, g(r), Ci, Cr );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-child-nopfs.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-child-nopfs.cpp
deleted file mode 100644
index 96073084c43e68002f5af4e5da4697c6fa22a647..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-child-nopfs.cpp
+++ /dev/null
@@ -1,78 +0,0 @@
-/**********************************************************************
- * @protocol Internet Key Exchange Protocol (IKEv2)
- * @subprotocol IKE Create Child SA
- * @reference RFC 4306
- * @variant No perfect forward secrecy support
- **********************************************************************/
-
-/**
- * MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
- */
-
-#define __IKEV2_CHILD_NOPFS__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-const SA3: Nonce;
-
-/**
- * This role serves as an "oracle" to ensure the executability of the
- * protocol by taking care of the problems that arise from our way of
- * modelling k(I,R) = k(R,I).
- */
-protocol @executability(O) {
- role O {
- var Ni, Nr: Nonce;
- var I, R: Agent;
-
- // msg 1
- recv_!O1( O, O, {SA3, Ni}k(I,R) );
- send_!O2( O, O, {SA3, Ni}k(R,I) );
-
- // msg 2
- recv_!O3( O, O, {SA3, Nr}k(R,I) );
- send_!O4( O, O, {SA3, Nr}k(I,R) );
-
- }
-}
-
-
-protocol ikev2-child-nopfs(I, R)
-{
-
- role I {
- fresh Ni: Nonce;
- var Nr: Nonce;
-
- /* IKE_SA_INIT */
- claim( I, Running, R,Ni );
- send_!1( I, R, {SA3, Ni}k(I,R) );
- recv_!2( R, I, {SA3, Nr}k(I,R) );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R,Ni,Nr );
-
- }
-
- role R {
- fresh Nr: Nonce;
- var Ni: Nonce;
-
- recv_!1( I, R, {SA3, Ni}k(R,I) );
- claim( R, Running, I,Ni,Nr );
- send_!2( R, I, {SA3, Nr}k(R,I) );
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I,Ni );
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-child-nopfs.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-child-nopfs.spdl
deleted file mode 100644
index d163151b06607972db52326f4018ec9c1a93f11a..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-child-nopfs.spdl
+++ /dev/null
@@ -1,112 +0,0 @@
-# 1 "ikev2-child-nopfs.cpp"
-# 1 "<command-line>"
-# 1 "ikev2-child-nopfs.cpp"
-# 15 "ikev2-child-nopfs.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-# 138 "common.h"
- var I, R: Agent;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, KDF(k(I,R),Ni,Nr) );
- send_!SWAP2( SWAP, SWAP, KDF(k(R,I),Ni,Nr) );
-
- }
-
-
-}
-# 16 "ikev2-child-nopfs.cpp" 2
-
-
-const SA3: Nonce;
-
-
-
-
-
-
-protocol @executability(O) {
- role O {
- var Ni, Nr: Nonce;
- var I, R: Agent;
-
-
- recv_!O1( O, O, {SA3, Ni}k(I,R) );
- send_!O2( O, O, {SA3, Ni}k(R,I) );
-
-
- recv_!O3( O, O, {SA3, Nr}k(R,I) );
- send_!O4( O, O, {SA3, Nr}k(I,R) );
-
- }
-}
-
-
-protocol ikev2-child-nopfs(I, R)
-{
-
- role I {
- fresh Ni: Nonce;
- var Nr: Nonce;
-
-
- claim( I, Running, R,Ni );
- send_!1( I, R, {SA3, Ni}k(I,R) );
- recv_!2( R, I, {SA3, Nr}k(I,R) );
-
-
- claim( I, SKR, KDF(k(I,R),Ni,Nr) );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R,Ni,Nr );
-
- }
-
- role R {
- fresh Nr: Nonce;
- var Ni: Nonce;
-
- recv_!1( I, R, {SA3, Ni}k(R,I) );
- claim( R, Running, I,Ni,Nr );
- send_!2( R, I, {SA3, Nr}k(R,I) );
-
-
- claim( R, SKR, KDF(k(R,I),Ni,Nr) );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I,Ni );
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-child.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-child.cpp
deleted file mode 100644
index 2378231e53b6adad28fc5bf1a6977360f8196e81..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-child.cpp
+++ /dev/null
@@ -1,87 +0,0 @@
-/**********************************************************************
- * @protocol Internet Key Exchange Protocol (IKEv2)
- * @subprotocol IKE Create Child SA
- * @reference RFC 4306
- * @variant Supports perfect forward secrecy
- **********************************************************************/
-
-/**
- * MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
- */
-
-#define __IKEV2_CHILD__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-
-usertype SecurityAssociation;
-const SA1 ,SA2, SA3: SecurityAssociation;
-
-/**
- * This role serves as an "oracle" to ensure the executability of the
- * protocol by taking care of the problems that arise from our way of
- * modelling k(I,R) = k(R,I).
- */
-protocol @executability(O) {
-#define Gi g(i)
-#define Gr g(r)
- role O {
- var i, r, Ni, Nr: Nonce;
- var I, R: Agent;
-
- // msg 1
- recv_!O1( O, O, {SA3, Ni, g(i)}k(I,R) );
- send_!O2( O, O, {SA3, Ni, g(i)}k(R,I) );
-
- // msg 2
- recv_!O3( O, O, {SA3, Nr, Gr}k(R,I) );
- send_!O4( O, O, {SA3, Nr, Gr}k(I,R) );
-
- }
-#undef Gi
-#undef Gr
-}
-
-// Note: SPIs not modeled as they would lead to trivial attacks where the adversary
-// tampers with the SPIs (they are not subsequently authenticated)
-protocol ikev2-child(I, R)
-{
-
- role I {
- fresh i, Ni: Nonce;
- var Nr: Nonce;
- var Gr: Ticket;
-
- /* IKE_SA_INIT */
- claim( I, Running, R,Ni,g(i) );
- send_!1( I, R, {SA3, Ni, g(i)}k(I,R) );
- recv_!2( R, I, {SA3, Nr, Gr}k(I,R) );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R,Ni,g(i),Nr,Gr );
-
- }
-
- role R {
- fresh r, Nr: Nonce;
- var Ni: Nonce;
- var Gi: Ticket;
-
- recv_!1( I, R, {SA3, Ni, Gi}k(R,I) );
- claim( R, Running, I,Ni,Gi,Nr,g(r) );
- send_!2( R, I, {SA3, Nr, g(r)}k(R,I) );
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I,Ni,Gi );
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-child.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-child.spdl
deleted file mode 100644
index 7c58959c1425b052bd51c14051ecd976c1fde63f..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-child.spdl
+++ /dev/null
@@ -1,121 +0,0 @@
-# 1 "ikev2-child.cpp"
-# 1 "<command-line>"
-# 1 "ikev2-child.cpp"
-# 15 "ikev2-child.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-# 135 "common.h"
- var I, R: Agent;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, KDF(k(I,R),h(g(r),i),Ni,Nr) );
- send_!SWAP2( SWAP, SWAP, KDF(k(R,I),h(g(i),r),Ni,Nr) );
-
- }
-
-
-}
-# 16 "ikev2-child.cpp" 2
-
-
-
-usertype SecurityAssociation;
-const SA1 ,SA2, SA3: SecurityAssociation;
-
-
-
-
-
-
-protocol @executability(O) {
-
-
- role O {
- var i, r, Ni, Nr: Nonce;
- var I, R: Agent;
-
-
- recv_!O1( O, O, {SA3, Ni, g(i)}k(I,R) );
- send_!O2( O, O, {SA3, Ni, g(i)}k(R,I) );
-
-
- recv_!O3( O, O, {SA3, Nr, g(r)}k(R,I) );
- send_!O4( O, O, {SA3, Nr, g(r)}k(I,R) );
-
- }
-
-
-}
-
-
-
-protocol ikev2-child(I, R)
-{
-
- role I {
- fresh i, Ni: Nonce;
- var Nr: Nonce;
- var Gr: Ticket;
-
-
- claim( I, Running, R,Ni,g(i) );
- send_!1( I, R, {SA3, Ni, g(i)}k(I,R) );
- recv_!2( R, I, {SA3, Nr, Gr}k(I,R) );
-
-
- claim( I, SKR, KDF(k(I,R),h(Gr,i),Ni,Nr) );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R,Ni,g(i),Nr,Gr );
-
- }
-
- role R {
- fresh r, Nr: Nonce;
- var Ni: Nonce;
- var Gi: Ticket;
-
- recv_!1( I, R, {SA3, Ni, Gi}k(R,I) );
- claim( R, Running, I,Ni,Gi,Nr,g(r) );
- send_!2( R, I, {SA3, Nr, g(r)}k(R,I) );
-
-
- claim( R, SKR, KDF(k(R,I),h(Gi,r),Ni,Nr) );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I,Ni,Gi );
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-eap.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-eap.cpp
deleted file mode 100644
index 7d8310bf74f404db0d727772c116f6cf571d0845..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-eap.cpp
+++ /dev/null
@@ -1,131 +0,0 @@
-/**********************************************************************
- * @protocol Internet Key Exchange Protocol (IKEv2)
- * @subprotocol IKE EAP
- * @reference RFC 4306
- * @variant Includes optional payloads
- **********************************************************************/
-
-/**
- * MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
- */
-
-#define __IKEV2__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-#define AUTHii {SPIi, O, SA1, g(i), Ni, Nr, prf(SKi, I)}sk(I)
-#define AUTHir {SPIi, O, SA1, Gi, Ni, Nr, prf(SKr, I)}sk(I)
-#define AUTHri {SPIi, SPIr, SA1, Gr, Nr, Ni, prf(SKi, R)}sk(R)
-#define AUTHrr {SPIi, SPIr, SA1, g(r), Nr, Ni, prf(SKr, R)}sk(R)
-
-
-usertype Number, SecurityAssociation, TrafficSelector;
-const O: Number;
-const SA1 ,SA2, SA3: SecurityAssociation;
-const TSi, TSr: TrafficSelector;
-
-/**
- * This role serves as an "oracle" to ensure the executability of the
- * protocol by taking care of the problems that arise from our way of
- * modelling Diffie-Hellman keys.
- */
-protocol @executability(E) {
-#define Gi g(i)
-#define Gr g(r)
- role E {
- var i, r, Ni, Nr, SPIi, SPIr, EAP, EAPOK: Nonce;
- var I, R: Agent;
-
- // msg 3
- recv_!E1( E, E, {I, R, SA2, TSi, TSr}SKi );
- send_!E2( E, E, {I, R, SA2, TSi, TSr}SKr );
-
- // msg 4
- recv_!E3( E, E, {R, AUTHrr, EAP}SKr );
- send_!E4( E, E, {R, AUTHri, EAP}SKi );
-
- // msg 5
- recv_!E5( E, E, {EAP}SKi );
- send_!E6( E, E, {EAP}SKr );
-
- // msg 6
- recv_!E7( E, E, {EAPOK}SKr );
- send_!E8( E, E, {EAPOK}SKi );
-
- // msg 7
- recv_!E9( E, E, {AUTHii}SKi );
- send_!EA( E, E, {AUTHir}SKr );
-
- // msg 8
- send_!EB( E, E, {AUTHrr, SA2, TSi, TSr}SKr );
- send_!EC( E, E, {AUTHri, SA2, TSi, TSr}SKi );
- }
-#undef Gi
-#undef Gr
-}
-
-
-protocol ikev2-eap(I, R)
-{
-
- role I {
- fresh i, Ni, SPIi: Nonce;
- var Nr, SPIr: Nonce;
- var EAP, EAPOK: Nonce;
- var Gr: Ticket;
-
-
- /* IKE_SA_INIT */
- send_1( I, R, SPIi, O, SA1, g(i), Ni );
- recv_2( R, I, HDR, SA1, Gr, Nr );
-
- /* IKE_AUTH */
- send_!3( I, R, HDR, {I, R, SA2, TSi, TSr}SKi );
- recv_!4( R, I, HDR, {R, AUTHri, EAP}SKi );
- send_!5( I, R, HDR, {EAP}SKi );
- recv_!6( R, I, HDR, {EAPOK}SKi );
- claim( I, Running, R, Ni,g(i),Nr,Gr,TSi,TSr,EAP,EAPOK );
- send_!7( I, R, HDR, {AUTHii}SKi );
- recv_!8( R, I, HDR, {AUTHri, SA2, TSi, TSr}SKi );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, Ni,g(i),Nr,Gr,TSi,TSr,EAP,EAPOK );
-
- }
-
- role R {
- fresh EAP, EAPOK: Nonce;
- fresh r, Nr, SPIr: Nonce;
- var Ni, SPIi: Nonce;
- var Gi: Ticket;
-
-
- /* IKE_SA_INIT */
- recv_1( I, R, SPIi, O, SA1, Gi, Ni );
- send_2( R, I, HDR, SA1, g(r), Nr );
-
- /* IKE_AUTH */
- recv_!3( I, R, HDR, {I, R, SA2, TSi, TSr}SKr );
- send_!4( R, I, HDR, {R, AUTHrr, EAP}SKr );
- recv_!5( I, R, HDR, {EAP}SKr );
- send_!6( R, I, HDR, {EAPOK}SKr );
- recv_!7( I, R, HDR, {AUTHir}SKr );
- claim( R, Running, I, Ni,Gi,Nr,g(r),TSi,TSr,EAP,EAPOK );
- send_!8( R, I, HDR, {AUTHrr, SA2, TSi, TSr}SKr );
-
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Ni,Gi,Nr,g(r),TSi,TSr,EAP,EAPOK );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-eap.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-eap.spdl
deleted file mode 100644
index 43ec49a27f8500a71f77d6e490bf378bed249aec..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-eap.spdl
+++ /dev/null
@@ -1,160 +0,0 @@
-# 1 "ikev2-eap.cpp"
-# 1 "<command-line>"
-# 1 "ikev2-eap.cpp"
-# 15 "ikev2-eap.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-# 43 "common.h"
-hashfunction MAC;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-# 132 "common.h"
- var SPIi, SPIr: Nonce;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
- send_!SWAP2( SWAP, SWAP, KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
-
- }
-
-
-}
-# 16 "ikev2-eap.cpp" 2
-# 24 "ikev2-eap.cpp"
-usertype Number, SecurityAssociation, TrafficSelector;
-const O: Number;
-const SA1 ,SA2, SA3: SecurityAssociation;
-const TSi, TSr: TrafficSelector;
-
-
-
-
-
-
-protocol @executability(E) {
-
-
- role E {
- var i, r, Ni, Nr, SPIi, SPIr, EAP, EAPOK: Nonce;
- var I, R: Agent;
-
-
- recv_!E1( E, E, {I, R, SA2, TSi, TSr}KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
- send_!E2( E, E, {I, R, SA2, TSi, TSr}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
-
-
- recv_!E3( E, E, {R, {SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(g(i),r),SPIi,SPIr), R)}sk(R), EAP}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
- send_!E4( E, E, {R, {SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(g(r),i),SPIi,SPIr), R)}sk(R), EAP}KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
-
-
- recv_!E5( E, E, {EAP}KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
- send_!E6( E, E, {EAP}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
-
-
- recv_!E7( E, E, {EAPOK}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
- send_!E8( E, E, {EAPOK}KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
-
-
- recv_!E9( E, E, {{SPIi, O, SA1, g(i), Ni, Nr, prf(KDF(Ni,Nr,h(g(r),i),SPIi,SPIr), I)}sk(I)}KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
- send_!EA( E, E, {{SPIi, O, SA1, g(i), Ni, Nr, prf(KDF(Ni,Nr,h(g(i),r),SPIi,SPIr), I)}sk(I)}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
-
-
- send_!EB( E, E, {{SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(g(i),r),SPIi,SPIr), R)}sk(R), SA2, TSi, TSr}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
- send_!EC( E, E, {{SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(g(r),i),SPIi,SPIr), R)}sk(R), SA2, TSi, TSr}KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
- }
-
-
-}
-
-
-protocol ikev2-eap(I, R)
-{
-
- role I {
- fresh i, Ni, SPIi: Nonce;
- var Nr, SPIr: Nonce;
- var EAP, EAPOK: Nonce;
- var Gr: Ticket;
-
-
-
- send_1( I, R, SPIi, O, SA1, g(i), Ni );
- recv_2( R, I, (SPIi,SPIr), SA1, Gr, Nr );
-
-
- send_!3( I, R, (SPIi,SPIr), {I, R, SA2, TSi, TSr}KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
- recv_!4( R, I, (SPIi,SPIr), {R, {SPIi, SPIr, SA1, Gr, Nr, Ni, prf(KDF(Ni,Nr,h(Gr,i),SPIi,SPIr), R)}sk(R), EAP}KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
- send_!5( I, R, (SPIi,SPIr), {EAP}KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
- recv_!6( R, I, (SPIi,SPIr), {EAPOK}KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
- claim( I, Running, R, Ni,g(i),Nr,Gr,TSi,TSr,EAP,EAPOK );
- send_!7( I, R, (SPIi,SPIr), {{SPIi, O, SA1, g(i), Ni, Nr, prf(KDF(Ni,Nr,h(Gr,i),SPIi,SPIr), I)}sk(I)}KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
- recv_!8( R, I, (SPIi,SPIr), {{SPIi, SPIr, SA1, Gr, Nr, Ni, prf(KDF(Ni,Nr,h(Gr,i),SPIi,SPIr), R)}sk(R), SA2, TSi, TSr}KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
-
-
- claim( I, SKR, KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, Ni,g(i),Nr,Gr,TSi,TSr,EAP,EAPOK );
-
- }
-
- role R {
- fresh EAP, EAPOK: Nonce;
- fresh r, Nr, SPIr: Nonce;
- var Ni, SPIi: Nonce;
- var Gi: Ticket;
-
-
-
- recv_1( I, R, SPIi, O, SA1, Gi, Ni );
- send_2( R, I, (SPIi,SPIr), SA1, g(r), Nr );
-
-
- recv_!3( I, R, (SPIi,SPIr), {I, R, SA2, TSi, TSr}KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
- send_!4( R, I, (SPIi,SPIr), {R, {SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(Gi,r),SPIi,SPIr), R)}sk(R), EAP}KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
- recv_!5( I, R, (SPIi,SPIr), {EAP}KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
- send_!6( R, I, (SPIi,SPIr), {EAPOK}KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
- recv_!7( I, R, (SPIi,SPIr), {{SPIi, O, SA1, Gi, Ni, Nr, prf(KDF(Ni,Nr,h(Gi,r),SPIi,SPIr), I)}sk(I)}KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
- claim( R, Running, I, Ni,Gi,Nr,g(r),TSi,TSr,EAP,EAPOK );
- send_!8( R, I, (SPIi,SPIr), {{SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(Gi,r),SPIi,SPIr), R)}sk(R), SA2, TSi, TSr}KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
-
-
-
- claim( R, SKR, KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Ni,Gi,Nr,g(r),TSi,TSr,EAP,EAPOK );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-eap2.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-eap2.cpp
deleted file mode 100644
index c56855a4e197ba66d40e714afda209dbf878224c..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-eap2.cpp
+++ /dev/null
@@ -1,138 +0,0 @@
-/**********************************************************************
- * @protocol Internet Key Exchange Protocol (IKEv2)
- * @subprotocol IKE EAP
- * @reference RFC 4306
- * @variant Excludes optional payloads
- **********************************************************************/
-
-/**
- * Modeling notes:
- * - It's not clear what to put in the EAP payloads; we now model them
- * as nonces, but maybe it is better to view them as a function of the
- * actor.
- */
-
-/**
- * MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
- */
-
-#define __IKEV2__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-#define AUTHii {SPIi, O, SA1, g(i), Ni, Nr, prf(SKi, I)}sk(I)
-#define AUTHir {SPIi, O, SA1, Gi, Ni, Nr, prf(SKr, I)}sk(I)
-#define AUTHri {SPIi, SPIr, SA1, Gr, Nr, Ni, prf(SKi, R)}sk(R)
-#define AUTHrr {SPIi, SPIr, SA1, g(r), Nr, Ni, prf(SKr, R)}sk(R)
-
-
-usertype Number, SecurityAssociation, TrafficSelector;
-const O: Number;
-const SA1 ,SA2, SA3: SecurityAssociation;
-const TSi, TSr: TrafficSelector;
-
-/**
- * This role serves as an "oracle" to ensure the executability of the
- * protocol by taking care of the problems that arise from our way of
- * modelling Diffie-Hellman keys.
- */
-protocol @executability(E) {
-#define Gi g(i)
-#define Gr g(r)
- role E {
- var i, r, Ni, Nr, SPIi, SPIr, EAP, EAPOK: Nonce;
- var I, R: Agent;
-
- // msg 3
- recv_!E1( E, E, {I, SA2, TSi, TSr}SKi );
- send_!E2( E, E, {I, SA2, TSi, TSr}SKr );
-
- // msg 4
- recv_!E3( E, E, {R, AUTHrr, EAP}SKr );
- send_!E4( E, E, {R, AUTHri, EAP}SKi );
-
- // msg 5
- recv_!E5( E, E, {EAP}SKi );
- send_!E6( E, E, {EAP}SKr );
-
- // msg 6
- recv_!E7( E, E, {EAPOK}SKr );
- send_!E8( E, E, {EAPOK}SKi );
-
- // msg 7
- recv_!E9( E, E, {AUTHii}SKi );
- send_!EA( E, E, {AUTHir}SKr );
-
- // msg 8
- send_!EB( E, E, {AUTHrr, SA2, TSi, TSr}SKr );
- send_!EC( E, E, {AUTHri, SA2, TSi, TSr}SKi );
- }
-#undef Gi
-#undef Gr
-}
-
-
-protocol ikev2-eap2(I, R)
-{
-
- role I {
- fresh i, Ni, SPIi: Nonce;
- var Nr, SPIr: Nonce;
- var EAP, EAPOK: Nonce;
- var Gr: Ticket;
-
-
- /* IKE_SA_INIT */
- send_1( I, R, SPIi, O, SA1, g(i), Ni );
- recv_2( R, I, HDR, SA1, Gr, Nr );
-
- /* IKE_AUTH */
- send_!3( I, R, HDR, {I, SA2, TSi, TSr}SKi );
- recv_!4( R, I, HDR, {R, AUTHri, EAP}SKi );
- send_!5( I, R, HDR, {EAP}SKi );
- recv_!6( R, I, HDR, {EAPOK}SKi );
- claim( I, Running, R, Ni,g(i),Nr,Gr,TSi,TSr,EAP,EAPOK );
- send_!7( I, R, HDR, {AUTHii}SKi );
- recv_!8( R, I, HDR, {AUTHri, SA2, TSi, TSr}SKi );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, Ni,g(i),Nr,Gr,TSi,TSr,EAP,EAPOK );
-
- }
-
- role R {
- fresh EAP, EAPOK: Nonce;
- fresh r, Nr, SPIr: Nonce;
- var Ni, SPIi: Nonce;
- var Gi: Ticket;
-
-
- /* IKE_SA_INIT */
- recv_1( I, R, SPIi, O, SA1, Gi, Ni );
- send_2( R, I, HDR, SA1, g(r), Nr );
-
- /* IKE_AUTH */
- recv_!3( I, R, HDR, {I, SA2, TSi, TSr}SKr );
- send_!4( R, I, HDR, {R, AUTHrr, EAP}SKr );
- recv_!5( I, R, HDR, {EAP}SKr );
- send_!6( R, I, HDR, {EAPOK}SKr );
- recv_!7( I, R, HDR, {AUTHir}SKr );
- claim( R, Running, I, Ni,Gi,Nr,g(r),TSi,TSr,EAP,EAPOK );
- send_!8( R, I, HDR, {AUTHrr, SA2, TSi, TSr}SKr );
-
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Ni,Gi,Nr,g(r),TSi,TSr,EAP,EAPOK );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-eap2.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-eap2.spdl
deleted file mode 100644
index 1fbb5800641b974ad89d3e1aa896760a20bbb15f..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-eap2.spdl
+++ /dev/null
@@ -1,160 +0,0 @@
-# 1 "ikev2-eap2.cpp"
-# 1 "<command-line>"
-# 1 "ikev2-eap2.cpp"
-# 22 "ikev2-eap2.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-# 43 "common.h"
-hashfunction MAC;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-# 132 "common.h"
- var SPIi, SPIr: Nonce;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
- send_!SWAP2( SWAP, SWAP, KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
-
- }
-
-
-}
-# 23 "ikev2-eap2.cpp" 2
-# 31 "ikev2-eap2.cpp"
-usertype Number, SecurityAssociation, TrafficSelector;
-const O: Number;
-const SA1 ,SA2, SA3: SecurityAssociation;
-const TSi, TSr: TrafficSelector;
-
-
-
-
-
-
-protocol @executability(E) {
-
-
- role E {
- var i, r, Ni, Nr, SPIi, SPIr, EAP, EAPOK: Nonce;
- var I, R: Agent;
-
-
- recv_!E1( E, E, {I, SA2, TSi, TSr}KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
- send_!E2( E, E, {I, SA2, TSi, TSr}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
-
-
- recv_!E3( E, E, {R, {SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(g(i),r),SPIi,SPIr), R)}sk(R), EAP}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
- send_!E4( E, E, {R, {SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(g(r),i),SPIi,SPIr), R)}sk(R), EAP}KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
-
-
- recv_!E5( E, E, {EAP}KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
- send_!E6( E, E, {EAP}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
-
-
- recv_!E7( E, E, {EAPOK}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
- send_!E8( E, E, {EAPOK}KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
-
-
- recv_!E9( E, E, {{SPIi, O, SA1, g(i), Ni, Nr, prf(KDF(Ni,Nr,h(g(r),i),SPIi,SPIr), I)}sk(I)}KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
- send_!EA( E, E, {{SPIi, O, SA1, g(i), Ni, Nr, prf(KDF(Ni,Nr,h(g(i),r),SPIi,SPIr), I)}sk(I)}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
-
-
- send_!EB( E, E, {{SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(g(i),r),SPIi,SPIr), R)}sk(R), SA2, TSi, TSr}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
- send_!EC( E, E, {{SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(g(r),i),SPIi,SPIr), R)}sk(R), SA2, TSi, TSr}KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
- }
-
-
-}
-
-
-protocol ikev2-eap2(I, R)
-{
-
- role I {
- fresh i, Ni, SPIi: Nonce;
- var Nr, SPIr: Nonce;
- var EAP, EAPOK: Nonce;
- var Gr: Ticket;
-
-
-
- send_1( I, R, SPIi, O, SA1, g(i), Ni );
- recv_2( R, I, (SPIi,SPIr), SA1, Gr, Nr );
-
-
- send_!3( I, R, (SPIi,SPIr), {I, SA2, TSi, TSr}KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
- recv_!4( R, I, (SPIi,SPIr), {R, {SPIi, SPIr, SA1, Gr, Nr, Ni, prf(KDF(Ni,Nr,h(Gr,i),SPIi,SPIr), R)}sk(R), EAP}KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
- send_!5( I, R, (SPIi,SPIr), {EAP}KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
- recv_!6( R, I, (SPIi,SPIr), {EAPOK}KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
- claim( I, Running, R, Ni,g(i),Nr,Gr,TSi,TSr,EAP,EAPOK );
- send_!7( I, R, (SPIi,SPIr), {{SPIi, O, SA1, g(i), Ni, Nr, prf(KDF(Ni,Nr,h(Gr,i),SPIi,SPIr), I)}sk(I)}KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
- recv_!8( R, I, (SPIi,SPIr), {{SPIi, SPIr, SA1, Gr, Nr, Ni, prf(KDF(Ni,Nr,h(Gr,i),SPIi,SPIr), R)}sk(R), SA2, TSi, TSr}KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
-
-
- claim( I, SKR, KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, Ni,g(i),Nr,Gr,TSi,TSr,EAP,EAPOK );
-
- }
-
- role R {
- fresh EAP, EAPOK: Nonce;
- fresh r, Nr, SPIr: Nonce;
- var Ni, SPIi: Nonce;
- var Gi: Ticket;
-
-
-
- recv_1( I, R, SPIi, O, SA1, Gi, Ni );
- send_2( R, I, (SPIi,SPIr), SA1, g(r), Nr );
-
-
- recv_!3( I, R, (SPIi,SPIr), {I, SA2, TSi, TSr}KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
- send_!4( R, I, (SPIi,SPIr), {R, {SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(Gi,r),SPIi,SPIr), R)}sk(R), EAP}KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
- recv_!5( I, R, (SPIi,SPIr), {EAP}KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
- send_!6( R, I, (SPIi,SPIr), {EAPOK}KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
- recv_!7( I, R, (SPIi,SPIr), {{SPIi, O, SA1, Gi, Ni, Nr, prf(KDF(Ni,Nr,h(Gi,r),SPIi,SPIr), I)}sk(I)}KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
- claim( R, Running, I, Ni,Gi,Nr,g(r),TSi,TSr,EAP,EAPOK );
- send_!8( R, I, (SPIi,SPIr), {{SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(Gi,r),SPIi,SPIr), R)}sk(R), SA2, TSi, TSr}KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
-
-
-
- claim( R, SKR, KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Ni,Gi,Nr,g(r),TSi,TSr,EAP,EAPOK );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-mac.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-mac.cpp
deleted file mode 100644
index 832afae1516326bdef16593494d0d0a799bb468d..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-mac.cpp
+++ /dev/null
@@ -1,104 +0,0 @@
-/**********************************************************************
- * @protocol Internet Key Exchange Protocol (IKEv2)
- * @subprotocol MAC authenticated IKEv2
- * @reference RFC 4306
- * @variant Includes optional payloads
- **********************************************************************/
-
-/**
- * MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
- */
-
-#define __IKEV2__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-#define AUTHii MAC(k(I,R), SPIi, O, SA1, g(i), Ni, Nr, prf(SKi, I))
-#define AUTHir MAC(k(R,I), SPIi, O, SA1, Gi, Ni, Nr, prf(SKr, I))
-#define AUTHri MAC(k(I,R), SPIi, SPIr, SA1, Gr, Nr, Ni, prf(SKi, R))
-#define AUTHrr MAC(k(R,I), SPIi, SPIr, SA1, g(r), Nr, Ni, prf(SKr, R))
-
-
-usertype Number, SecurityAssociation, TrafficSelector;
-const O: Number;
-const SA1 ,SA2, SA3: SecurityAssociation;
-const TSi, TSr: TrafficSelector;
-
-/**
- * This role serves as an "oracle" to ensure the executability of the
- * protocol by taking care of the problems that arise from our way of
- * modelling Diffie-Hellman keys.
- */
-protocol @executability(E) {
-#define Gi g(i)
-#define Gr g(r)
- role E {
- var i, r, Ni, Nr, SPIi, SPIr: Nonce;
- var I, R: Agent;
-
- // msg 3
- recv_!E1( E, E, {I, R, AUTHii, SA2, TSi, TSr}SKi );
- send_!E2( E, E, {I, R, AUTHir, SA2, TSi, TSr}SKr );
-
- // msg 4
- recv_!E3( E, E, {R, AUTHrr, SA2, TSi, TSr}SKr );
- send_!E4( E, E, {R, AUTHri, SA2, TSi, TSr}SKi );
-
- }
-#undef Gi
-#undef Gr
-}
-
-
-protocol ikev2-mac(I, R)
-{
-
- role I {
- fresh i, Ni, SPIi: Nonce;
- var Nr, SPIr: Nonce;
- var Gr: Ticket;
-
-
- /* IKE_SA_INIT */
- send_1( I, R, SPIi, O, SA1, g(i), Ni );
- recv_2( R, I, HDR, SA1, Gr, Nr );
-
- /* IKE_AUTH */
- claim( I, Running, R, Ni,g(i),Nr,Gr,TSi,TSr);
- send_!3( I, R, HDR, {I, R, AUTHii, SA2, TSi, TSr}SKi );
- recv_!4( R, I, HDR, {R, AUTHri, SA2, TSi, TSr}SKi );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, Ni,g(i),Nr,Gr,TSi,TSr);
-
- }
-
- role R {
- fresh r, Nr, SPIr: Nonce;
- var Ni, SPIi: Nonce;
- var Gi: Ticket;
-
-
- /* IKE_SA_INIT */
- recv_1( I, R, SPIi, O, SA1, Gi, Ni );
- send_2( R, I, HDR, SA1, g(r), Nr );
-
- /* IKE_AUTH */
- recv_!3( I, R, HDR, {I, R, AUTHir, SA2, TSi, TSr}SKr );
- claim( R, Running, I, Ni,Gi,Nr,g(r),TSi,TSr);
- send_!4( R, I, HDR, {R, AUTHrr, SA2, TSi, TSr}SKr );
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Ni,Gi,Nr,g(r),TSi,TSr);
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-mac.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-mac.spdl
deleted file mode 100644
index 608d314c011ed38718804a5a2a29e315e6b11a3e..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-mac.spdl
+++ /dev/null
@@ -1,133 +0,0 @@
-# 1 "ikev2-mac.cpp"
-# 1 "<command-line>"
-# 1 "ikev2-mac.cpp"
-# 15 "ikev2-mac.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-# 43 "common.h"
-hashfunction MAC;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-# 132 "common.h"
- var SPIi, SPIr: Nonce;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
- send_!SWAP2( SWAP, SWAP, KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
-
- }
-
-
-}
-# 16 "ikev2-mac.cpp" 2
-# 24 "ikev2-mac.cpp"
-usertype Number, SecurityAssociation, TrafficSelector;
-const O: Number;
-const SA1 ,SA2, SA3: SecurityAssociation;
-const TSi, TSr: TrafficSelector;
-
-
-
-
-
-
-protocol @executability(E) {
-
-
- role E {
- var i, r, Ni, Nr, SPIi, SPIr: Nonce;
- var I, R: Agent;
-
-
- recv_!E1( E, E, {I, R, MAC(k(I,R), SPIi, O, SA1, g(i), Ni, Nr, prf(KDF(Ni,Nr,h(g(r),i),SPIi,SPIr), I)), SA2, TSi, TSr}KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
- send_!E2( E, E, {I, R, MAC(k(R,I), SPIi, O, SA1, g(i), Ni, Nr, prf(KDF(Ni,Nr,h(g(i),r),SPIi,SPIr), I)), SA2, TSi, TSr}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
-
-
- recv_!E3( E, E, {R, MAC(k(R,I), SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(g(i),r),SPIi,SPIr), R)), SA2, TSi, TSr}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
- send_!E4( E, E, {R, MAC(k(I,R), SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(g(r),i),SPIi,SPIr), R)), SA2, TSi, TSr}KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
-
- }
-
-
-}
-
-
-protocol ikev2-mac(I, R)
-{
-
- role I {
- fresh i, Ni, SPIi: Nonce;
- var Nr, SPIr: Nonce;
- var Gr: Ticket;
-
-
-
- send_1( I, R, SPIi, O, SA1, g(i), Ni );
- recv_2( R, I, (SPIi,SPIr), SA1, Gr, Nr );
-
-
- claim( I, Running, R, Ni,g(i),Nr,Gr,TSi,TSr);
- send_!3( I, R, (SPIi,SPIr), {I, R, MAC(k(I,R), SPIi, O, SA1, g(i), Ni, Nr, prf(KDF(Ni,Nr,h(Gr,i),SPIi,SPIr), I)), SA2, TSi, TSr}KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
- recv_!4( R, I, (SPIi,SPIr), {R, MAC(k(I,R), SPIi, SPIr, SA1, Gr, Nr, Ni, prf(KDF(Ni,Nr,h(Gr,i),SPIi,SPIr), R)), SA2, TSi, TSr}KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
-
-
- claim( I, SKR, KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, Ni,g(i),Nr,Gr,TSi,TSr);
-
- }
-
- role R {
- fresh r, Nr, SPIr: Nonce;
- var Ni, SPIi: Nonce;
- var Gi: Ticket;
-
-
-
- recv_1( I, R, SPIi, O, SA1, Gi, Ni );
- send_2( R, I, (SPIi,SPIr), SA1, g(r), Nr );
-
-
- recv_!3( I, R, (SPIi,SPIr), {I, R, MAC(k(R,I), SPIi, O, SA1, Gi, Ni, Nr, prf(KDF(Ni,Nr,h(Gi,r),SPIi,SPIr), I)), SA2, TSi, TSr}KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
- claim( R, Running, I, Ni,Gi,Nr,g(r),TSi,TSr);
- send_!4( R, I, (SPIi,SPIr), {R, MAC(k(R,I), SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(Gi,r),SPIi,SPIr), R)), SA2, TSi, TSr}KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
-
-
- claim( R, SKR, KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Ni,Gi,Nr,g(r),TSi,TSr);
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-mac2.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-mac2.cpp
deleted file mode 100644
index cb09faad76d1abcfec4e63f81075b4e0d55e548a..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-mac2.cpp
+++ /dev/null
@@ -1,104 +0,0 @@
-/**********************************************************************
- * @protocol Internet Key Exchange Protocol (IKEv2)
- * @subprotocol MAC authenticated IKEv2
- * @reference RFC 4306
- * @variant Excludes optional payloads
- **********************************************************************/
-
-/**
- * MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
- */
-
-#define __IKEV2__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-#define AUTHii MAC(k(I,R), SPIi, O, SA1, g(i), Ni, Nr, prf(SKi, I))
-#define AUTHir MAC(k(R,I), SPIi, O, SA1, Gi, Ni, Nr, prf(SKr, I))
-#define AUTHri MAC(k(I,R), SPIi, SPIr, SA1, Gr, Nr, Ni, prf(SKi, R))
-#define AUTHrr MAC(k(R,I), SPIi, SPIr, SA1, g(r), Nr, Ni, prf(SKr, R))
-
-
-usertype Number, SecurityAssociation, TrafficSelector;
-const O: Number;
-const SA1 ,SA2, SA3: SecurityAssociation;
-const TSi, TSr: TrafficSelector;
-
-/**
- * This role serves as an "oracle" to ensure the executability of the
- * protocol by taking care of the problems that arise from our way of
- * modelling Diffie-Hellman keys.
- */
-protocol @executability(E) {
-#define Gi g(i)
-#define Gr g(r)
- role E {
- var i, r, Ni, Nr, SPIi, SPIr: Nonce;
- var I, R: Agent;
-
- // msg 3
- recv_!E1( E, E, {I, AUTHii, SA2, TSi, TSr}SKi );
- send_!E2( E, E, {I, AUTHir, SA2, TSi, TSr}SKr );
-
- // msg 4
- recv_!E3( E, E, {R, AUTHrr, SA2, TSi, TSr}SKr );
- send_!E4( E, E, {R, AUTHri, SA2, TSi, TSr}SKi );
-
- }
-#undef Gi
-#undef Gr
-}
-
-
-protocol ikev2-mac2(I, R)
-{
-
- role I {
- fresh i, Ni, SPIi: Nonce;
- var Nr, SPIr: Nonce;
- var Gr: Ticket;
-
-
- /* IKE_SA_INIT */
- send_1( I, R, SPIi, O, SA1, g(i), Ni );
- recv_2( R, I, HDR, SA1, Gr, Nr );
-
- /* IKE_AUTH */
- claim( I, Running, R, Ni,g(i),Nr,Gr,TSi,TSr );
- send_!3( I, R, HDR, {I, AUTHii, SA2, TSi, TSr}SKi );
- recv_!4( R, I, HDR, {R, AUTHri, SA2, TSi, TSr}SKi );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, Ni,g(i),Nr,Gr,TSi,TSr );
-
- }
-
- role R {
- fresh r, Nr, SPIr: Nonce;
- var Ni, SPIi: Nonce;
- var Gi: Ticket;
-
-
- /* IKE_SA_INIT */
- recv_1( I, R, SPIi, O, SA1, Gi, Ni );
- send_2( R, I, HDR, SA1, g(r), Nr );
-
- /* IKE_AUTH */
- recv_!3( I, R, HDR, {I, AUTHir, SA2, TSi, TSr}SKr );
- claim( R, Running, I, Ni,Gi,Nr,g(r),TSi,TSr );
- send_!4( R, I, HDR, {R, AUTHrr, SA2, TSi, TSr}SKr );
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Ni,Gi,Nr,g(r),TSi,TSr );
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-mac2.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-mac2.spdl
deleted file mode 100644
index f6d3385b228389cb2dac98d4f1f95de0f002c780..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-mac2.spdl
+++ /dev/null
@@ -1,133 +0,0 @@
-# 1 "ikev2-mac2.cpp"
-# 1 "<command-line>"
-# 1 "ikev2-mac2.cpp"
-# 15 "ikev2-mac2.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-# 43 "common.h"
-hashfunction MAC;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-# 132 "common.h"
- var SPIi, SPIr: Nonce;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
- send_!SWAP2( SWAP, SWAP, KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
-
- }
-
-
-}
-# 16 "ikev2-mac2.cpp" 2
-# 24 "ikev2-mac2.cpp"
-usertype Number, SecurityAssociation, TrafficSelector;
-const O: Number;
-const SA1 ,SA2, SA3: SecurityAssociation;
-const TSi, TSr: TrafficSelector;
-
-
-
-
-
-
-protocol @executability(E) {
-
-
- role E {
- var i, r, Ni, Nr, SPIi, SPIr: Nonce;
- var I, R: Agent;
-
-
- recv_!E1( E, E, {I, MAC(k(I,R), SPIi, O, SA1, g(i), Ni, Nr, prf(KDF(Ni,Nr,h(g(r),i),SPIi,SPIr), I)), SA2, TSi, TSr}KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
- send_!E2( E, E, {I, MAC(k(R,I), SPIi, O, SA1, g(i), Ni, Nr, prf(KDF(Ni,Nr,h(g(i),r),SPIi,SPIr), I)), SA2, TSi, TSr}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
-
-
- recv_!E3( E, E, {R, MAC(k(R,I), SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(g(i),r),SPIi,SPIr), R)), SA2, TSi, TSr}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
- send_!E4( E, E, {R, MAC(k(I,R), SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(g(r),i),SPIi,SPIr), R)), SA2, TSi, TSr}KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
-
- }
-
-
-}
-
-
-protocol ikev2-mac2(I, R)
-{
-
- role I {
- fresh i, Ni, SPIi: Nonce;
- var Nr, SPIr: Nonce;
- var Gr: Ticket;
-
-
-
- send_1( I, R, SPIi, O, SA1, g(i), Ni );
- recv_2( R, I, (SPIi,SPIr), SA1, Gr, Nr );
-
-
- claim( I, Running, R, Ni,g(i),Nr,Gr,TSi,TSr );
- send_!3( I, R, (SPIi,SPIr), {I, MAC(k(I,R), SPIi, O, SA1, g(i), Ni, Nr, prf(KDF(Ni,Nr,h(Gr,i),SPIi,SPIr), I)), SA2, TSi, TSr}KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
- recv_!4( R, I, (SPIi,SPIr), {R, MAC(k(I,R), SPIi, SPIr, SA1, Gr, Nr, Ni, prf(KDF(Ni,Nr,h(Gr,i),SPIi,SPIr), R)), SA2, TSi, TSr}KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
-
-
- claim( I, SKR, KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R, Ni,g(i),Nr,Gr,TSi,TSr );
-
- }
-
- role R {
- fresh r, Nr, SPIr: Nonce;
- var Ni, SPIi: Nonce;
- var Gi: Ticket;
-
-
-
- recv_1( I, R, SPIi, O, SA1, Gi, Ni );
- send_2( R, I, (SPIi,SPIr), SA1, g(r), Nr );
-
-
- recv_!3( I, R, (SPIi,SPIr), {I, MAC(k(R,I), SPIi, O, SA1, Gi, Ni, Nr, prf(KDF(Ni,Nr,h(Gi,r),SPIi,SPIr), I)), SA2, TSi, TSr}KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
- claim( R, Running, I, Ni,Gi,Nr,g(r),TSi,TSr );
- send_!4( R, I, (SPIi,SPIr), {R, MAC(k(R,I), SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(Gi,r),SPIi,SPIr), R)), SA2, TSi, TSr}KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
-
-
- claim( R, SKR, KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Ni,Gi,Nr,g(r),TSi,TSr );
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-mactosig.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-mactosig.cpp
deleted file mode 100644
index 519f93af4f7799e66a29484f6bf0d05b15b72ba8..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-mactosig.cpp
+++ /dev/null
@@ -1,104 +0,0 @@
-/**********************************************************************
- * @protocol Internet Key Exchange Protocol (IKEv2)
- * @reference RFC 4306
- * @variant Initiator authenticates itself using message
- * authentication codes while responder uses digital
- * signatures. Includes optional payloads
- **********************************************************************/
-
-/**
- * MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
- */
-
-#define __IKEV2__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-#define AUTHii MAC(k(I,R), SPIi, O, SA1, g(i), Ni, Nr, prf(SKi, I))
-#define AUTHir MAC(k(R,I), SPIi, O, SA1, Gi, Ni, Nr, prf(SKr, I))
-#define AUTHri {SPIi, SPIr, SA1, Gr, Nr, Ni, prf(SKi, R)}sk(R)
-#define AUTHrr {SPIi, SPIr, SA1, g(r), Nr, Ni, prf(SKr, R)}sk(R)
-
-
-usertype Number, SecurityAssociation, TrafficSelector;
-const O: Number;
-const SA1 ,SA2, SA3: SecurityAssociation;
-const TSi, TSr: TrafficSelector;
-
-/**
- * This role serves as an "oracle" to ensure the executability of the
- * protocol by taking care of the problems that arise from our way of
- * modelling Diffie-Hellman keys.
- */
-protocol @executability(E) {
-#define Gi g(i)
-#define Gr g(r)
- role E {
- var i, r, Ni, Nr, SPIi, SPIr: Nonce;
- var I, R: Agent;
-
- // msg 3
- recv_!E1( E, E, {I, R, AUTHii, SA2, TSi, TSr}SKi );
- send_!E2( E, E, {I, R, AUTHir, SA2, TSi, TSr}SKr );
-
- // msg 4
- recv_!E3( E, E, {R, AUTHrr, SA2, TSi, TSr}SKr );
- send_!E4( E, E, {R, AUTHri, SA2, TSi, TSr}SKi );
-
- }
-#undef Gi
-#undef Gr
-}
-
-
-protocol ikev2-mactosig(I, R)
-{
- role I {
- fresh i, Ni, SPIi: Nonce;
- var Nr, SPIr: Nonce;
- var Gr: Ticket;
-
-
- /* IKE_SA_INIT */
- send_1( I, R, SPIi, O, SA1, g(i), Ni );
- recv_2( R, I, SPIi, SPIr, SA1, Gr, Nr );
-
- /* IKE_AUTH */
- claim( I, Running, R,Ni,g(i),Nr,Gr,TSi,TSr );
- send_!3( I, R, SPIi, SPIr, {I, R, AUTHii, SA2, TSi, TSr}SKi );
- recv_!4( R, I, SPIi, SPIr, {R, AUTHri, SA2, TSi, TSr}SKi );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R,Ni,g(i),Nr,Gr,TSi,TSr );
-
- }
-
- role R {
- fresh r, Nr, SPIr: Nonce;
- var Ni, SPIi: Nonce;
- var Gi: Ticket;
-
-
- /* IKE_SA_INIT */
- recv_1( I, R, SPIi, O, SA1, Gi, Ni );
- send_2( R, I, SPIi, SPIr, SA1, g(r), Nr );
-
- /* IKE_AUTH */
- recv_!3( I, R, SPIi, SPIr, {I, R, AUTHir, SA2, TSi, TSr}SKr );
- claim( R, Running, I, Ni,Gi,Nr,g(r),TSi,TSr );
- send_!4( R, I, SPIi, SPIr, {R, AUTHrr, SA2, TSi, TSr}SKr );
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Ni,Gi,Nr,g(r),TSi,TSr );
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-mactosig.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-mactosig.spdl
deleted file mode 100644
index 388562e5a361d24c8943a92574f1c8ab7f010876..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-mactosig.spdl
+++ /dev/null
@@ -1,132 +0,0 @@
-# 1 "ikev2-mactosig.cpp"
-# 1 "<command-line>"
-# 1 "ikev2-mactosig.cpp"
-# 16 "ikev2-mactosig.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-# 43 "common.h"
-hashfunction MAC;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-# 132 "common.h"
- var SPIi, SPIr: Nonce;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
- send_!SWAP2( SWAP, SWAP, KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
-
- }
-
-
-}
-# 17 "ikev2-mactosig.cpp" 2
-# 25 "ikev2-mactosig.cpp"
-usertype Number, SecurityAssociation, TrafficSelector;
-const O: Number;
-const SA1 ,SA2, SA3: SecurityAssociation;
-const TSi, TSr: TrafficSelector;
-
-
-
-
-
-
-protocol @executability(E) {
-
-
- role E {
- var i, r, Ni, Nr, SPIi, SPIr: Nonce;
- var I, R: Agent;
-
-
- recv_!E1( E, E, {I, R, MAC(k(I,R), SPIi, O, SA1, g(i), Ni, Nr, prf(KDF(Ni,Nr,h(g(r),i),SPIi,SPIr), I)), SA2, TSi, TSr}KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
- send_!E2( E, E, {I, R, MAC(k(R,I), SPIi, O, SA1, g(i), Ni, Nr, prf(KDF(Ni,Nr,h(g(i),r),SPIi,SPIr), I)), SA2, TSi, TSr}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
-
-
- recv_!E3( E, E, {R, {SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(g(i),r),SPIi,SPIr), R)}sk(R), SA2, TSi, TSr}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
- send_!E4( E, E, {R, {SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(g(r),i),SPIi,SPIr), R)}sk(R), SA2, TSi, TSr}KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
-
- }
-
-
-}
-
-
-protocol ikev2-mactosig(I, R)
-{
- role I {
- fresh i, Ni, SPIi: Nonce;
- var Nr, SPIr: Nonce;
- var Gr: Ticket;
-
-
-
- send_1( I, R, SPIi, O, SA1, g(i), Ni );
- recv_2( R, I, SPIi, SPIr, SA1, Gr, Nr );
-
-
- claim( I, Running, R,Ni,g(i),Nr,Gr,TSi,TSr );
- send_!3( I, R, SPIi, SPIr, {I, R, MAC(k(I,R), SPIi, O, SA1, g(i), Ni, Nr, prf(KDF(Ni,Nr,h(Gr,i),SPIi,SPIr), I)), SA2, TSi, TSr}KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
- recv_!4( R, I, SPIi, SPIr, {R, {SPIi, SPIr, SA1, Gr, Nr, Ni, prf(KDF(Ni,Nr,h(Gr,i),SPIi,SPIr), R)}sk(R), SA2, TSi, TSr}KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
-
-
- claim( I, SKR, KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R,Ni,g(i),Nr,Gr,TSi,TSr );
-
- }
-
- role R {
- fresh r, Nr, SPIr: Nonce;
- var Ni, SPIi: Nonce;
- var Gi: Ticket;
-
-
-
- recv_1( I, R, SPIi, O, SA1, Gi, Ni );
- send_2( R, I, SPIi, SPIr, SA1, g(r), Nr );
-
-
- recv_!3( I, R, SPIi, SPIr, {I, R, MAC(k(R,I), SPIi, O, SA1, Gi, Ni, Nr, prf(KDF(Ni,Nr,h(Gi,r),SPIi,SPIr), I)), SA2, TSi, TSr}KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
- claim( R, Running, I, Ni,Gi,Nr,g(r),TSi,TSr );
- send_!4( R, I, SPIi, SPIr, {R, {SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(Gi,r),SPIi,SPIr), R)}sk(R), SA2, TSi, TSr}KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
-
-
- claim( R, SKR, KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Ni,Gi,Nr,g(r),TSi,TSr );
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-mactosig2.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-mactosig2.cpp
deleted file mode 100644
index 73b20f55efe250dedf89d3427976c3722add6015..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-mactosig2.cpp
+++ /dev/null
@@ -1,103 +0,0 @@
-/**********************************************************************
- * @protocol Internet Key Exchange Protocol (IKEv2)
- * @reference RFC 4306
- * @variant Initiator authenticates itself using message
- * authentication codes while responder uses digital
- * signatures. Excludes optional payloads
- **********************************************************************/
-
-/**
- * MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
- */
-
-#define __IKEV2__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-#define AUTHii MAC(k(I,R), SPIi, O, SA1, g(i), Ni, Nr, prf(SKi, I))
-#define AUTHir MAC(k(R,I), SPIi, O, SA1, Gi, Ni, Nr, prf(SKr, I))
-#define AUTHri {SPIi, SPIr, SA1, Gr, Nr, Ni, prf(SKi, R)}sk(R)
-#define AUTHrr {SPIi, SPIr, SA1, g(r), Nr, Ni, prf(SKr, R)}sk(R)
-
-
-usertype Number, SecurityAssociation, TrafficSelector;
-const O: Number;
-const SA1 ,SA2, SA3: SecurityAssociation;
-const TSi, TSr: TrafficSelector;
-
-/**
- * This role serves as an "oracle" to ensure the executability of the
- * protocol by taking care of the problems that arise from our way of
- * modelling Diffie-Hellman keys.
- */
-protocol @executability(E) {
-#define Gi g(i)
-#define Gr g(r)
- role E {
- var i, r, Ni, Nr, SPIi, SPIr: Nonce;
- var I, R: Agent;
-
- // msg 3
- recv_!E1( E, E, {I, AUTHii, SA2, TSi, TSr}SKi );
- send_!E2( E, E, {I, AUTHir, SA2, TSi, TSr}SKr );
-
- // msg 4
- recv_!E3( E, E, {R, AUTHrr, SA2, TSi, TSr}SKr );
- send_!E4( E, E, {R, AUTHri, SA2, TSi, TSr}SKi );
-
- }
-#undef Gi
-#undef Gr
-}
-
-protocol ikev2-mactosig2(I, R)
-{
- role I {
- fresh i, Ni, SPIi: Nonce;
- var Nr, SPIr: Nonce;
- var Gr: Ticket;
-
-
- /* IKE_SA_INIT */
- send_1( I, R, SPIi, O, SA1, g(i), Ni );
- recv_2( R, I, SPIi, SPIr, SA1, Gr, Nr );
-
- /* IKE_AUTH */
- claim( I, Running, R,Ni,g(i),Nr,Gr,TSi,TSr );
- send_!3( I, R, SPIi, SPIr, {I, AUTHii, SA2, TSi, TSr}SKi );
- recv_!4( R, I, SPIi, SPIr, {R, AUTHri, SA2, TSi, TSr}SKi );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R,Ni,g(i),Nr,Gr,TSi,TSr );
-
- }
-
- role R {
- fresh r, Nr, SPIr: Nonce;
- var Ni, SPIi: Nonce;
- var Gi: Ticket;
-
-
- /* IKE_SA_INIT */
- recv_1( I, R, SPIi, O, SA1, Gi, Ni );
- send_2( R, I, SPIi, SPIr, SA1, g(r), Nr );
-
- /* IKE_AUTH */
- recv_!3( I, R, SPIi, SPIr, {I, AUTHir, SA2, TSi, TSr}SKr );
- claim( R, Running, I, Ni,Gi,Nr,g(r),TSi,TSr );
- send_!4( R, I, SPIi, SPIr, {R, AUTHrr, SA2, TSi, TSr}SKr );
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Ni,Gi,Nr,g(r),TSi,TSr );
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-mactosig2.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-mactosig2.spdl
deleted file mode 100644
index 92864abae98bfb18daa2c85ea74e4d33a94cd11a..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-mactosig2.spdl
+++ /dev/null
@@ -1,131 +0,0 @@
-# 1 "ikev2-mactosig2.cpp"
-# 1 "<command-line>"
-# 1 "ikev2-mactosig2.cpp"
-# 16 "ikev2-mactosig2.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-# 43 "common.h"
-hashfunction MAC;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-# 132 "common.h"
- var SPIi, SPIr: Nonce;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
- send_!SWAP2( SWAP, SWAP, KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
-
- }
-
-
-}
-# 17 "ikev2-mactosig2.cpp" 2
-# 25 "ikev2-mactosig2.cpp"
-usertype Number, SecurityAssociation, TrafficSelector;
-const O: Number;
-const SA1 ,SA2, SA3: SecurityAssociation;
-const TSi, TSr: TrafficSelector;
-
-
-
-
-
-
-protocol @executability(E) {
-
-
- role E {
- var i, r, Ni, Nr, SPIi, SPIr: Nonce;
- var I, R: Agent;
-
-
- recv_!E1( E, E, {I, MAC(k(I,R), SPIi, O, SA1, g(i), Ni, Nr, prf(KDF(Ni,Nr,h(g(r),i),SPIi,SPIr), I)), SA2, TSi, TSr}KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
- send_!E2( E, E, {I, MAC(k(R,I), SPIi, O, SA1, g(i), Ni, Nr, prf(KDF(Ni,Nr,h(g(i),r),SPIi,SPIr), I)), SA2, TSi, TSr}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
-
-
- recv_!E3( E, E, {R, {SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(g(i),r),SPIi,SPIr), R)}sk(R), SA2, TSi, TSr}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
- send_!E4( E, E, {R, {SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(g(r),i),SPIi,SPIr), R)}sk(R), SA2, TSi, TSr}KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
-
- }
-
-
-}
-
-protocol ikev2-mactosig2(I, R)
-{
- role I {
- fresh i, Ni, SPIi: Nonce;
- var Nr, SPIr: Nonce;
- var Gr: Ticket;
-
-
-
- send_1( I, R, SPIi, O, SA1, g(i), Ni );
- recv_2( R, I, SPIi, SPIr, SA1, Gr, Nr );
-
-
- claim( I, Running, R,Ni,g(i),Nr,Gr,TSi,TSr );
- send_!3( I, R, SPIi, SPIr, {I, MAC(k(I,R), SPIi, O, SA1, g(i), Ni, Nr, prf(KDF(Ni,Nr,h(Gr,i),SPIi,SPIr), I)), SA2, TSi, TSr}KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
- recv_!4( R, I, SPIi, SPIr, {R, {SPIi, SPIr, SA1, Gr, Nr, Ni, prf(KDF(Ni,Nr,h(Gr,i),SPIi,SPIr), R)}sk(R), SA2, TSi, TSr}KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
-
-
- claim( I, SKR, KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R,Ni,g(i),Nr,Gr,TSi,TSr );
-
- }
-
- role R {
- fresh r, Nr, SPIr: Nonce;
- var Ni, SPIi: Nonce;
- var Gi: Ticket;
-
-
-
- recv_1( I, R, SPIi, O, SA1, Gi, Ni );
- send_2( R, I, SPIi, SPIr, SA1, g(r), Nr );
-
-
- recv_!3( I, R, SPIi, SPIr, {I, MAC(k(R,I), SPIi, O, SA1, Gi, Ni, Nr, prf(KDF(Ni,Nr,h(Gi,r),SPIi,SPIr), I)), SA2, TSi, TSr}KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
- claim( R, Running, I, Ni,Gi,Nr,g(r),TSi,TSr );
- send_!4( R, I, SPIi, SPIr, {R, {SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(Gi,r),SPIi,SPIr), R)}sk(R), SA2, TSi, TSr}KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
-
-
- claim( R, SKR, KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Ni,Gi,Nr,g(r),TSi,TSr );
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sig-child-composed.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sig-child-composed.cpp
deleted file mode 100644
index 62ddf6f166fb42d270e5cf78063aa845da1323fa..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sig-child-composed.cpp
+++ /dev/null
@@ -1,138 +0,0 @@
-/**********************************************************************
- * @protocol Internet Key Exchange Protocol (IKEv2)
- * @reference RFC 4306
- * @variant Combination of signature authenticated IKEv2 and
- * CREATE_CHILD_SA, includes optional payloads
- **********************************************************************/
-
-/**
- * MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
- */
-
-#define __IKEV2__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-#define AUTHii {SPIi, O, SA1, g(i), Ni, Nr, prf(SKi, I)}sk(I)
-#define AUTHir {SPIi, O, SA1, Gi, Ni, Nr, prf(SKr, I)}sk(I)
-#define AUTHri {SPIi, SPIr, SA1, Gr, Nr, Ni, prf(SKi, R)}sk(R)
-#define AUTHrr {SPIi, SPIr, SA1, g(r), Nr, Ni, prf(SKr, R)}sk(R)
-#define KEYMATi KDF(Ni, Nr, Zi, h(Gt,j), Mi, Mr)
-#define KEYMATr KDF(Ni, Nr, Zr, h(Gi,t), Mi, Mr)
-
-
-usertype Number, SecurityAssociation, TrafficSelector;
-const O: Number;
-const SA1 ,SA2, SA3: SecurityAssociation;
-const TSi, TSr: TrafficSelector;
-
-/**
- * This role serves as an "oracle" to ensure the executability of the
- * protocol by taking care of the problems that arise from our way of
- * modelling Diffie-Hellman keys.
- */
-protocol @executability(E) {
-#define Gi g(i)
-#define Gr g(r)
- role E {
- var i, j, r, t, Mi, Ni, Mr, Nr, SPIi, SPIr: Nonce;
- var I, R: Agent;
-
- // msg 3
- recv_!E1( E, E, {I, R, AUTHii, SA2, TSi, TSr}SKi );
- send_!E2( E, E, {I, R, AUTHir, SA2, TSi, TSr}SKr );
-
- // msg 4
- recv_!E3( E, E, {R, AUTHrr, SA2, TSi, TSr}SKr );
- send_!E4( E, E, {R, AUTHri, SA2, TSi, TSr}SKi );
-
- // msg 5
- recv_!E5( E, E, {SA3, Mi, g(j), TSi, TSr}SKi );
- send_!E6( E, E, {SA3, Mi, g(j), TSi, TSr}SKr );
-
- // msg 6
- recv_!E7( E, E, {SA3, Mr, g(t), TSi, TSr}SKr );
- send_!E8( E, E, {SA3, Mr, g(t), TSi, TSr}SKr );
- }
-#undef Gi
-#undef Gr
-}
-protocol @ora(S) {
-#define Gi g(i)
-#define Gj g(j)
-#define Gr g(r)
-#define Gt g(t)
- role S {
- var i, j, r, t, Mi, Ni, Mr, Nr, SPIi, SPIr: Nonce;
-
- recv_!S1( S, S, KDF(Ni, Nr, Zi, h(Gt,j), Mi, Mr) );
- send_!S2( S, S, KDF(Ni, Nr, Zr, h(Gj,t), Mi, Mr) );
- }
-#undef Gi
-#undef Gj
-#undef Gr
-#undef Gt
-}
-
-
-protocol ikev2-sig-child(I, R)
-{
- role I {
- fresh i, j, Ni, Mi, SPIi: Nonce;
- var Nr, Mr, SPIr: Nonce;
- var Gr, Gt: Ticket;
-
-
- /* IKE_SA_INIT */
- send_1( I, R, SPIi, O, SA1, g(i), Ni );
- recv_2( R, I, HDR, SA1, Gr, Nr );
-
- /* IKE_AUTH */
- send_!3( I, R, HDR, {I, R, AUTHii, SA2, TSi, TSr}SKi );
- recv_!4( R, I, HDR, {R, AUTHri, SA2, TSi, TSr}SKi );
-
- /* CREATE_CHILD_SA */
- claim( I, Running, R,g(i),g(j),Gr );
- send_!5( I, R, HDR, {SA3, Mi, g(j), TSi, TSr}SKi );
- recv_!6( R, I, HDR, {SA3, Mr, Gt, TSi, TSr}SKi );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
- claim( I, SKR, KEYMATi );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R,g(i),g(j),Gr,Gt );
-
- }
-
- role R {
- fresh r, t, Nr, Mr, SPIr: Nonce;
- var Ni, Mi, SPIi: Nonce;
- var Gi, Gj: Ticket;
-
-
- /* IKE_SA_INIT */
- recv_1( I, R, SPIi, O, SA1, Gi, Ni );
- send_2( R, I, HDR, SA1, g(r), Nr );
-
- /* IKE_AUTH */
- recv_!3( I, R, HDR, {I, R, AUTHir, SA2, TSi, TSr}SKr );
- send_!4( R, I, HDR, {R, AUTHrr, SA2, TSi, TSr}SKr );
-
- /* CREATE_CHILD_SA */
- recv_!5( I, R, HDR, {SA3, Mi, Gj, TSi, TSr}SKr );
- claim( R, Running, I,Gi,Gj,g(r),g(t) );
- send_!6( R, I, HDR, {SA3, Mr, g(t), TSi, TSr}SKr );
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
- claim( R, SKR, KEYMATr );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I,Gi,Gj,g(r) );
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sig-child-composed.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sig-child-composed.spdl
deleted file mode 100644
index 392c99510d70cbfd6134f552ca0a3d9f04ea0aa4..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sig-child-composed.spdl
+++ /dev/null
@@ -1,165 +0,0 @@
-# 1 "ikev2-sig-child-composed.cpp"
-# 1 "<command-line>"
-# 1 "ikev2-sig-child-composed.cpp"
-# 15 "ikev2-sig-child-composed.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-# 43 "common.h"
-hashfunction MAC;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-# 132 "common.h"
- var SPIi, SPIr: Nonce;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
- send_!SWAP2( SWAP, SWAP, KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
-
- }
-
-
-}
-# 16 "ikev2-sig-child-composed.cpp" 2
-# 26 "ikev2-sig-child-composed.cpp"
-usertype Number, SecurityAssociation, TrafficSelector;
-const O: Number;
-const SA1 ,SA2, SA3: SecurityAssociation;
-const TSi, TSr: TrafficSelector;
-
-
-
-
-
-
-protocol @executability(E) {
-
-
- role E {
- var i, j, r, t, Mi, Ni, Mr, Nr, SPIi, SPIr: Nonce;
- var I, R: Agent;
-
-
- recv_!E1( E, E, {I, R, {SPIi, O, SA1, g(i), Ni, Nr, prf(KDF(Ni,Nr,h(g(r),i),SPIi,SPIr), I)}sk(I), SA2, TSi, TSr}KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
- send_!E2( E, E, {I, R, {SPIi, O, SA1, g(i), Ni, Nr, prf(KDF(Ni,Nr,h(g(i),r),SPIi,SPIr), I)}sk(I), SA2, TSi, TSr}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
-
-
- recv_!E3( E, E, {R, {SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(g(i),r),SPIi,SPIr), R)}sk(R), SA2, TSi, TSr}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
- send_!E4( E, E, {R, {SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(g(r),i),SPIi,SPIr), R)}sk(R), SA2, TSi, TSr}KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
-
-
- recv_!E5( E, E, {SA3, Mi, g(j), TSi, TSr}KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
- send_!E6( E, E, {SA3, Mi, g(j), TSi, TSr}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
-
-
- recv_!E7( E, E, {SA3, Mr, g(t), TSi, TSr}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
- send_!E8( E, E, {SA3, Mr, g(t), TSi, TSr}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
- }
-
-
-}
-protocol @ora(S) {
-
-
-
-
- role S {
- var i, j, r, t, Mi, Ni, Mr, Nr, SPIi, SPIr: Nonce;
-
- recv_!S1( S, S, KDF(Ni, Nr, h(g(r),i), h(g(t),j), Mi, Mr) );
- send_!S2( S, S, KDF(Ni, Nr, h(g(i),r), h(g(j),t), Mi, Mr) );
- }
-
-
-
-
-}
-
-
-protocol ikev2-sig-child(I, R)
-{
- role I {
- fresh i, j, Ni, Mi, SPIi: Nonce;
- var Nr, Mr, SPIr: Nonce;
- var Gr, Gt: Ticket;
-
-
-
- send_1( I, R, SPIi, O, SA1, g(i), Ni );
- recv_2( R, I, (SPIi,SPIr), SA1, Gr, Nr );
-
-
- send_!3( I, R, (SPIi,SPIr), {I, R, {SPIi, O, SA1, g(i), Ni, Nr, prf(KDF(Ni,Nr,h(Gr,i),SPIi,SPIr), I)}sk(I), SA2, TSi, TSr}KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
- recv_!4( R, I, (SPIi,SPIr), {R, {SPIi, SPIr, SA1, Gr, Nr, Ni, prf(KDF(Ni,Nr,h(Gr,i),SPIi,SPIr), R)}sk(R), SA2, TSi, TSr}KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
-
-
- claim( I, Running, R,g(i),g(j),Gr );
- send_!5( I, R, (SPIi,SPIr), {SA3, Mi, g(j), TSi, TSr}KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
- recv_!6( R, I, (SPIi,SPIr), {SA3, Mr, Gt, TSi, TSr}KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
-
-
- claim( I, SKR, KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
- claim( I, SKR, KDF(Ni, Nr, h(Gr,i), h(Gt,j), Mi, Mr) );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R,g(i),g(j),Gr,Gt );
-
- }
-
- role R {
- fresh r, t, Nr, Mr, SPIr: Nonce;
- var Ni, Mi, SPIi: Nonce;
- var Gi, Gj: Ticket;
-
-
-
- recv_1( I, R, SPIi, O, SA1, Gi, Ni );
- send_2( R, I, (SPIi,SPIr), SA1, g(r), Nr );
-
-
- recv_!3( I, R, (SPIi,SPIr), {I, R, {SPIi, O, SA1, Gi, Ni, Nr, prf(KDF(Ni,Nr,h(Gi,r),SPIi,SPIr), I)}sk(I), SA2, TSi, TSr}KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
- send_!4( R, I, (SPIi,SPIr), {R, {SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(Gi,r),SPIi,SPIr), R)}sk(R), SA2, TSi, TSr}KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
-
-
- recv_!5( I, R, (SPIi,SPIr), {SA3, Mi, Gj, TSi, TSr}KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
- claim( R, Running, I,Gi,Gj,g(r),g(t) );
- send_!6( R, I, (SPIi,SPIr), {SA3, Mr, g(t), TSi, TSr}KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
-
-
- claim( R, SKR, KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
- claim( R, SKR, KDF(Ni, Nr, h(Gi,r), h(Gi,t), Mi, Mr) );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I,Gi,Gj,g(r) );
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sig-child.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sig-child.cpp
deleted file mode 100644
index 62ddf6f166fb42d270e5cf78063aa845da1323fa..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sig-child.cpp
+++ /dev/null
@@ -1,138 +0,0 @@
-/**********************************************************************
- * @protocol Internet Key Exchange Protocol (IKEv2)
- * @reference RFC 4306
- * @variant Combination of signature authenticated IKEv2 and
- * CREATE_CHILD_SA, includes optional payloads
- **********************************************************************/
-
-/**
- * MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
- */
-
-#define __IKEV2__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-#define AUTHii {SPIi, O, SA1, g(i), Ni, Nr, prf(SKi, I)}sk(I)
-#define AUTHir {SPIi, O, SA1, Gi, Ni, Nr, prf(SKr, I)}sk(I)
-#define AUTHri {SPIi, SPIr, SA1, Gr, Nr, Ni, prf(SKi, R)}sk(R)
-#define AUTHrr {SPIi, SPIr, SA1, g(r), Nr, Ni, prf(SKr, R)}sk(R)
-#define KEYMATi KDF(Ni, Nr, Zi, h(Gt,j), Mi, Mr)
-#define KEYMATr KDF(Ni, Nr, Zr, h(Gi,t), Mi, Mr)
-
-
-usertype Number, SecurityAssociation, TrafficSelector;
-const O: Number;
-const SA1 ,SA2, SA3: SecurityAssociation;
-const TSi, TSr: TrafficSelector;
-
-/**
- * This role serves as an "oracle" to ensure the executability of the
- * protocol by taking care of the problems that arise from our way of
- * modelling Diffie-Hellman keys.
- */
-protocol @executability(E) {
-#define Gi g(i)
-#define Gr g(r)
- role E {
- var i, j, r, t, Mi, Ni, Mr, Nr, SPIi, SPIr: Nonce;
- var I, R: Agent;
-
- // msg 3
- recv_!E1( E, E, {I, R, AUTHii, SA2, TSi, TSr}SKi );
- send_!E2( E, E, {I, R, AUTHir, SA2, TSi, TSr}SKr );
-
- // msg 4
- recv_!E3( E, E, {R, AUTHrr, SA2, TSi, TSr}SKr );
- send_!E4( E, E, {R, AUTHri, SA2, TSi, TSr}SKi );
-
- // msg 5
- recv_!E5( E, E, {SA3, Mi, g(j), TSi, TSr}SKi );
- send_!E6( E, E, {SA3, Mi, g(j), TSi, TSr}SKr );
-
- // msg 6
- recv_!E7( E, E, {SA3, Mr, g(t), TSi, TSr}SKr );
- send_!E8( E, E, {SA3, Mr, g(t), TSi, TSr}SKr );
- }
-#undef Gi
-#undef Gr
-}
-protocol @ora(S) {
-#define Gi g(i)
-#define Gj g(j)
-#define Gr g(r)
-#define Gt g(t)
- role S {
- var i, j, r, t, Mi, Ni, Mr, Nr, SPIi, SPIr: Nonce;
-
- recv_!S1( S, S, KDF(Ni, Nr, Zi, h(Gt,j), Mi, Mr) );
- send_!S2( S, S, KDF(Ni, Nr, Zr, h(Gj,t), Mi, Mr) );
- }
-#undef Gi
-#undef Gj
-#undef Gr
-#undef Gt
-}
-
-
-protocol ikev2-sig-child(I, R)
-{
- role I {
- fresh i, j, Ni, Mi, SPIi: Nonce;
- var Nr, Mr, SPIr: Nonce;
- var Gr, Gt: Ticket;
-
-
- /* IKE_SA_INIT */
- send_1( I, R, SPIi, O, SA1, g(i), Ni );
- recv_2( R, I, HDR, SA1, Gr, Nr );
-
- /* IKE_AUTH */
- send_!3( I, R, HDR, {I, R, AUTHii, SA2, TSi, TSr}SKi );
- recv_!4( R, I, HDR, {R, AUTHri, SA2, TSi, TSr}SKi );
-
- /* CREATE_CHILD_SA */
- claim( I, Running, R,g(i),g(j),Gr );
- send_!5( I, R, HDR, {SA3, Mi, g(j), TSi, TSr}SKi );
- recv_!6( R, I, HDR, {SA3, Mr, Gt, TSi, TSr}SKi );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
- claim( I, SKR, KEYMATi );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R,g(i),g(j),Gr,Gt );
-
- }
-
- role R {
- fresh r, t, Nr, Mr, SPIr: Nonce;
- var Ni, Mi, SPIi: Nonce;
- var Gi, Gj: Ticket;
-
-
- /* IKE_SA_INIT */
- recv_1( I, R, SPIi, O, SA1, Gi, Ni );
- send_2( R, I, HDR, SA1, g(r), Nr );
-
- /* IKE_AUTH */
- recv_!3( I, R, HDR, {I, R, AUTHir, SA2, TSi, TSr}SKr );
- send_!4( R, I, HDR, {R, AUTHrr, SA2, TSi, TSr}SKr );
-
- /* CREATE_CHILD_SA */
- recv_!5( I, R, HDR, {SA3, Mi, Gj, TSi, TSr}SKr );
- claim( R, Running, I,Gi,Gj,g(r),g(t) );
- send_!6( R, I, HDR, {SA3, Mr, g(t), TSi, TSr}SKr );
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
- claim( R, SKR, KEYMATr );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I,Gi,Gj,g(r) );
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sig-child.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sig-child.spdl
deleted file mode 100644
index f9db4cfa7738103d925a7c80c79c320bc72eb0c0..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sig-child.spdl
+++ /dev/null
@@ -1,165 +0,0 @@
-# 1 "ikev2-sig-child.cpp"
-# 1 "<command-line>"
-# 1 "ikev2-sig-child.cpp"
-# 15 "ikev2-sig-child.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-# 43 "common.h"
-hashfunction MAC;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-# 132 "common.h"
- var SPIi, SPIr: Nonce;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
- send_!SWAP2( SWAP, SWAP, KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
-
- }
-
-
-}
-# 16 "ikev2-sig-child.cpp" 2
-# 26 "ikev2-sig-child.cpp"
-usertype Number, SecurityAssociation, TrafficSelector;
-const O: Number;
-const SA1 ,SA2, SA3: SecurityAssociation;
-const TSi, TSr: TrafficSelector;
-
-
-
-
-
-
-protocol @executability(E) {
-
-
- role E {
- var i, j, r, t, Mi, Ni, Mr, Nr, SPIi, SPIr: Nonce;
- var I, R: Agent;
-
-
- recv_!E1( E, E, {I, R, {SPIi, O, SA1, g(i), Ni, Nr, prf(KDF(Ni,Nr,h(g(r),i),SPIi,SPIr), I)}sk(I), SA2, TSi, TSr}KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
- send_!E2( E, E, {I, R, {SPIi, O, SA1, g(i), Ni, Nr, prf(KDF(Ni,Nr,h(g(i),r),SPIi,SPIr), I)}sk(I), SA2, TSi, TSr}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
-
-
- recv_!E3( E, E, {R, {SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(g(i),r),SPIi,SPIr), R)}sk(R), SA2, TSi, TSr}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
- send_!E4( E, E, {R, {SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(g(r),i),SPIi,SPIr), R)}sk(R), SA2, TSi, TSr}KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
-
-
- recv_!E5( E, E, {SA3, Mi, g(j), TSi, TSr}KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
- send_!E6( E, E, {SA3, Mi, g(j), TSi, TSr}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
-
-
- recv_!E7( E, E, {SA3, Mr, g(t), TSi, TSr}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
- send_!E8( E, E, {SA3, Mr, g(t), TSi, TSr}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
- }
-
-
-}
-protocol @ora(S) {
-
-
-
-
- role S {
- var i, j, r, t, Mi, Ni, Mr, Nr, SPIi, SPIr: Nonce;
-
- recv_!S1( S, S, KDF(Ni, Nr, h(g(r),i), h(g(t),j), Mi, Mr) );
- send_!S2( S, S, KDF(Ni, Nr, h(g(i),r), h(g(j),t), Mi, Mr) );
- }
-
-
-
-
-}
-
-
-protocol ikev2-sig-child(I, R)
-{
- role I {
- fresh i, j, Ni, Mi, SPIi: Nonce;
- var Nr, Mr, SPIr: Nonce;
- var Gr, Gt: Ticket;
-
-
-
- send_1( I, R, SPIi, O, SA1, g(i), Ni );
- recv_2( R, I, (SPIi,SPIr), SA1, Gr, Nr );
-
-
- send_!3( I, R, (SPIi,SPIr), {I, R, {SPIi, O, SA1, g(i), Ni, Nr, prf(KDF(Ni,Nr,h(Gr,i),SPIi,SPIr), I)}sk(I), SA2, TSi, TSr}KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
- recv_!4( R, I, (SPIi,SPIr), {R, {SPIi, SPIr, SA1, Gr, Nr, Ni, prf(KDF(Ni,Nr,h(Gr,i),SPIi,SPIr), R)}sk(R), SA2, TSi, TSr}KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
-
-
- claim( I, Running, R,g(i),g(j),Gr );
- send_!5( I, R, (SPIi,SPIr), {SA3, Mi, g(j), TSi, TSr}KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
- recv_!6( R, I, (SPIi,SPIr), {SA3, Mr, Gt, TSi, TSr}KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
-
-
- claim( I, SKR, KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
- claim( I, SKR, KDF(Ni, Nr, h(Gr,i), h(Gt,j), Mi, Mr) );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R,g(i),g(j),Gr,Gt );
-
- }
-
- role R {
- fresh r, t, Nr, Mr, SPIr: Nonce;
- var Ni, Mi, SPIi: Nonce;
- var Gi, Gj: Ticket;
-
-
-
- recv_1( I, R, SPIi, O, SA1, Gi, Ni );
- send_2( R, I, (SPIi,SPIr), SA1, g(r), Nr );
-
-
- recv_!3( I, R, (SPIi,SPIr), {I, R, {SPIi, O, SA1, Gi, Ni, Nr, prf(KDF(Ni,Nr,h(Gi,r),SPIi,SPIr), I)}sk(I), SA2, TSi, TSr}KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
- send_!4( R, I, (SPIi,SPIr), {R, {SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(Gi,r),SPIi,SPIr), R)}sk(R), SA2, TSi, TSr}KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
-
-
- recv_!5( I, R, (SPIi,SPIr), {SA3, Mi, Gj, TSi, TSr}KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
- claim( R, Running, I,Gi,Gj,g(r),g(t) );
- send_!6( R, I, (SPIi,SPIr), {SA3, Mr, g(t), TSi, TSr}KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
-
-
- claim( R, SKR, KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
- claim( R, SKR, KDF(Ni, Nr, h(Gi,r), h(Gi,t), Mi, Mr) );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I,Gi,Gj,g(r) );
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sig-child2-composed.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sig-child2-composed.cpp
deleted file mode 100644
index 621e7f65d90b83cdecc0d196a2fab0913d06d313..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sig-child2-composed.cpp
+++ /dev/null
@@ -1,138 +0,0 @@
-/**********************************************************************
- * @protocol Internet Key Exchange Protocol (IKEv2)
- * @reference RFC 4306
- * @variant Combination of signature authenticated IKEv2 and
- * CREATE_CHILD_SA, excludes optional payloads
- **********************************************************************/
-
-/**
- * MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
- */
-
-#define __IKEV2__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-#define AUTHii {SPIi, O, SA1, g(i), Ni, Nr, prf(SKi, I)}sk(I)
-#define AUTHir {SPIi, O, SA1, Gi, Ni, Nr, prf(SKr, I)}sk(I)
-#define AUTHri {SPIi, SPIr, SA1, Gr, Nr, Ni, prf(SKi, R)}sk(R)
-#define AUTHrr {SPIi, SPIr, SA1, g(r), Nr, Ni, prf(SKr, R)}sk(R)
-#define KEYMATi KDF(Ni, Nr, Zi, h(Gt,j), Mi, Mr)
-#define KEYMATr KDF(Ni, Nr, Zr, h(Gi,t), Mi, Mr)
-
-
-usertype Number, SecurityAssociation, TrafficSelector;
-const O: Number;
-const SA1 ,SA2, SA3: SecurityAssociation;
-const TSi, TSr: TrafficSelector;
-
-/**
- * This role serves as an "oracle" to ensure the executability of the
- * protocol by taking care of the problems that arise from our way of
- * modelling Diffie-Hellman keys.
- */
-protocol @executability(E) {
-#define Gi g(i)
-#define Gr g(r)
- role E {
- var i, j, r, t, Mi, Ni, Mr, Nr, SPIi, SPIr: Nonce;
- var I, R: Agent;
-
- // msg 3
- recv_!E1( E, E, {I, AUTHii, SA2, TSi, TSr}SKi );
- send_!E2( E, E, {I, AUTHir, SA2, TSi, TSr}SKr );
-
- // msg 4
- recv_!E3( E, E, {R, AUTHrr, SA2, TSi, TSr}SKr );
- send_!E4( E, E, {R, AUTHri, SA2, TSi, TSr}SKi );
-
- // msg 5
- recv_!E5( E, E, {SA3, Mi, g(j)}SKi );
- send_!E6( E, E, {SA3, Mi, g(j)}SKr );
-
- // msg 6
- recv_!E7( E, E, {SA3, Mr, g(t)}SKr );
- send_!E8( E, E, {SA3, Mr, g(t)}SKr );
- }
-#undef Gi
-#undef Gr
-}
-protocol @ora(S) {
-#define Gi g(i)
-#define Gj g(j)
-#define Gr g(r)
-#define Gt g(t)
- role S {
- var i, j, r, t, Mi, Ni, Mr, Nr, SPIi, SPIr: Nonce;
-
- recv_!S1( S, S, KDF(Ni, Nr, Zi, h(Gt,j), Mi, Mr) );
- send_!S2( S, S, KDF(Ni, Nr, Zr, h(Gj,t), Mi, Mr) );
- }
-#undef Gi
-#undef Gj
-#undef Gr
-#undef Gt
-}
-
-
-protocol ikev2-sig-child2(I, R)
-{
- role I {
- fresh i, j, Ni, Mi, SPIi: Nonce;
- var Nr, Mr, SPIr: Nonce;
- var Gr, Gt: Ticket;
-
-
- /* IKE_SA_INIT */
- send_1( I, R, SPIi, O, SA1, g(i), Ni );
- recv_2( R, I, HDR, SA1, Gr, Nr );
-
- /* IKE_AUTH */
- send_!3( I, R, HDR, {I, AUTHii, SA2, TSi, TSr}SKi );
- recv_!4( R, I, HDR, {R, AUTHri, SA2, TSi, TSr}SKi );
-
- /* CREATE_CHILD_SA */
- claim( I, Running, R,g(i),g(j),Gr );
- send_!5( I, R, HDR, {SA3, Mi, g(j)}SKi );
- recv_!6( R, I, HDR, {SA3, Mr, Gt}SKi );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
- claim( I, SKR, KEYMATi );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R,g(i),g(j),Gr,Gt );
-
- }
-
- role R {
- fresh r, t, Nr, Mr, SPIr: Nonce;
- var Ni, Mi, SPIi: Nonce;
- var Gi, Gj: Ticket;
-
-
- /* IKE_SA_INIT */
- recv_1( I, R, SPIi, O, SA1, Gi, Ni );
- send_2( R, I, HDR, SA1, g(r), Nr );
-
- /* IKE_AUTH */
- recv_!3( I, R, HDR, {I, AUTHir, SA2, TSi, TSr}SKr );
- send_!4( R, I, HDR, {R, AUTHrr, SA2, TSi, TSr}SKr );
-
- /* CREATE_CHILD_SA */
- recv_!5( I, R, HDR, {SA3, Mi, Gj}SKr );
- claim( R, Running, I,Gi,Gj,g(r),g(t) );
- send_!6( R, I, HDR, {SA3, Mr, g(t)}SKr );
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
- claim( R, SKR, KEYMATr );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I,Gi,Gj,g(r) );
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sig-child2-composed.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sig-child2-composed.spdl
deleted file mode 100644
index 49df999d4bd0cd84ac59e9298926b7297124296f..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sig-child2-composed.spdl
+++ /dev/null
@@ -1,165 +0,0 @@
-# 1 "ikev2-sig-child2-composed.cpp"
-# 1 "<command-line>"
-# 1 "ikev2-sig-child2-composed.cpp"
-# 15 "ikev2-sig-child2-composed.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-# 43 "common.h"
-hashfunction MAC;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-# 132 "common.h"
- var SPIi, SPIr: Nonce;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
- send_!SWAP2( SWAP, SWAP, KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
-
- }
-
-
-}
-# 16 "ikev2-sig-child2-composed.cpp" 2
-# 26 "ikev2-sig-child2-composed.cpp"
-usertype Number, SecurityAssociation, TrafficSelector;
-const O: Number;
-const SA1 ,SA2, SA3: SecurityAssociation;
-const TSi, TSr: TrafficSelector;
-
-
-
-
-
-
-protocol @executability(E) {
-
-
- role E {
- var i, j, r, t, Mi, Ni, Mr, Nr, SPIi, SPIr: Nonce;
- var I, R: Agent;
-
-
- recv_!E1( E, E, {I, {SPIi, O, SA1, g(i), Ni, Nr, prf(KDF(Ni,Nr,h(g(r),i),SPIi,SPIr), I)}sk(I), SA2, TSi, TSr}KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
- send_!E2( E, E, {I, {SPIi, O, SA1, g(i), Ni, Nr, prf(KDF(Ni,Nr,h(g(i),r),SPIi,SPIr), I)}sk(I), SA2, TSi, TSr}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
-
-
- recv_!E3( E, E, {R, {SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(g(i),r),SPIi,SPIr), R)}sk(R), SA2, TSi, TSr}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
- send_!E4( E, E, {R, {SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(g(r),i),SPIi,SPIr), R)}sk(R), SA2, TSi, TSr}KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
-
-
- recv_!E5( E, E, {SA3, Mi, g(j)}KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
- send_!E6( E, E, {SA3, Mi, g(j)}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
-
-
- recv_!E7( E, E, {SA3, Mr, g(t)}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
- send_!E8( E, E, {SA3, Mr, g(t)}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
- }
-
-
-}
-protocol @ora(S) {
-
-
-
-
- role S {
- var i, j, r, t, Mi, Ni, Mr, Nr, SPIi, SPIr: Nonce;
-
- recv_!S1( S, S, KDF(Ni, Nr, h(g(r),i), h(g(t),j), Mi, Mr) );
- send_!S2( S, S, KDF(Ni, Nr, h(g(i),r), h(g(j),t), Mi, Mr) );
- }
-
-
-
-
-}
-
-
-protocol ikev2-sig-child2(I, R)
-{
- role I {
- fresh i, j, Ni, Mi, SPIi: Nonce;
- var Nr, Mr, SPIr: Nonce;
- var Gr, Gt: Ticket;
-
-
-
- send_1( I, R, SPIi, O, SA1, g(i), Ni );
- recv_2( R, I, (SPIi,SPIr), SA1, Gr, Nr );
-
-
- send_!3( I, R, (SPIi,SPIr), {I, {SPIi, O, SA1, g(i), Ni, Nr, prf(KDF(Ni,Nr,h(Gr,i),SPIi,SPIr), I)}sk(I), SA2, TSi, TSr}KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
- recv_!4( R, I, (SPIi,SPIr), {R, {SPIi, SPIr, SA1, Gr, Nr, Ni, prf(KDF(Ni,Nr,h(Gr,i),SPIi,SPIr), R)}sk(R), SA2, TSi, TSr}KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
-
-
- claim( I, Running, R,g(i),g(j),Gr );
- send_!5( I, R, (SPIi,SPIr), {SA3, Mi, g(j)}KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
- recv_!6( R, I, (SPIi,SPIr), {SA3, Mr, Gt}KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
-
-
- claim( I, SKR, KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
- claim( I, SKR, KDF(Ni, Nr, h(Gr,i), h(Gt,j), Mi, Mr) );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R,g(i),g(j),Gr,Gt );
-
- }
-
- role R {
- fresh r, t, Nr, Mr, SPIr: Nonce;
- var Ni, Mi, SPIi: Nonce;
- var Gi, Gj: Ticket;
-
-
-
- recv_1( I, R, SPIi, O, SA1, Gi, Ni );
- send_2( R, I, (SPIi,SPIr), SA1, g(r), Nr );
-
-
- recv_!3( I, R, (SPIi,SPIr), {I, {SPIi, O, SA1, Gi, Ni, Nr, prf(KDF(Ni,Nr,h(Gi,r),SPIi,SPIr), I)}sk(I), SA2, TSi, TSr}KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
- send_!4( R, I, (SPIi,SPIr), {R, {SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(Gi,r),SPIi,SPIr), R)}sk(R), SA2, TSi, TSr}KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
-
-
- recv_!5( I, R, (SPIi,SPIr), {SA3, Mi, Gj}KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
- claim( R, Running, I,Gi,Gj,g(r),g(t) );
- send_!6( R, I, (SPIi,SPIr), {SA3, Mr, g(t)}KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
-
-
- claim( R, SKR, KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
- claim( R, SKR, KDF(Ni, Nr, h(Gi,r), h(Gi,t), Mi, Mr) );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I,Gi,Gj,g(r) );
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sig-child2.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sig-child2.cpp
deleted file mode 100644
index 621e7f65d90b83cdecc0d196a2fab0913d06d313..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sig-child2.cpp
+++ /dev/null
@@ -1,138 +0,0 @@
-/**********************************************************************
- * @protocol Internet Key Exchange Protocol (IKEv2)
- * @reference RFC 4306
- * @variant Combination of signature authenticated IKEv2 and
- * CREATE_CHILD_SA, excludes optional payloads
- **********************************************************************/
-
-/**
- * MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
- */
-
-#define __IKEV2__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-#define AUTHii {SPIi, O, SA1, g(i), Ni, Nr, prf(SKi, I)}sk(I)
-#define AUTHir {SPIi, O, SA1, Gi, Ni, Nr, prf(SKr, I)}sk(I)
-#define AUTHri {SPIi, SPIr, SA1, Gr, Nr, Ni, prf(SKi, R)}sk(R)
-#define AUTHrr {SPIi, SPIr, SA1, g(r), Nr, Ni, prf(SKr, R)}sk(R)
-#define KEYMATi KDF(Ni, Nr, Zi, h(Gt,j), Mi, Mr)
-#define KEYMATr KDF(Ni, Nr, Zr, h(Gi,t), Mi, Mr)
-
-
-usertype Number, SecurityAssociation, TrafficSelector;
-const O: Number;
-const SA1 ,SA2, SA3: SecurityAssociation;
-const TSi, TSr: TrafficSelector;
-
-/**
- * This role serves as an "oracle" to ensure the executability of the
- * protocol by taking care of the problems that arise from our way of
- * modelling Diffie-Hellman keys.
- */
-protocol @executability(E) {
-#define Gi g(i)
-#define Gr g(r)
- role E {
- var i, j, r, t, Mi, Ni, Mr, Nr, SPIi, SPIr: Nonce;
- var I, R: Agent;
-
- // msg 3
- recv_!E1( E, E, {I, AUTHii, SA2, TSi, TSr}SKi );
- send_!E2( E, E, {I, AUTHir, SA2, TSi, TSr}SKr );
-
- // msg 4
- recv_!E3( E, E, {R, AUTHrr, SA2, TSi, TSr}SKr );
- send_!E4( E, E, {R, AUTHri, SA2, TSi, TSr}SKi );
-
- // msg 5
- recv_!E5( E, E, {SA3, Mi, g(j)}SKi );
- send_!E6( E, E, {SA3, Mi, g(j)}SKr );
-
- // msg 6
- recv_!E7( E, E, {SA3, Mr, g(t)}SKr );
- send_!E8( E, E, {SA3, Mr, g(t)}SKr );
- }
-#undef Gi
-#undef Gr
-}
-protocol @ora(S) {
-#define Gi g(i)
-#define Gj g(j)
-#define Gr g(r)
-#define Gt g(t)
- role S {
- var i, j, r, t, Mi, Ni, Mr, Nr, SPIi, SPIr: Nonce;
-
- recv_!S1( S, S, KDF(Ni, Nr, Zi, h(Gt,j), Mi, Mr) );
- send_!S2( S, S, KDF(Ni, Nr, Zr, h(Gj,t), Mi, Mr) );
- }
-#undef Gi
-#undef Gj
-#undef Gr
-#undef Gt
-}
-
-
-protocol ikev2-sig-child2(I, R)
-{
- role I {
- fresh i, j, Ni, Mi, SPIi: Nonce;
- var Nr, Mr, SPIr: Nonce;
- var Gr, Gt: Ticket;
-
-
- /* IKE_SA_INIT */
- send_1( I, R, SPIi, O, SA1, g(i), Ni );
- recv_2( R, I, HDR, SA1, Gr, Nr );
-
- /* IKE_AUTH */
- send_!3( I, R, HDR, {I, AUTHii, SA2, TSi, TSr}SKi );
- recv_!4( R, I, HDR, {R, AUTHri, SA2, TSi, TSr}SKi );
-
- /* CREATE_CHILD_SA */
- claim( I, Running, R,g(i),g(j),Gr );
- send_!5( I, R, HDR, {SA3, Mi, g(j)}SKi );
- recv_!6( R, I, HDR, {SA3, Mr, Gt}SKi );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
- claim( I, SKR, KEYMATi );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R,g(i),g(j),Gr,Gt );
-
- }
-
- role R {
- fresh r, t, Nr, Mr, SPIr: Nonce;
- var Ni, Mi, SPIi: Nonce;
- var Gi, Gj: Ticket;
-
-
- /* IKE_SA_INIT */
- recv_1( I, R, SPIi, O, SA1, Gi, Ni );
- send_2( R, I, HDR, SA1, g(r), Nr );
-
- /* IKE_AUTH */
- recv_!3( I, R, HDR, {I, AUTHir, SA2, TSi, TSr}SKr );
- send_!4( R, I, HDR, {R, AUTHrr, SA2, TSi, TSr}SKr );
-
- /* CREATE_CHILD_SA */
- recv_!5( I, R, HDR, {SA3, Mi, Gj}SKr );
- claim( R, Running, I,Gi,Gj,g(r),g(t) );
- send_!6( R, I, HDR, {SA3, Mr, g(t)}SKr );
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
- claim( R, SKR, KEYMATr );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I,Gi,Gj,g(r) );
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sig-child2.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sig-child2.spdl
deleted file mode 100644
index aa8642fcb2a8b72781bed2aafbf1e2a4ef88e23f..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sig-child2.spdl
+++ /dev/null
@@ -1,165 +0,0 @@
-# 1 "ikev2-sig-child2.cpp"
-# 1 "<command-line>"
-# 1 "ikev2-sig-child2.cpp"
-# 15 "ikev2-sig-child2.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-# 43 "common.h"
-hashfunction MAC;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-# 132 "common.h"
- var SPIi, SPIr: Nonce;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
- send_!SWAP2( SWAP, SWAP, KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
-
- }
-
-
-}
-# 16 "ikev2-sig-child2.cpp" 2
-# 26 "ikev2-sig-child2.cpp"
-usertype Number, SecurityAssociation, TrafficSelector;
-const O: Number;
-const SA1 ,SA2, SA3: SecurityAssociation;
-const TSi, TSr: TrafficSelector;
-
-
-
-
-
-
-protocol @executability(E) {
-
-
- role E {
- var i, j, r, t, Mi, Ni, Mr, Nr, SPIi, SPIr: Nonce;
- var I, R: Agent;
-
-
- recv_!E1( E, E, {I, {SPIi, O, SA1, g(i), Ni, Nr, prf(KDF(Ni,Nr,h(g(r),i),SPIi,SPIr), I)}sk(I), SA2, TSi, TSr}KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
- send_!E2( E, E, {I, {SPIi, O, SA1, g(i), Ni, Nr, prf(KDF(Ni,Nr,h(g(i),r),SPIi,SPIr), I)}sk(I), SA2, TSi, TSr}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
-
-
- recv_!E3( E, E, {R, {SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(g(i),r),SPIi,SPIr), R)}sk(R), SA2, TSi, TSr}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
- send_!E4( E, E, {R, {SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(g(r),i),SPIi,SPIr), R)}sk(R), SA2, TSi, TSr}KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
-
-
- recv_!E5( E, E, {SA3, Mi, g(j)}KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
- send_!E6( E, E, {SA3, Mi, g(j)}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
-
-
- recv_!E7( E, E, {SA3, Mr, g(t)}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
- send_!E8( E, E, {SA3, Mr, g(t)}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
- }
-
-
-}
-protocol @ora(S) {
-
-
-
-
- role S {
- var i, j, r, t, Mi, Ni, Mr, Nr, SPIi, SPIr: Nonce;
-
- recv_!S1( S, S, KDF(Ni, Nr, h(g(r),i), h(g(t),j), Mi, Mr) );
- send_!S2( S, S, KDF(Ni, Nr, h(g(i),r), h(g(j),t), Mi, Mr) );
- }
-
-
-
-
-}
-
-
-protocol ikev2-sig-child2(I, R)
-{
- role I {
- fresh i, j, Ni, Mi, SPIi: Nonce;
- var Nr, Mr, SPIr: Nonce;
- var Gr, Gt: Ticket;
-
-
-
- send_1( I, R, SPIi, O, SA1, g(i), Ni );
- recv_2( R, I, (SPIi,SPIr), SA1, Gr, Nr );
-
-
- send_!3( I, R, (SPIi,SPIr), {I, {SPIi, O, SA1, g(i), Ni, Nr, prf(KDF(Ni,Nr,h(Gr,i),SPIi,SPIr), I)}sk(I), SA2, TSi, TSr}KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
- recv_!4( R, I, (SPIi,SPIr), {R, {SPIi, SPIr, SA1, Gr, Nr, Ni, prf(KDF(Ni,Nr,h(Gr,i),SPIi,SPIr), R)}sk(R), SA2, TSi, TSr}KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
-
-
- claim( I, Running, R,g(i),g(j),Gr );
- send_!5( I, R, (SPIi,SPIr), {SA3, Mi, g(j)}KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
- recv_!6( R, I, (SPIi,SPIr), {SA3, Mr, Gt}KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
-
-
- claim( I, SKR, KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
- claim( I, SKR, KDF(Ni, Nr, h(Gr,i), h(Gt,j), Mi, Mr) );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R,g(i),g(j),Gr,Gt );
-
- }
-
- role R {
- fresh r, t, Nr, Mr, SPIr: Nonce;
- var Ni, Mi, SPIi: Nonce;
- var Gi, Gj: Ticket;
-
-
-
- recv_1( I, R, SPIi, O, SA1, Gi, Ni );
- send_2( R, I, (SPIi,SPIr), SA1, g(r), Nr );
-
-
- recv_!3( I, R, (SPIi,SPIr), {I, {SPIi, O, SA1, Gi, Ni, Nr, prf(KDF(Ni,Nr,h(Gi,r),SPIi,SPIr), I)}sk(I), SA2, TSi, TSr}KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
- send_!4( R, I, (SPIi,SPIr), {R, {SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(Gi,r),SPIi,SPIr), R)}sk(R), SA2, TSi, TSr}KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
-
-
- recv_!5( I, R, (SPIi,SPIr), {SA3, Mi, Gj}KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
- claim( R, Running, I,Gi,Gj,g(r),g(t) );
- send_!6( R, I, (SPIi,SPIr), {SA3, Mr, g(t)}KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
-
-
- claim( R, SKR, KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
- claim( R, SKR, KDF(Ni, Nr, h(Gi,r), h(Gi,t), Mi, Mr) );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I,Gi,Gj,g(r) );
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sig.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sig.cpp
deleted file mode 100644
index 68e7326d3a9a47b64e4d14259ffacc0262500e1a..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sig.cpp
+++ /dev/null
@@ -1,103 +0,0 @@
-/**********************************************************************
- * @protocol Internet Key Exchange Protocol (IKEv2)
- * @subprotocol Signature authenticated IKEv2
- * @reference RFC 4306
- * @variant Includes optional payloads
- **********************************************************************/
-
-/**
- * MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
- */
-
-#define __IKEV2__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-#define AUTHii {SPIi, O, SA1, g(i), Ni, Nr, prf(SKi, I)}sk(I)
-#define AUTHir {SPIi, O, SA1, Gi, Ni, Nr, prf(SKr, I)}sk(I)
-#define AUTHri {SPIi, SPIr, SA1, Gr, Nr, Ni, prf(SKi, R)}sk(R)
-#define AUTHrr {SPIi, SPIr, SA1, g(r), Nr, Ni, prf(SKr, R)}sk(R)
-
-
-usertype Number, SecurityAssociation, TrafficSelector;
-const O: Number;
-const SA1 ,SA2: SecurityAssociation;
-const TSi, TSr: TrafficSelector;
-
-/**
- * This role serves as an "oracle" to ensure the executability of the
- * protocol by taking care of the problems that arise from our way of
- * modelling Diffie-Hellman keys.
- */
-protocol @executability(E) {
-#define Gi g(i)
-#define Gr g(r)
- role E {
- var i, r, Ni, Nr, SPIi, SPIr: Nonce;
- var I, R: Agent;
-
- // msg 3
- recv_!E1( E, E, {I, R, AUTHii, SA2, TSi, TSr}SKi );
- send_!E2( E, E, {I, R, AUTHir, SA2, TSi, TSr}SKr );
-
- // msg 4
- recv_!E3( E, E, {R, AUTHrr, SA2, TSi, TSr}SKr );
- send_!E4( E, E, {R, AUTHri, SA2, TSi, TSr}SKi );
-
- }
-#undef Gi
-#undef Gr
-}
-
-
-protocol ikev2-sig(I, R)
-{
- role I {
- fresh i, Ni, SPIi: Nonce;
- var Nr, SPIr: Nonce;
- var Gr: Ticket;
-
-
- /* IKE_SA_INIT */
- send_1( I, R, SPIi, O, SA1, g(i), Ni );
- recv_2( R, I, HDR, SA1, Gr, Nr );
-
- /* IKE_AUTH */
- claim( I, Running, R,g(i),Gr,Ni,Nr );
- send_!3( I, R, HDR, {I, R, AUTHii, SA2, TSi, TSr}SKi );
- recv_!4( R, I, HDR, {R, AUTHri, SA2, TSi, TSr}SKi );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R,g(i),Gr,Ni,Nr );
-
- }
-
- role R {
- fresh r, Nr, SPIr: Nonce;
- var Ni, SPIi: Nonce;
- var Gi: Ticket;
-
-
- /* IKE_SA_INIT */
- recv_1( I, R, SPIi, O, SA1, Gi, Ni );
- send_2( R, I, HDR, SA1, g(r), Nr );
-
- /* IKE_AUTH */
- recv_!3( I, R, HDR, {I, R, AUTHir, SA2, TSi, TSr}SKr );
- claim( R, Running, I,Gi,g(r),Ni,Nr );
- send_!4( R, I, HDR, {R, AUTHrr, SA2, TSi, TSr}SKr );
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I,Gi,g(r),Ni,Nr );
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sig.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sig.spdl
deleted file mode 100644
index baaba1ab6720760867fca5bb2d345a4547ab5cca..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sig.spdl
+++ /dev/null
@@ -1,132 +0,0 @@
-# 1 "ikev2-sig.cpp"
-# 1 "<command-line>"
-# 1 "ikev2-sig.cpp"
-# 15 "ikev2-sig.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-# 43 "common.h"
-hashfunction MAC;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-# 132 "common.h"
- var SPIi, SPIr: Nonce;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
- send_!SWAP2( SWAP, SWAP, KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
-
- }
-
-
-}
-# 16 "ikev2-sig.cpp" 2
-# 24 "ikev2-sig.cpp"
-usertype Number, SecurityAssociation, TrafficSelector;
-const O: Number;
-const SA1 ,SA2: SecurityAssociation;
-const TSi, TSr: TrafficSelector;
-
-
-
-
-
-
-protocol @executability(E) {
-
-
- role E {
- var i, r, Ni, Nr, SPIi, SPIr: Nonce;
- var I, R: Agent;
-
-
- recv_!E1( E, E, {I, R, {SPIi, O, SA1, g(i), Ni, Nr, prf(KDF(Ni,Nr,h(g(r),i),SPIi,SPIr), I)}sk(I), SA2, TSi, TSr}KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
- send_!E2( E, E, {I, R, {SPIi, O, SA1, g(i), Ni, Nr, prf(KDF(Ni,Nr,h(g(i),r),SPIi,SPIr), I)}sk(I), SA2, TSi, TSr}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
-
-
- recv_!E3( E, E, {R, {SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(g(i),r),SPIi,SPIr), R)}sk(R), SA2, TSi, TSr}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
- send_!E4( E, E, {R, {SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(g(r),i),SPIi,SPIr), R)}sk(R), SA2, TSi, TSr}KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
-
- }
-
-
-}
-
-
-protocol ikev2-sig(I, R)
-{
- role I {
- fresh i, Ni, SPIi: Nonce;
- var Nr, SPIr: Nonce;
- var Gr: Ticket;
-
-
-
- send_1( I, R, SPIi, O, SA1, g(i), Ni );
- recv_2( R, I, (SPIi,SPIr), SA1, Gr, Nr );
-
-
- claim( I, Running, R,g(i),Gr,Ni,Nr );
- send_!3( I, R, (SPIi,SPIr), {I, R, {SPIi, O, SA1, g(i), Ni, Nr, prf(KDF(Ni,Nr,h(Gr,i),SPIi,SPIr), I)}sk(I), SA2, TSi, TSr}KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
- recv_!4( R, I, (SPIi,SPIr), {R, {SPIi, SPIr, SA1, Gr, Nr, Ni, prf(KDF(Ni,Nr,h(Gr,i),SPIi,SPIr), R)}sk(R), SA2, TSi, TSr}KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
-
-
- claim( I, SKR, KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R,g(i),Gr,Ni,Nr );
-
- }
-
- role R {
- fresh r, Nr, SPIr: Nonce;
- var Ni, SPIi: Nonce;
- var Gi: Ticket;
-
-
-
- recv_1( I, R, SPIi, O, SA1, Gi, Ni );
- send_2( R, I, (SPIi,SPIr), SA1, g(r), Nr );
-
-
- recv_!3( I, R, (SPIi,SPIr), {I, R, {SPIi, O, SA1, Gi, Ni, Nr, prf(KDF(Ni,Nr,h(Gi,r),SPIi,SPIr), I)}sk(I), SA2, TSi, TSr}KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
- claim( R, Running, I,Gi,g(r),Ni,Nr );
- send_!4( R, I, (SPIi,SPIr), {R, {SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(Gi,r),SPIi,SPIr), R)}sk(R), SA2, TSi, TSr}KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
-
-
- claim( R, SKR, KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I,Gi,g(r),Ni,Nr );
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sig2.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sig2.cpp
deleted file mode 100644
index e2e02b71a4ae47ca381e88e9dc02647a0173aaa7..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sig2.cpp
+++ /dev/null
@@ -1,103 +0,0 @@
-/**********************************************************************
- * @protocol Internet Key Exchange Protocol (IKEv2)
- * @subprotocol Signature authenticated IKEv2
- * @reference RFC 4306
- * @variant Excludes optional payloads
- **********************************************************************/
-
-/**
- * MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
- */
-
-#define __IKEV2__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-#define AUTHii {SPIi, O, SA1, g(i), Ni, Nr, prf(SKi, I)}sk(I)
-#define AUTHir {SPIi, O, SA1, Gi, Ni, Nr, prf(SKr, I)}sk(I)
-#define AUTHri {SPIi, SPIr, SA1, Gr, Nr, Ni, prf(SKi, R)}sk(R)
-#define AUTHrr {SPIi, SPIr, SA1, g(r), Nr, Ni, prf(SKr, R)}sk(R)
-
-
-usertype Number, SecurityAssociation, TrafficSelector;
-const O: Number;
-const SA1 ,SA2: SecurityAssociation;
-const TSi, TSr: TrafficSelector;
-
-/**
- * This role serves as an "oracle" to ensure the executability of the
- * protocol by taking care of the problems that arise from our way of
- * modelling Diffie-Hellman keys.
- */
-protocol @executability(E) {
-#define Gi g(i)
-#define Gr g(r)
- role E {
- var i, r, Ni, Nr, SPIi, SPIr: Nonce;
- var I, R: Agent;
-
- // msg 3
- recv_!E1( E, E, {I, AUTHii, SA2, TSi, TSr}SKi );
- send_!E2( E, E, {I, AUTHir, SA2, TSi, TSr}SKr );
-
- // msg 4
- recv_!E3( E, E, {R, AUTHrr, SA2, TSi, TSr}SKr );
- send_!E4( E, E, {R, AUTHri, SA2, TSi, TSr}SKi );
-
- }
-#undef Gi
-#undef Gr
-}
-
-
-protocol ikev2-sig2(I, R)
-{
- role I {
- fresh i, Ni, SPIi: Nonce;
- var Nr, SPIr: Nonce;
- var Gr: Ticket;
-
-
- /* IKE_SA_INIT */
- send_1( I, R, SPIi, O, SA1, g(i), Ni );
- recv_2( R, I, HDR, SA1, Gr, Nr );
-
- /* IKE_AUTH */
- claim( I, Running, R,Ni,g(i),Nr,Gr,TSi,TSr );
- send_!3( I, R, HDR, {I, AUTHii, SA2, TSi, TSr}SKi );
- recv_!4( R, I, HDR, {R, AUTHri, SA2, TSi, TSr}SKi );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R,Ni,g(i),Nr,Gr,TSi,TSr );
-
- }
-
- role R {
- fresh r, Nr, SPIr: Nonce;
- var Ni, SPIi: Nonce;
- var Gi: Ticket;
-
-
- /* IKE_SA_INIT */
- recv_1( I, R, SPIi, O, SA1, Gi, Ni );
- send_2( R, I, HDR, SA1, g(r), Nr );
-
- /* IKE_AUTH */
- recv_!3( I, R, HDR, {I, AUTHir, SA2, TSi, TSr}SKr );
- claim( R, Running, I, Ni,Gi,Nr,g(r),TSi,TSr );
- send_!4( R, I, HDR, {R, AUTHrr, SA2, TSi, TSr}SKr );
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Ni,Gi,Nr,g(r),TSi,TSr );
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sig2.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sig2.spdl
deleted file mode 100644
index 0825976eb9adcfbb0fab40784e940c795d572a50..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sig2.spdl
+++ /dev/null
@@ -1,132 +0,0 @@
-# 1 "ikev2-sig2.cpp"
-# 1 "<command-line>"
-# 1 "ikev2-sig2.cpp"
-# 15 "ikev2-sig2.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-# 43 "common.h"
-hashfunction MAC;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-# 132 "common.h"
- var SPIi, SPIr: Nonce;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
- send_!SWAP2( SWAP, SWAP, KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
-
- }
-
-
-}
-# 16 "ikev2-sig2.cpp" 2
-# 24 "ikev2-sig2.cpp"
-usertype Number, SecurityAssociation, TrafficSelector;
-const O: Number;
-const SA1 ,SA2: SecurityAssociation;
-const TSi, TSr: TrafficSelector;
-
-
-
-
-
-
-protocol @executability(E) {
-
-
- role E {
- var i, r, Ni, Nr, SPIi, SPIr: Nonce;
- var I, R: Agent;
-
-
- recv_!E1( E, E, {I, {SPIi, O, SA1, g(i), Ni, Nr, prf(KDF(Ni,Nr,h(g(r),i),SPIi,SPIr), I)}sk(I), SA2, TSi, TSr}KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
- send_!E2( E, E, {I, {SPIi, O, SA1, g(i), Ni, Nr, prf(KDF(Ni,Nr,h(g(i),r),SPIi,SPIr), I)}sk(I), SA2, TSi, TSr}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
-
-
- recv_!E3( E, E, {R, {SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(g(i),r),SPIi,SPIr), R)}sk(R), SA2, TSi, TSr}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
- send_!E4( E, E, {R, {SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(g(r),i),SPIi,SPIr), R)}sk(R), SA2, TSi, TSr}KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
-
- }
-
-
-}
-
-
-protocol ikev2-sig2(I, R)
-{
- role I {
- fresh i, Ni, SPIi: Nonce;
- var Nr, SPIr: Nonce;
- var Gr: Ticket;
-
-
-
- send_1( I, R, SPIi, O, SA1, g(i), Ni );
- recv_2( R, I, (SPIi,SPIr), SA1, Gr, Nr );
-
-
- claim( I, Running, R,Ni,g(i),Nr,Gr,TSi,TSr );
- send_!3( I, R, (SPIi,SPIr), {I, {SPIi, O, SA1, g(i), Ni, Nr, prf(KDF(Ni,Nr,h(Gr,i),SPIi,SPIr), I)}sk(I), SA2, TSi, TSr}KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
- recv_!4( R, I, (SPIi,SPIr), {R, {SPIi, SPIr, SA1, Gr, Nr, Ni, prf(KDF(Ni,Nr,h(Gr,i),SPIi,SPIr), R)}sk(R), SA2, TSi, TSr}KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
-
-
- claim( I, SKR, KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R,Ni,g(i),Nr,Gr,TSi,TSr );
-
- }
-
- role R {
- fresh r, Nr, SPIr: Nonce;
- var Ni, SPIi: Nonce;
- var Gi: Ticket;
-
-
-
- recv_1( I, R, SPIi, O, SA1, Gi, Ni );
- send_2( R, I, (SPIi,SPIr), SA1, g(r), Nr );
-
-
- recv_!3( I, R, (SPIi,SPIr), {I, {SPIi, O, SA1, Gi, Ni, Nr, prf(KDF(Ni,Nr,h(Gi,r),SPIi,SPIr), I)}sk(I), SA2, TSi, TSr}KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
- claim( R, Running, I, Ni,Gi,Nr,g(r),TSi,TSr );
- send_!4( R, I, (SPIi,SPIr), {R, {SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(Gi,r),SPIi,SPIr), R)}sk(R), SA2, TSi, TSr}KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
-
-
- claim( R, SKR, KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I, Ni,Gi,Nr,g(r),TSi,TSr );
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sigtomac.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sigtomac.cpp
deleted file mode 100644
index dc7a0596fa614ced60de68f0716515b46ff534b2..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sigtomac.cpp
+++ /dev/null
@@ -1,104 +0,0 @@
-/**********************************************************************
- * @protocol Internet Key Exchange Protocol (IKEv2)
- * @reference RFC 4306
- * @variant Initiator authenticates itself using digital signatures
- * while responder uses message authentication codes.
- * Includes optional payloads
- **********************************************************************/
-
-/**
- * MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
- */
-
-#define __IKEV2__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-#define AUTHii {SPIi, O, SA1, g(i), Ni, Nr, prf(SKi, I)}sk(I)
-#define AUTHir {SPIi, O, SA1, Gi, Ni, Nr, prf(SKr, I)}sk(I)
-#define AUTHri MAC(k(I,R), SPIi, SPIr, SA1, Gr, Nr, Ni, prf(SKi, R))
-#define AUTHrr MAC(k(R,I), SPIi, SPIr, SA1, g(r), Nr, Ni, prf(SKr, R))
-
-
-usertype Number, SecurityAssociation, TrafficSelector;
-const O: Number;
-const SA1 ,SA2, SA3: SecurityAssociation;
-const TSi, TSr: TrafficSelector;
-
-/**
- * This role serves as an "oracle" to ensure the executability of the
- * protocol by taking care of the problems that arise from our way of
- * modelling Diffie-Hellman keys.
- */
-protocol @executability(E) {
-#define Gi g(i)
-#define Gr g(r)
- role E {
- var i, r, Ni, Nr, SPIi, SPIr: Nonce;
- var I, R: Agent;
-
- // msg 3
- recv_!E1( E, E, {I, R, AUTHii, SA2, TSi, TSr}SKi );
- send_!E2( E, E, {I, R, AUTHir, SA2, TSi, TSr}SKr );
-
- // msg 4
- recv_!E3( E, E, {R, AUTHrr, SA2, TSi, TSr}SKr );
- send_!E4( E, E, {R, AUTHri, SA2, TSi, TSr}SKi );
-
- }
-#undef Gi
-#undef Gr
-}
-
-
-protocol ikev2-sigtomac(I, R)
-{
- role I {
- fresh i, Ni, SPIi: Nonce;
- var Nr, SPIr: Nonce;
- var Gr: Ticket;
-
-
- /* IKE_SA_INIT */
- send_1( I, R, SPIi, O, SA1, g(i), Ni );
- recv_2( R, I, SPIi, SPIr, SA1, Gr, Nr );
-
- /* IKE_AUTH */
- claim( I, Running, R,g(i),Gr,Ni,Nr );
- send_!3( I, R, SPIi, SPIr, {I, R, AUTHii, SA2, TSi, TSr}SKi );
- recv_!4( R, I, SPIi, SPIr, {R, AUTHri, SA2, TSi, TSr}SKi );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R,g(i),Gr,Ni,Nr );
-
- }
-
- role R {
- fresh r, Nr, SPIr: Nonce;
- var Ni, SPIi: Nonce;
- var Gi: Ticket;
-
-
- /* IKE_SA_INIT */
- recv_1( I, R, SPIi, O, SA1, Gi, Ni );
- send_2( R, I, SPIi, SPIr, SA1, g(r), Nr );
-
- /* IKE_AUTH */
- recv_!3( I, R, SPIi, SPIr, {I, R, AUTHir, SA2, TSi, TSr}SKr );
- claim( R, Running, I,Gi,g(r),Ni,Nr );
- send_!4( R, I, SPIi, SPIr, {R, AUTHrr, SA2, TSi, TSr}SKr );
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I,Gi,g(r),Ni,Nr );
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sigtomac.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sigtomac.spdl
deleted file mode 100644
index 9d40a3aa671881fe22f6129fc8a113c0356db322..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sigtomac.spdl
+++ /dev/null
@@ -1,132 +0,0 @@
-# 1 "ikev2-sigtomac.cpp"
-# 1 "<command-line>"
-# 1 "ikev2-sigtomac.cpp"
-# 16 "ikev2-sigtomac.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-# 43 "common.h"
-hashfunction MAC;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-# 132 "common.h"
- var SPIi, SPIr: Nonce;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
- send_!SWAP2( SWAP, SWAP, KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
-
- }
-
-
-}
-# 17 "ikev2-sigtomac.cpp" 2
-# 25 "ikev2-sigtomac.cpp"
-usertype Number, SecurityAssociation, TrafficSelector;
-const O: Number;
-const SA1 ,SA2, SA3: SecurityAssociation;
-const TSi, TSr: TrafficSelector;
-
-
-
-
-
-
-protocol @executability(E) {
-
-
- role E {
- var i, r, Ni, Nr, SPIi, SPIr: Nonce;
- var I, R: Agent;
-
-
- recv_!E1( E, E, {I, R, {SPIi, O, SA1, g(i), Ni, Nr, prf(KDF(Ni,Nr,h(g(r),i),SPIi,SPIr), I)}sk(I), SA2, TSi, TSr}KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
- send_!E2( E, E, {I, R, {SPIi, O, SA1, g(i), Ni, Nr, prf(KDF(Ni,Nr,h(g(i),r),SPIi,SPIr), I)}sk(I), SA2, TSi, TSr}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
-
-
- recv_!E3( E, E, {R, MAC(k(R,I), SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(g(i),r),SPIi,SPIr), R)), SA2, TSi, TSr}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
- send_!E4( E, E, {R, MAC(k(I,R), SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(g(r),i),SPIi,SPIr), R)), SA2, TSi, TSr}KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
-
- }
-
-
-}
-
-
-protocol ikev2-sigtomac(I, R)
-{
- role I {
- fresh i, Ni, SPIi: Nonce;
- var Nr, SPIr: Nonce;
- var Gr: Ticket;
-
-
-
- send_1( I, R, SPIi, O, SA1, g(i), Ni );
- recv_2( R, I, SPIi, SPIr, SA1, Gr, Nr );
-
-
- claim( I, Running, R,g(i),Gr,Ni,Nr );
- send_!3( I, R, SPIi, SPIr, {I, R, {SPIi, O, SA1, g(i), Ni, Nr, prf(KDF(Ni,Nr,h(Gr,i),SPIi,SPIr), I)}sk(I), SA2, TSi, TSr}KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
- recv_!4( R, I, SPIi, SPIr, {R, MAC(k(I,R), SPIi, SPIr, SA1, Gr, Nr, Ni, prf(KDF(Ni,Nr,h(Gr,i),SPIi,SPIr), R)), SA2, TSi, TSr}KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
-
-
- claim( I, SKR, KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R,g(i),Gr,Ni,Nr );
-
- }
-
- role R {
- fresh r, Nr, SPIr: Nonce;
- var Ni, SPIi: Nonce;
- var Gi: Ticket;
-
-
-
- recv_1( I, R, SPIi, O, SA1, Gi, Ni );
- send_2( R, I, SPIi, SPIr, SA1, g(r), Nr );
-
-
- recv_!3( I, R, SPIi, SPIr, {I, R, {SPIi, O, SA1, Gi, Ni, Nr, prf(KDF(Ni,Nr,h(Gi,r),SPIi,SPIr), I)}sk(I), SA2, TSi, TSr}KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
- claim( R, Running, I,Gi,g(r),Ni,Nr );
- send_!4( R, I, SPIi, SPIr, {R, MAC(k(R,I), SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(Gi,r),SPIi,SPIr), R)), SA2, TSi, TSr}KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
-
-
- claim( R, SKR, KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I,Gi,g(r),Ni,Nr );
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sigtomac2.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sigtomac2.cpp
deleted file mode 100644
index bccbab30ec606cf5e01de1091177bebcbd3e5d27..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sigtomac2.cpp
+++ /dev/null
@@ -1,104 +0,0 @@
-/**********************************************************************
- * @protocol Internet Key Exchange Protocol (IKEv2)
- * @reference RFC 4306
- * @variant Initiator authenticates itself using digital signatures
- * while responder uses message authentication codes.
- * Excludes optional payloads
- **********************************************************************/
-
-/**
- * MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
- */
-
-#define __IKEV2__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-#define AUTHii {SPIi, O, SA1, g(i), Ni, Nr, prf(SKi, I)}sk(I)
-#define AUTHir {SPIi, O, SA1, Gi, Ni, Nr, prf(SKr, I)}sk(I)
-#define AUTHri MAC(k(I,R), SPIi, SPIr, SA1, Gr, Nr, Ni, prf(SKi, R))
-#define AUTHrr MAC(k(R,I), SPIi, SPIr, SA1, g(r), Nr, Ni, prf(SKr, R))
-
-
-usertype Number, SecurityAssociation, TrafficSelector;
-const O: Number;
-const SA1 ,SA2, SA3: SecurityAssociation;
-const TSi, TSr: TrafficSelector;
-
-/**
- * This role serves as an "oracle" to ensure the executability of the
- * protocol by taking care of the problems that arise from our way of
- * modelling Diffie-Hellman keys.
- */
-protocol @executability(E) {
-#define Gi g(i)
-#define Gr g(r)
- role E {
- var i, r, Ni, Nr, SPIi, SPIr: Nonce;
- var I, R: Agent;
-
- // msg 3
- recv_!E1( E, E, {I, AUTHii, SA2, TSi, TSr}SKi );
- send_!E2( E, E, {I, AUTHir, SA2, TSi, TSr}SKr );
-
- // msg 4
- recv_!E3( E, E, {R, AUTHrr, SA2, TSi, TSr}SKr );
- send_!E4( E, E, {R, AUTHri, SA2, TSi, TSr}SKi );
-
- }
-#undef Gi
-#undef Gr
-}
-
-
-protocol ikev2-sigtomac2(I, R)
-{
- role I {
- fresh i, Ni, SPIi: Nonce;
- var Nr, SPIr: Nonce;
- var Gr: Ticket;
-
-
- /* IKE_SA_INIT */
- send_1( I, R, SPIi, O, SA1, g(i), Ni );
- recv_2( R, I, SPIi, SPIr, SA1, Gr, Nr );
-
- /* IKE_AUTH */
- claim( I, Running, R,g(i),Gr,Ni,Nr );
- send_!3( I, R, SPIi, SPIr, {I, AUTHii, SA2, TSi, TSr}SKi );
- recv_!4( R, I, SPIi, SPIr, {R, AUTHri, SA2, TSi, TSr}SKi );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R,g(i),Gr,Ni,Nr );
-
- }
-
- role R {
- fresh r, Nr, SPIr: Nonce;
- var Ni, SPIi: Nonce;
- var Gi: Ticket;
-
-
- /* IKE_SA_INIT */
- recv_1( I, R, SPIi, O, SA1, Gi, Ni );
- send_2( R, I, SPIi, SPIr, SA1, g(r), Nr );
-
- /* IKE_AUTH */
- recv_!3( I, R, SPIi, SPIr, {I, AUTHir, SA2, TSi, TSr}SKr );
- claim( R, Running, I,Gi,g(r),Ni,Nr );
- send_!4( R, I, SPIi, SPIr, {R, AUTHrr, SA2, TSi, TSr}SKr );
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I,Gi,g(r),Ni,Nr );
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sigtomac2.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sigtomac2.spdl
deleted file mode 100644
index 99ad18caf94b8ef51dad27d68845233c3e32bf83..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/ikev2-sigtomac2.spdl
+++ /dev/null
@@ -1,132 +0,0 @@
-# 1 "ikev2-sigtomac2.cpp"
-# 1 "<command-line>"
-# 1 "ikev2-sigtomac2.cpp"
-# 16 "ikev2-sigtomac2.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-# 43 "common.h"
-hashfunction MAC;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-# 132 "common.h"
- var SPIi, SPIr: Nonce;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
- send_!SWAP2( SWAP, SWAP, KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
-
- }
-
-
-}
-# 17 "ikev2-sigtomac2.cpp" 2
-# 25 "ikev2-sigtomac2.cpp"
-usertype Number, SecurityAssociation, TrafficSelector;
-const O: Number;
-const SA1 ,SA2, SA3: SecurityAssociation;
-const TSi, TSr: TrafficSelector;
-
-
-
-
-
-
-protocol @executability(E) {
-
-
- role E {
- var i, r, Ni, Nr, SPIi, SPIr: Nonce;
- var I, R: Agent;
-
-
- recv_!E1( E, E, {I, {SPIi, O, SA1, g(i), Ni, Nr, prf(KDF(Ni,Nr,h(g(r),i),SPIi,SPIr), I)}sk(I), SA2, TSi, TSr}KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
- send_!E2( E, E, {I, {SPIi, O, SA1, g(i), Ni, Nr, prf(KDF(Ni,Nr,h(g(i),r),SPIi,SPIr), I)}sk(I), SA2, TSi, TSr}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
-
-
- recv_!E3( E, E, {R, MAC(k(R,I), SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(g(i),r),SPIi,SPIr), R)), SA2, TSi, TSr}KDF(Ni,Nr,h(g(i),r),SPIi,SPIr) );
- send_!E4( E, E, {R, MAC(k(I,R), SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(g(r),i),SPIi,SPIr), R)), SA2, TSi, TSr}KDF(Ni,Nr,h(g(r),i),SPIi,SPIr) );
-
- }
-
-
-}
-
-
-protocol ikev2-sigtomac2(I, R)
-{
- role I {
- fresh i, Ni, SPIi: Nonce;
- var Nr, SPIr: Nonce;
- var Gr: Ticket;
-
-
-
- send_1( I, R, SPIi, O, SA1, g(i), Ni );
- recv_2( R, I, SPIi, SPIr, SA1, Gr, Nr );
-
-
- claim( I, Running, R,g(i),Gr,Ni,Nr );
- send_!3( I, R, SPIi, SPIr, {I, {SPIi, O, SA1, g(i), Ni, Nr, prf(KDF(Ni,Nr,h(Gr,i),SPIi,SPIr), I)}sk(I), SA2, TSi, TSr}KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
- recv_!4( R, I, SPIi, SPIr, {R, MAC(k(I,R), SPIi, SPIr, SA1, Gr, Nr, Ni, prf(KDF(Ni,Nr,h(Gr,i),SPIi,SPIr), R)), SA2, TSi, TSr}KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
-
-
- claim( I, SKR, KDF(Ni,Nr,h(Gr,i),SPIi,SPIr) );
-
- claim( I, Alive );
- claim( I, Weakagree );
- claim( I, Commit, R,g(i),Gr,Ni,Nr );
-
- }
-
- role R {
- fresh r, Nr, SPIr: Nonce;
- var Ni, SPIi: Nonce;
- var Gi: Ticket;
-
-
-
- recv_1( I, R, SPIi, O, SA1, Gi, Ni );
- send_2( R, I, SPIi, SPIr, SA1, g(r), Nr );
-
-
- recv_!3( I, R, SPIi, SPIr, {I, {SPIi, O, SA1, Gi, Ni, Nr, prf(KDF(Ni,Nr,h(Gi,r),SPIi,SPIr), I)}sk(I), SA2, TSi, TSr}KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
- claim( R, Running, I,Gi,g(r),Ni,Nr );
- send_!4( R, I, SPIi, SPIr, {R, MAC(k(R,I), SPIi, SPIr, SA1, g(r), Nr, Ni, prf(KDF(Ni,Nr,h(Gi,r),SPIi,SPIr), R)), SA2, TSi, TSr}KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
-
-
- claim( R, SKR, KDF(Ni,Nr,h(Gi,r),SPIi,SPIr) );
-
- claim( R, Alive );
- claim( R, Weakagree );
- claim( R, Commit, I,Gi,g(r),Ni,Nr );
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/jfki-core.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/jfki-core.cpp
deleted file mode 100644
index d6c2abf2848839157b157f5be77311331971a034..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/jfki-core.cpp
+++ /dev/null
@@ -1,54 +0,0 @@
-/** HEADDOC
- * @protocol Just Fast Keying
- * @reference Aiello et al., Just Fast Keying: Key Agreement In A Hostile
- * Internet
- * @description
- * @variant Core cryptographic protocol of JFKi
-**/
-
-
-/** MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
-**/
-#define __JFK_CORE__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-
-protocol jfki-core(I, R)
-{
- role I {
- fresh i, Ni: Nonce;
- var Nr: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, Ni, I, g(i) );
- recv_2( R, I, Nr, Ni, R, Gr, {Nr, Ni, Gr, g(i), I}sk(R) );
- send_3( I, R, Nr, Ni, {Nr, Ni, Gr, g(i), R}sk(I) );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
-
- }
-
- role R {
- fresh r, Nr: Nonce;
- var Ni: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Ni, I, Gi );
- send_2( R, I, Nr, Ni, R, g(r), {Nr, Ni, g(r), Gi, I}sk(R) );
- recv_3( I, R, Nr, Ni, {Nr, Ni, g(r), Gi, R}sk(I) );
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
-
- claim( R, Alive );
- claim( R, Weakagree );
-
- }
-}
\ No newline at end of file
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/jfki-core.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/jfki-core.spdl
deleted file mode 100644
index 2517cbff0410ab9a91c8d82870593cdfaddaa5a8..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/jfki-core.spdl
+++ /dev/null
@@ -1,88 +0,0 @@
-# 1 "jfki-core.cpp"
-# 1 "<command-line>"
-# 1 "jfki-core.cpp"
-# 15 "jfki-core.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-# 60 "common.h"
-hashfunction H;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, KDF(h(g(r),i), Ni, Nr) );
- send_!SWAP2( SWAP, SWAP, KDF(h(g(i),r), Ni, Nr) );
-
- }
-
-
-}
-# 16 "jfki-core.cpp" 2
-
-
-
-protocol jfki-core(I, R)
-{
- role I {
- fresh i, Ni: Nonce;
- var Nr: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, Ni, I, g(i) );
- recv_2( R, I, Nr, Ni, R, Gr, {Nr, Ni, Gr, g(i), I}sk(R) );
- send_3( I, R, Nr, Ni, {Nr, Ni, Gr, g(i), R}sk(I) );
-
-
- claim( I, SKR, KDF(h(Gr,i), Ni, Nr) );
-
- claim( I, Alive );
- claim( I, Weakagree );
-
- }
-
- role R {
- fresh r, Nr: Nonce;
- var Ni: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Ni, I, Gi );
- send_2( R, I, Nr, Ni, R, g(r), {Nr, Ni, g(r), Gi, I}sk(R) );
- recv_3( I, R, Nr, Ni, {Nr, Ni, g(r), Gi, R}sk(I) );
-
-
- claim( R, SKR, KDF(h(Gi,r), Ni, Nr) );
-
- claim( R, Alive );
- claim( R, Weakagree );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/jfki.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/jfki.cpp
deleted file mode 100644
index 5b000f9331eaae3cf887df53bac515a404e62842..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/jfki.cpp
+++ /dev/null
@@ -1,84 +0,0 @@
-/** HEADDOC
- * @protocol Just Fast Keying
- * @reference Aiello et al., Just Fast Keying: Key Agreement In A Hostile
- * Internet
- * @description
- * @variant Initiatior is identity protected
-**/
-
-
-/** MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
-**/
-#define __JFK__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-/**
- * This role serves as an "oracle" to ensure the executability of the
- * protocol by taking care of the problems that arise from our way of
- * modelling Diffie-Hellman keys.
- */
-protocol @executability(O) {
-#define Gi g(i)
-#define Gr g(r)
- role O {
- var i, r, Ni, Nr, SAi, SAr: Nonce;
- var I, R: Agent;
-
- // msg 3
- recv_!O1( O, O, {I, SAi, {H(Ni), Nr, g(i), Gr, R, SAi}sk(I)}SKi );
- send_!O2( O, O, {I, SAi, {H(Ni), Nr, g(i), Gr, R, SAi}sk(I)}SKr );
-
- // msg 4
- recv_!O3( O, O, {{H(Ni), Nr, g(i), Gr, I, SAi, SAr}sk(R), SAr}SKr );
- send_!O4( O, O, {{H(Ni), Nr, g(i), Gr, I, SAi, SAr}sk(R), SAr}SKi );
-
- }
-#undef Gi
-#undef Gr
-}
-
-
-// Abstractions: no grpinfo, no MAC(ENC(M)), no ID_R', no IPi
-protocol jfki(I, R)
-{
- role I {
- fresh i, Ni, SAi: Nonce;
- var Nr, SAr: Nonce;
- var Gr, TH: Ticket;
-
- send_1( I, R, H(Ni), g(i) );
- recv_2( R, I, H(Ni), Nr, Gr, R, {Gr}sk(R), TH );
- send_!3( I, R, Ni, Nr, g(i), Gr, TH, {I, SAi, {H(Ni), Nr, g(i), Gr, R, SAi}sk(I)}SKi );
- recv_!4( R, I, {{H(Ni), Nr, g(i), Gr, I, SAi, SAr}sk(R), SAr}SKi );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
-
- }
-
- role R {
- fresh r, Nr, SAr, HKr: Nonce;
- var Ni, SAi: Nonce;
- var Gi, HNi: Ticket;
-
- recv_1( I, R, HNi, Gi );
- send_2( R, I, HNi, Nr, g(r), R, {g(r)}sk(R), H(HKr, g(r), Nr, HNi) );
- // Note: if R can receive H(HKr, g(r), Nr, H(Ni)) then HNi=H(Ni)
- recv_!3( I, R, Ni, Nr, Gi, g(r), H(HKr, g(r), Nr, H(Ni)), {I, SAi, {H(Ni), Nr, Gi, g(r), R, SAi}sk(I)}SKr );
- send_!4( R, I, {{H(Ni), Nr, Gi, g(r), I, SAi, SAr}sk(R), SAr}SKr );
-
- /* SECURITY CLAIMS */
- claim( R, Secret, HKr );
- claim( R, SKR, SKr );
-
- claim( R, Alive );
- claim( R, Weakagree );
-
- }
-}
\ No newline at end of file
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/jfki.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/jfki.spdl
deleted file mode 100644
index d3855434638b2bc7acc8b485affea9888d3c3203..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/jfki.spdl
+++ /dev/null
@@ -1,118 +0,0 @@
-# 1 "jfki.cpp"
-# 1 "<command-line>"
-# 1 "jfki.cpp"
-# 15 "jfki.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-# 66 "common.h"
-hashfunction H;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, KDF(h(g(r),i), H(Ni), Nr) );
- send_!SWAP2( SWAP, SWAP, KDF(h(g(i),r), H(Ni), Nr) );
-
- }
-
-
-}
-# 16 "jfki.cpp" 2
-
-
-
-
-
-
-
-protocol @executability(O) {
-
-
- role O {
- var i, r, Ni, Nr, SAi, SAr: Nonce;
- var I, R: Agent;
-
-
- recv_!O1( O, O, {I, SAi, {H(Ni), Nr, g(i), g(r), R, SAi}sk(I)}KDF(h(g(r),i), H(Ni), Nr) );
- send_!O2( O, O, {I, SAi, {H(Ni), Nr, g(i), g(r), R, SAi}sk(I)}KDF(h(g(i),r), H(Ni), Nr) );
-
-
- recv_!O3( O, O, {{H(Ni), Nr, g(i), g(r), I, SAi, SAr}sk(R), SAr}KDF(h(g(i),r), H(Ni), Nr) );
- send_!O4( O, O, {{H(Ni), Nr, g(i), g(r), I, SAi, SAr}sk(R), SAr}KDF(h(g(r),i), H(Ni), Nr) );
-
- }
-
-
-}
-
-
-
-protocol jfki(I, R)
-{
- role I {
- fresh i, Ni, SAi: Nonce;
- var Nr, SAr: Nonce;
- var Gr, TH: Ticket;
-
- send_1( I, R, H(Ni), g(i) );
- recv_2( R, I, H(Ni), Nr, Gr, R, {Gr}sk(R), TH );
- send_!3( I, R, Ni, Nr, g(i), Gr, TH, {I, SAi, {H(Ni), Nr, g(i), Gr, R, SAi}sk(I)}KDF(h(Gr,i), H(Ni), Nr) );
- recv_!4( R, I, {{H(Ni), Nr, g(i), Gr, I, SAi, SAr}sk(R), SAr}KDF(h(Gr,i), H(Ni), Nr) );
-
-
- claim( I, SKR, KDF(h(Gr,i), H(Ni), Nr) );
-
- claim( I, Alive );
- claim( I, Weakagree );
-
- }
-
- role R {
- fresh r, Nr, SAr, HKr: Nonce;
- var Ni, SAi: Nonce;
- var Gi, HNi: Ticket;
-
- recv_1( I, R, HNi, Gi );
- send_2( R, I, HNi, Nr, g(r), R, {g(r)}sk(R), H(HKr, g(r), Nr, HNi) );
-
- recv_!3( I, R, Ni, Nr, Gi, g(r), H(HKr, g(r), Nr, H(Ni)), {I, SAi, {H(Ni), Nr, Gi, g(r), R, SAi}sk(I)}KDF(h(Gi,r), H(Ni), Nr) );
- send_!4( R, I, {{H(Ni), Nr, Gi, g(r), I, SAi, SAr}sk(R), SAr}KDF(h(Gi,r), H(Ni), Nr) );
-
-
- claim( R, Secret, HKr );
- claim( R, SKR, KDF(h(Gi,r), H(Ni), Nr) );
-
- claim( R, Alive );
- claim( R, Weakagree );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/jfkr-core.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/jfkr-core.cpp
deleted file mode 100644
index 500a8bbec675ea6e3fc40c9b254342b1613b3564..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/jfkr-core.cpp
+++ /dev/null
@@ -1,78 +0,0 @@
-/** HEADDOC
- * @protocol Just Fast Keying
- * @reference Aiello et al., Just Fast Keying: Key Agreement In A Hostile
- * Internet
- * @description
- * @variant Core cryptographic protocol of JFKr
-**/
-
-
-/** MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
-**/
-#define __JFK_CORE__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-/**
- * This role serves as an "oracle" to ensure the executability of the
- * protocol by taking care of the problems that arise from our way of
- * modelling Diffie-Hellman keys.
- */
-protocol @executability(O) {
-#define Gi g(i)
-#define Gr g(r)
- role O {
- var i, r, Ni, Nr: Nonce;
- var I, R: Agent;
-
- // msg 3
- recv_!O1( O, O, H(SKr, Nr, Ni, R) );
- send_!O2( O, O, H(SKi, Nr, Ni, R) );
-
- // msg 4
- recv_!O3( O, O, H(SKi, Nr, Ni, I) );
- send_!O4( O, O, H(SKr, Nr, Ni, I) );
-
- }
-#undef Gi
-#undef Gr
-}
-
-
-// Abstractions: same key for ENC, MAC
-protocol jfkr-core(I, R)
-{
- role I {
- fresh i, Ni: Nonce;
- var Nr, Gr: Ticket;
-
- send_1( I, R, Ni, g(i) );
- recv_!2( R, I, Nr, Ni, R, Gr, {Nr, Ni, Gr, g(i)}sk(R), H(SKi, Nr, Ni, R) );
- send_!3( I, R, Nr, Ni, I, {Nr, Ni, Gr, g(i)}sk(I), H(SKi, Nr, Ni, I) );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
-
- }
-
- role R {
- fresh r, Nr: Nonce;
- var Ni, Gi: Ticket;
-
- recv_1( I, R, Ni, Gi );
- send_!2( R, I, Nr, Ni, R, g(r), {Nr, Ni, g(r), Gi}sk(R), H(SKr, Nr, Ni, R) );
- recv_!3( I, R, Nr, Ni, I, {Nr, Ni, g(r), Gi}sk(I), H(SKr, Nr, Ni, I) );
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
-
- claim( R, Alive );
- claim( R, Weakagree );
-
- }
-}
\ No newline at end of file
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/jfkr-core.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/jfkr-core.spdl
deleted file mode 100644
index adce573c412e0095b6793a4cd6de30fb4308fa3f..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/jfkr-core.spdl
+++ /dev/null
@@ -1,112 +0,0 @@
-# 1 "jfkr-core.cpp"
-# 1 "<command-line>"
-# 1 "jfkr-core.cpp"
-# 15 "jfkr-core.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-# 60 "common.h"
-hashfunction H;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, KDF(h(g(r),i), Ni, Nr) );
- send_!SWAP2( SWAP, SWAP, KDF(h(g(i),r), Ni, Nr) );
-
- }
-
-
-}
-# 16 "jfkr-core.cpp" 2
-
-
-
-
-
-
-
-protocol @executability(O) {
-
-
- role O {
- var i, r, Ni, Nr: Nonce;
- var I, R: Agent;
-
-
- recv_!O1( O, O, H(KDF(h(g(i),r), Ni, Nr), Nr, Ni, R) );
- send_!O2( O, O, H(KDF(h(g(r),i), Ni, Nr), Nr, Ni, R) );
-
-
- recv_!O3( O, O, H(KDF(h(g(r),i), Ni, Nr), Nr, Ni, I) );
- send_!O4( O, O, H(KDF(h(g(i),r), Ni, Nr), Nr, Ni, I) );
-
- }
-
-
-}
-
-
-
-protocol jfkr-core(I, R)
-{
- role I {
- fresh i, Ni: Nonce;
- var Nr, Gr: Ticket;
-
- send_1( I, R, Ni, g(i) );
- recv_!2( R, I, Nr, Ni, R, Gr, {Nr, Ni, Gr, g(i)}sk(R), H(KDF(h(Gr,i), Ni, Nr), Nr, Ni, R) );
- send_!3( I, R, Nr, Ni, I, {Nr, Ni, Gr, g(i)}sk(I), H(KDF(h(Gr,i), Ni, Nr), Nr, Ni, I) );
-
-
- claim( I, SKR, KDF(h(Gr,i), Ni, Nr) );
-
- claim( I, Alive );
- claim( I, Weakagree );
-
- }
-
- role R {
- fresh r, Nr: Nonce;
- var Ni, Gi: Ticket;
-
- recv_1( I, R, Ni, Gi );
- send_!2( R, I, Nr, Ni, R, g(r), {Nr, Ni, g(r), Gi}sk(R), H(KDF(h(Gi,r), Ni, Nr), Nr, Ni, R) );
- recv_!3( I, R, Nr, Ni, I, {Nr, Ni, g(r), Gi}sk(I), H(KDF(h(Gi,r), Ni, Nr), Nr, Ni, I) );
-
-
- claim( R, SKR, KDF(h(Gi,r), Ni, Nr) );
-
- claim( R, Alive );
- claim( R, Weakagree );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/jfkr.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/jfkr.cpp
deleted file mode 100644
index fbe85d312d5d36db80842e7b4e732778cf7dd901..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/jfkr.cpp
+++ /dev/null
@@ -1,83 +0,0 @@
-/** HEADDOC
- * @protocol Just Fast Keying
- * @reference Aiello et al., Just Fast Keying: Key Agreement In A Hostile
- * Internet
- * @description
- * @variant Responder is identity protected
-**/
-
-
-/** MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
-**/
-#define __JFK__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-/**
- * This role serves as an "oracle" to ensure the executability of the
- * protocol by taking care of the problems that arise from our way of
- * modelling Diffie-Hellman keys.
- */
-protocol @executability(O) {
-#define Gi g(i)
-#define Gr g(r)
- role O {
- var i, r, Ni, Nr, SAi, SAr: Nonce;
- var I, R: Agent;
-
- // msg 3
- recv_!O1( O, O, {I, SAi, {H(Ni), Nr, g(i), Gr}sk(I)}SKi );
- send_!O2( O, O, {I, SAi, {H(Ni), Nr, g(i), Gr}sk(I)}SKr );
-
- // msg 4
- recv_!O3( O, O, {R, SAr, {Gr, Nr, g(i), H(Ni)}sk(R)}SKr );
- send_!O4( O, O, {R, SAr, {Gr, Nr, g(i), H(Ni)}sk(R)}SKi );
-
- }
-#undef Gi
-#undef Gr
-}
-
-
-// Abstractions: no grpinfo, no MAC(ENC(M)), no ID_R', no IPi
-protocol jfkr(I, R)
-{
- role I {
- fresh i, Ni, SAi: Nonce;
- var Nr, SAr: Nonce;
- var Gr, TH: Ticket;
-
- send_1( I, R, H(Ni), g(i) );
- recv_2( R, I, H(Ni), Nr, Gr, TH );
- send_!3( I, R, Ni, Nr, g(i), Gr, TH, {I, SAi, {H(Ni), Nr, g(i), Gr}sk(I)}SKi );
- recv_!4( R, I, {R, SAr, {Gr, Nr, g(i), H(Ni)}sk(R)}SKi );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
-
- }
-
- role R {
- fresh r, Nr, SAr, HKr: Nonce;
- var Ni, SAi: Nonce;
- var Gi, HNi: Ticket;
-
- recv_1( I, R, HNi, Gi );
- send_2( R, I, HNi, Nr, g(r), H(HKr, g(r), Nr, HNi) );
- recv_!3( I, R, Ni, Nr, Gi, g(r), H(HKr, g(r), Nr, H(Ni)), {I, SAi, {H(Ni), Nr, Gi, g(r)}sk(I)}SKr );
- send_!4( R, I, {R, SAr, {g(r), Nr, Gi, H(Ni)}sk(R)}SKr );
-
- /* SECURITY CLAIMS */
- claim( R, Secret, HKr );
- claim( R, SKR, SKr );
-
- claim( R, Alive );
- claim( R, Weakagree );
-
- }
-}
\ No newline at end of file
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/jfkr.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/jfkr.spdl
deleted file mode 100644
index 6e5e3e22e6324fa0411884a9faee45a9841627a9..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/jfkr.spdl
+++ /dev/null
@@ -1,117 +0,0 @@
-# 1 "jfkr.cpp"
-# 1 "<command-line>"
-# 1 "jfkr.cpp"
-# 15 "jfkr.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-# 66 "common.h"
-hashfunction H;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, KDF(h(g(r),i), H(Ni), Nr) );
- send_!SWAP2( SWAP, SWAP, KDF(h(g(i),r), H(Ni), Nr) );
-
- }
-
-
-}
-# 16 "jfkr.cpp" 2
-
-
-
-
-
-
-
-protocol @executability(O) {
-
-
- role O {
- var i, r, Ni, Nr, SAi, SAr: Nonce;
- var I, R: Agent;
-
-
- recv_!O1( O, O, {I, SAi, {H(Ni), Nr, g(i), g(r)}sk(I)}KDF(h(g(r),i), H(Ni), Nr) );
- send_!O2( O, O, {I, SAi, {H(Ni), Nr, g(i), g(r)}sk(I)}KDF(h(g(i),r), H(Ni), Nr) );
-
-
- recv_!O3( O, O, {R, SAr, {g(r), Nr, g(i), H(Ni)}sk(R)}KDF(h(g(i),r), H(Ni), Nr) );
- send_!O4( O, O, {R, SAr, {g(r), Nr, g(i), H(Ni)}sk(R)}KDF(h(g(r),i), H(Ni), Nr) );
-
- }
-
-
-}
-
-
-
-protocol jfkr(I, R)
-{
- role I {
- fresh i, Ni, SAi: Nonce;
- var Nr, SAr: Nonce;
- var Gr, TH: Ticket;
-
- send_1( I, R, H(Ni), g(i) );
- recv_2( R, I, H(Ni), Nr, Gr, TH );
- send_!3( I, R, Ni, Nr, g(i), Gr, TH, {I, SAi, {H(Ni), Nr, g(i), Gr}sk(I)}KDF(h(Gr,i), H(Ni), Nr) );
- recv_!4( R, I, {R, SAr, {Gr, Nr, g(i), H(Ni)}sk(R)}KDF(h(Gr,i), H(Ni), Nr) );
-
-
- claim( I, SKR, KDF(h(Gr,i), H(Ni), Nr) );
-
- claim( I, Alive );
- claim( I, Weakagree );
-
- }
-
- role R {
- fresh r, Nr, SAr, HKr: Nonce;
- var Ni, SAi: Nonce;
- var Gi, HNi: Ticket;
-
- recv_1( I, R, HNi, Gi );
- send_2( R, I, HNi, Nr, g(r), H(HKr, g(r), Nr, HNi) );
- recv_!3( I, R, Ni, Nr, Gi, g(r), H(HKr, g(r), Nr, H(Ni)), {I, SAi, {H(Ni), Nr, Gi, g(r)}sk(I)}KDF(h(Gi,r), H(Ni), Nr) );
- send_!4( R, I, {R, SAr, {g(r), Nr, Gi, H(Ni)}sk(R)}KDF(h(Gi,r), H(Ni), Nr) );
-
-
- claim( R, Secret, HKr );
- claim( R, SKR, KDF(h(Gi,r), H(Ni), Nr) );
-
- claim( R, Alive );
- claim( R, Weakagree );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/make-mpa.py b/Vagrant Files/shared/scyther/Protocols/IKE/make-mpa.py
deleted file mode 100644
index c75984d96c89017da2fca1df4e10f9e4e5dfc900..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/make-mpa.py
+++ /dev/null
@@ -1,63 +0,0 @@
-#!/usr/bin/env python
-
-import os
-
-def getProtocolFiles(path=".",extension=""):
- allfiles = os.listdir(path)
- spfl = []
- for fn in allfiles:
- if fn.endswith(extension):
- spfl.append(fn)
- return spfl
-
-def scanThis(fn,f,rewritelist,cnt):
-
- s = ""
- mapping = []
- for lhs in rewritelist:
- rhs = "%s%i" % (lhs,cnt)
- mapping.append((lhs,rhs))
-
- fp = open(fn,"r")
- for rl in fp.xreadlines():
- l = rl
- if f != None:
- l = f(l)
- for (lhs,rhs) in mapping:
- l = l.replace(lhs,rhs)
- s = s + l
- fp.close()
- return s
-
-def convertEm(f=None,path=".",rewritelist=[],newdir=".",oldext="",newext=None):
- fl = getProtocolFiles(path=path,extension=oldext)
- cnt = 1
- for fn in fl:
- ffn = os.path.join(path,fn)
- print "Processing",ffn
- s = scanThis(ffn,f,rewritelist,cnt)
- if newext == None:
- fn2 = fn
- else:
- fn2 = fn.replace(oldext,newext)
- ffn2 = os.path.join(newdir,fn2)
- fp = open(ffn2,"w")
- fp.write(s)
- fp.close()
- print "Produced",ffn2
- cnt = cnt+1
-
-def preprocess(s):
- s = s.replace("@oracle","@OracleA")
- s = s.replace("@ora ", "@OracleB ")
- s = s.replace("@ora(", "@OracleB(")
- return s
-
-def main():
- convertEm(f=preprocess,rewritelist=["@OracleA","@executability","@OracleB"],path=".",newdir="mpa",oldext=".spdl")
- print "Done."
-
-if __name__ == '__main__':
- main()
-
-
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/mpa/README.txt b/Vagrant Files/shared/scyther/Protocols/IKE/mpa/README.txt
deleted file mode 100644
index 91e5266485a63f369eee8f773e8345da14f015cf..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/mpa/README.txt
+++ /dev/null
@@ -1,6 +0,0 @@
-This directory is filled by the script
-
-`../make-mpa.py`
-
-It takes the `.spdl` files from the `..` directory and prepares them for
-multi-protocol analysis.
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/oakley-a.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/oakley-a.cpp
deleted file mode 100644
index 84db6b085796d3e12515c397d02fbc36edc1a7af..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/oakley-a.cpp
+++ /dev/null
@@ -1,60 +0,0 @@
-/**
- * @protocol OAKLEY
- * @reference RFC 2412,
- * Boyd C. and Mathuria A., Protocols for Authentication and
- * Key Agreement
- * @description OAKLEY is related to STS and allows for shared key
- * determination via authenticated Diffie-Hellman exchanges and
- * provides perfect forward secrecy for the shared key.
- * @variant Aggressive mode
-**/
-
-
-/** MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
-**/
-#define __OAKLEY__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-
-usertype String;
-const list, algo: String;
-
-protocol oakley-a(I, R)
-{
- role I {
- fresh i, Ni, Ci: Nonce;
- var Nr, Cr: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, Ci, g(i), list, I, R, Ni, {I, R, Ni, g(i), list}sk(I) );
- recv_2( R, I, Cr, Ci, Gr, algo, R, I, Nr, Ni, {R, I, Nr, Ni, g(i), Gr, algo}sk(R) );
- send_3( I, R, Ci, Cr, g(i), algo, I, R, Ni, Nr, {I, R, Ni, Nr, g(i), Gr, algo}sk(I) );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Ci, Gi, list, I, R, Ni, {I, R, Ni, Gi, list}sk(I) );
- send_2( R, I, Cr, Ci, g(r), algo, R, I, Nr, Ni, {R, I, Nr, Ni, Gi, g(r), algo}sk(R) );
- recv_3( I, R, Ci, Cr, Gi, algo, I, R, Ni, Nr, {I, R, Ni, Nr, Gi, g(r), algo}sk(I) );
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
-
- claim( R, Alive );
- claim( R, Weakagree );
-
- }
-}
\ No newline at end of file
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/oakley-a.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/oakley-a.spdl
deleted file mode 100644
index aa04c2ed9168bdeee7331aacd873121741ae143c..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/oakley-a.spdl
+++ /dev/null
@@ -1,91 +0,0 @@
-# 1 "oakley-a.cpp"
-# 1 "<command-line>"
-# 1 "oakley-a.cpp"
-# 18 "oakley-a.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-# 141 "common.h"
- var Ci, Cr: Nonce;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, KDF(Ni, Nr, h(g(r),i), Ci, Cr) );
- send_!SWAP2( SWAP, SWAP, KDF(Ni, Nr, h(g(i),r), Ci, Cr) );
-
- }
-
-
-}
-# 19 "oakley-a.cpp" 2
-
-
-
-usertype String;
-const list, algo: String;
-
-protocol oakley-a(I, R)
-{
- role I {
- fresh i, Ni, Ci: Nonce;
- var Nr, Cr: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, Ci, g(i), list, I, R, Ni, {I, R, Ni, g(i), list}sk(I) );
- recv_2( R, I, Cr, Ci, Gr, algo, R, I, Nr, Ni, {R, I, Nr, Ni, g(i), Gr, algo}sk(R) );
- send_3( I, R, Ci, Cr, g(i), algo, I, R, Ni, Nr, {I, R, Ni, Nr, g(i), Gr, algo}sk(I) );
-
-
- claim( I, SKR, KDF(Ni, Nr, h(Gr,i), Ci, Cr) );
-
- claim( I, Alive );
- claim( I, Weakagree );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Ci, Gi, list, I, R, Ni, {I, R, Ni, Gi, list}sk(I) );
- send_2( R, I, Cr, Ci, g(r), algo, R, I, Nr, Ni, {R, I, Nr, Ni, Gi, g(r), algo}sk(R) );
- recv_3( I, R, Ci, Cr, Gi, algo, I, R, Ni, Nr, {I, R, Ni, Nr, Gi, g(r), algo}sk(I) );
-
-
- claim( R, SKR, KDF(Ni, Nr, h(Gi,r), Ci, Cr) );
-
- claim( R, Alive );
- claim( R, Weakagree );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/oakley-alt.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/oakley-alt.cpp
deleted file mode 100644
index 5c4654f613b536bf0ac86c393e6fca115d207a89..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/oakley-alt.cpp
+++ /dev/null
@@ -1,63 +0,0 @@
-/** HEADDOC
- * @protocol OAKLEY
- * @reference RFC 2412,
- * Boyd C. and Mathuria A., Protocols for Authentication and
- * Key Agreement
- * @description OAKLEY is related to STS and allows for shared key
- * determination via authenticated Diffie-Hellman exchanges and
- * provides perfect forward secrecy for the shared key.
- * @variant Alternative variant to prevent user identity disclosure
-**/
-
-
-/** MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
-**/
-#define __OAKLEY__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-#define AK prf(Ni,Nr)
-
-
-usertype String;
-const list, algo: String;
-
-protocol oakley-alt(I, R)
-{
- role I {
- fresh i, Ni, Ci: Nonce;
- var Nr, Cr: Nonce;
- var Gr: Ticket;
-
- // NOTE: pk(R) is sent in plain so that the recipient knows which decryption key to use
- // In the specification, there is a distinction between the R in pk(R) and the encrypted R
- send_1( I, R, Ci, g(i), list, pk(R), {I, R, Ni}pk(R) );
- recv_2( R, I, Cr, Ci, Gr, algo, {R, I, Nr}pk(I), prf(AK, R, I, Gr, g(i), algo) );
- send_3( I, R, Ci, Cr, prf(AK, I, R, g(i), Gr, algo) );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Ci, Gi, list, pk(R), {I, R, Ni}pk(R) );
- send_2( R, I, Cr, Ci, g(r), algo, {R, I, Nr}pk(I), prf(AK, R, I, g(r), Gi, algo) );
- recv_3( I, R, Ci, Cr, prf(AK, I, R, Gi, g(r), algo) );
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
-
- claim( R, Alive );
- claim( R, Weakagree );
-
- }
-}
\ No newline at end of file
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/oakley-alt.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/oakley-alt.spdl
deleted file mode 100644
index f94b355da298c0b085d520e555c12a7275d28372..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/oakley-alt.spdl
+++ /dev/null
@@ -1,94 +0,0 @@
-# 1 "oakley-alt.cpp"
-# 1 "<command-line>"
-# 1 "oakley-alt.cpp"
-# 18 "oakley-alt.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-# 141 "common.h"
- var Ci, Cr: Nonce;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, KDF(Ni, Nr, h(g(r),i), Ci, Cr) );
- send_!SWAP2( SWAP, SWAP, KDF(Ni, Nr, h(g(i),r), Ci, Cr) );
-
- }
-
-
-}
-# 19 "oakley-alt.cpp" 2
-
-
-
-
-usertype String;
-const list, algo: String;
-
-protocol oakley-alt(I, R)
-{
- role I {
- fresh i, Ni, Ci: Nonce;
- var Nr, Cr: Nonce;
- var Gr: Ticket;
-
-
-
- send_1( I, R, Ci, g(i), list, pk(R), {I, R, Ni}pk(R) );
- recv_2( R, I, Cr, Ci, Gr, algo, {R, I, Nr}pk(I), prf(prf(Ni,Nr), R, I, Gr, g(i), algo) );
- send_3( I, R, Ci, Cr, prf(prf(Ni,Nr), I, R, g(i), Gr, algo) );
-
-
- claim( I, SKR, KDF(Ni, Nr, h(Gr,i), Ci, Cr) );
-
- claim( I, Alive );
- claim( I, Weakagree );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Ci, Gi, list, pk(R), {I, R, Ni}pk(R) );
- send_2( R, I, Cr, Ci, g(r), algo, {R, I, Nr}pk(I), prf(prf(Ni,Nr), R, I, g(r), Gi, algo) );
- recv_3( I, R, Ci, Cr, prf(prf(Ni,Nr), I, R, Gi, g(r), algo) );
-
-
- claim( R, SKR, KDF(Ni, Nr, h(Gi,r), Ci, Cr) );
-
- claim( R, Alive );
- claim( R, Weakagree );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/oakley-c.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/oakley-c.cpp
deleted file mode 100644
index 32e6a80ecfcd5317875583e636c4aa2bdf865c1a..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/oakley-c.cpp
+++ /dev/null
@@ -1,105 +0,0 @@
-/** HEADDOC
- * @protocol OAKLEY
- * @reference RFC 2412,
- * Boyd C. and Mathuria A., Protocols for Authentication and
- * Key Agreement
- * @description OAKLEY is related to STS and allows for shared key
- * determination via authenticated Diffie-Hellman exchanges and
- * provides perfect forward secrecy for the shared key.
- * @variant Conservative mode with identity hiding
-**/
-
-
-/** MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
-**/
-#define __OAKLEY_CONSERVATIVE__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-#define Kpi prf(Zi)
-#define Kpr prf(Zr)
-#define Kir prf(Ni,Nr)
-
-
-usertype String;
-const OK, list, algo: String;
-
-
-/**
- * This role serves as an "oracle" to ensure the executability of the
- * protocol by taking care of the problems that arise from our way of
- * modelling Diffie-Hellman keys.
- */
-protocol @executability(O) {
-#define Gi g(i)
-#define Gr g(r)
- role O {
- var i, r, Ni, Nr, Ci, Cr: Nonce;
- var I, R: Agent;
-
- // msg 5
- recv_!O1( O, O, {I, R, {Ni}pk(R)}Kpi );
- send_!O2( O, O, {I, R, {Ni}pk(R)}Kpr );
-
- // msg 6
- recv_!O3( O, O, {{Nr, Ni}pk(I), R, I, prf(Kir, R, I, Gr, g(i), algo)}Kpr );
- send_!O4( O, O, {{Nr, Ni}pk(I), R, I, prf(Kir, R, I, Gr, g(i), algo)}Kpi );
-
- // msg 7
- recv_!O5( O, O, {prf(Kir, I, R, g(i), Gr, algo)}Kpi );
- send_!O6( O, O, {prf(Kir, I, R, g(i), Gr, algo)}Kpr );
-
- }
-#undef Gi
-#undef Gr
-}
-
-
-protocol oakley-c(I, R)
-{
- role I {
- fresh i, Ni, Ci: Nonce;
- var Nr, Cr: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, OK );
- recv_2( R, I, Cr );
- send_3( I, R, Ci, Cr, g(i), list );
- recv_4( R, I, Cr, Ci, Gr, algo );
- send_!5( I, R, Ci, Cr, g(i), {I, R, {Ni}pk(R)}Kpi );
- recv_!6( R, I, Cr, Ci, {{Nr, Ni}pk(I), R, I, prf(Kir, R, I, Gr, g(i), algo)}Kpi );
- send_!7( I, R, Ci, Cr, {prf(Kir, I, R, g(i), Gr, algo)}Kpi );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, Kpi );
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, OK );
- send_2( R, I, Cr );
- recv_3( I, R, Ci, Cr, Gi, list );
- send_4( R, I, Cr, Ci, g(r), algo );
- recv_!5( I, R, Ci, Cr, Gi, {I, R, {Ni}pk(R)}Kpr );
- send_!6( R, I, Cr, Ci, {{Nr, Ni}pk(I), R, I, prf(Kir, R, I, g(r), Gi, algo)}Kpr );
- recv_!7( I, R, Ci, Cr, {prf(Kir, I, R, Gi, g(r), algo)}Kpr );
-
- /* SECURITY CLAIMS */
- claim( R, SKR, Kpr );
-
- claim( R, SKR, SKr );
- claim( R, Alive );
- claim( R, Weakagree );
-
- }
-}
\ No newline at end of file
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/oakley-c.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/oakley-c.spdl
deleted file mode 100644
index 2585ef9d1c5435a051dd8405f49b24635e222cb5..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/oakley-c.spdl
+++ /dev/null
@@ -1,140 +0,0 @@
-# 1 "oakley-c.cpp"
-# 1 "<command-line>"
-# 1 "oakley-c.cpp"
-# 18 "oakley-c.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-# 144 "common.h"
- var Ci, Cr: Nonce;
-
-
-
-
-
- recv_!SWAP1( SWAP, SWAP, KDF(Ni, Nr, h(g(r),i), Ci, Cr) );
- send_!SWAP2( SWAP, SWAP, KDF(Ni, Nr, h(g(i),r), Ci, Cr) );
-
- }
-
-
-}
-# 19 "oakley-c.cpp" 2
-
-
-
-
-
-
-
-usertype String;
-const OK, list, algo: String;
-
-
-
-
-
-
-
-protocol @executability(O) {
-
-
- role O {
- var i, r, Ni, Nr, Ci, Cr: Nonce;
- var I, R: Agent;
-
-
- recv_!O1( O, O, {I, R, {Ni}pk(R)}prf(h(g(r),i)) );
- send_!O2( O, O, {I, R, {Ni}pk(R)}prf(h(g(i),r)) );
-
-
- recv_!O3( O, O, {{Nr, Ni}pk(I), R, I, prf(prf(Ni,Nr), R, I, g(r), g(i), algo)}prf(h(g(i),r)) );
- send_!O4( O, O, {{Nr, Ni}pk(I), R, I, prf(prf(Ni,Nr), R, I, g(r), g(i), algo)}prf(h(g(r),i)) );
-
-
- recv_!O5( O, O, {prf(prf(Ni,Nr), I, R, g(i), g(r), algo)}prf(h(g(r),i)) );
- send_!O6( O, O, {prf(prf(Ni,Nr), I, R, g(i), g(r), algo)}prf(h(g(i),r)) );
-
- }
-
-
-}
-
-
-protocol oakley-c(I, R)
-{
- role I {
- fresh i, Ni, Ci: Nonce;
- var Nr, Cr: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, OK );
- recv_2( R, I, Cr );
- send_3( I, R, Ci, Cr, g(i), list );
- recv_4( R, I, Cr, Ci, Gr, algo );
- send_!5( I, R, Ci, Cr, g(i), {I, R, {Ni}pk(R)}prf(h(Gr,i)) );
- recv_!6( R, I, Cr, Ci, {{Nr, Ni}pk(I), R, I, prf(prf(Ni,Nr), R, I, Gr, g(i), algo)}prf(h(Gr,i)) );
- send_!7( I, R, Ci, Cr, {prf(prf(Ni,Nr), I, R, g(i), Gr, algo)}prf(h(Gr,i)) );
-
-
- claim( I, SKR, prf(h(Gr,i)) );
- claim( I, SKR, KDF(Ni, Nr, h(Gr,i), Ci, Cr) );
-
- claim( I, Alive );
- claim( I, Weakagree );
-
- }
-
- role R {
- fresh r, Nr, Cr: Nonce;
- var Ni, Ci: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, OK );
- send_2( R, I, Cr );
- recv_3( I, R, Ci, Cr, Gi, list );
- send_4( R, I, Cr, Ci, g(r), algo );
- recv_!5( I, R, Ci, Cr, Gi, {I, R, {Ni}pk(R)}prf(h(Gi,r)) );
- send_!6( R, I, Cr, Ci, {{Nr, Ni}pk(I), R, I, prf(prf(Ni,Nr), R, I, g(r), Gi, algo)}prf(h(Gi,r)) );
- recv_!7( I, R, Ci, Cr, {prf(prf(Ni,Nr), I, R, Gi, g(r), algo)}prf(h(Gi,r)) );
-
-
- claim( R, SKR, prf(h(Gi,r)) );
-
- claim( R, SKR, KDF(Ni, Nr, h(Gi,r), Ci, Cr) );
- claim( R, Alive );
- claim( R, Weakagree );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/pp.sh b/Vagrant Files/shared/scyther/Protocols/IKE/pp.sh
deleted file mode 100644
index 1ee7b6eae1437f05197b192106b1b3a992f11e89..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/pp.sh
+++ /dev/null
@@ -1,21 +0,0 @@
-#!/bin/sh
-
-FILES="$*"
-EXT="pp"
-#OUT=.
-OUT=pp-results
-
-if [ -n "$FILES" ]; then
- for file in $FILES;
- do
- if [ "$file" = "*.$EXT.*" ]; then
- echo "skipping $file"
- else
- echo "preprocessing $file"
- cpp $file | sed -e '/^(\#.*)*$/d' > $OUT/${file%%.*}.$EXT.spdl
- fi
- done
-else
- printf "Usage: %s: file...\n" $(basename $0) >&2
- exit 1
-fi
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/scanner.py b/Vagrant Files/shared/scyther/Protocols/IKE/scanner.py
deleted file mode 100644
index bc529ac01ce8fea85901e48330f83158805df45a..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/scanner.py
+++ /dev/null
@@ -1,800 +0,0 @@
-#!/usr/bin/env python
-
-import sys
-
-ALLPROTS = set()
-ALLCLAIMS = set() # prot x role x claim
-PREFIX = None # Required prefix
-FFUNC = (lambda p: True) # Filter function
-
-def reset():
-
- global ALLPROTS
- global ALLCLAIMS
- global PREFIX
- global FFUNC
-
- ALLPROTS = set()
- ALLCLAIMS = set()
- PREFIX = None
- FFUNC = (lambda p: True)
-
-def skipLine(l):
- if len(l) == 0:
- return True
-
- skippable = ["%","\\begin","\\end","Protocol"]
- for skstr in skippable:
- if l.startswith(skstr):
- return True
-
- return False
-
-def stripRowEnd(l):
- # Assume ends with \\, split by dtl
- endstr = "\\\\"
- if not l.endswith(endstr):
- print "Error: some line does not end with \\\\"
- print ">>%s<<" % (l)
- sys.exit(-1)
-
- return l[:-len(endstr)]
-
-def splitStrip(l,sp):
-
- dtl = l.split(sp)
- for i in range(0,len(dtl)):
- dtl[i] = dtl[i].strip()
- return dtl
-
-def roleClaim(dtl):
- rcdt = dtl.split()
- assert(rcdt[0].endswith(":"))
- role = rcdt[0][:-1]
- claim = rcdt[1]
- return (role,claim[:20])
-
-def scanAttackFile(fn):
-
- global ALLPROTS
-
- fp = open("gen-%s-mpaattacks.tex" % (fn),"r")
- attackmap = {}
- prot = None
- role = None
- claim = None
- for rawline in fp.xreadlines():
-
- l = rawline.strip()
-
- if skipLine(l):
- continue
-
- l = stripRowEnd(l)
-
- dtl = splitStrip(l,"&")
-
- # New protocol
- if len(dtl[0]) > 0:
- prot = dtl[0]
-
- # New role
- if len(dtl[1]) > 0:
- (role,claim) = roleClaim(dtl[1])
-
- # Claims list
- # Assume starts with '[' and ends with ']'
- assert(dtl[2].startswith("["))
- assert(dtl[2].endswith("]"))
- attl = ((dtl[2])[1:-1]).split(",")
- for i in range(0,len(attl)):
- x = attl[i].strip()
- assert(x.startswith("'"))
- assert(x.endswith("'"))
- attl[i] = x[1:-1]
-
- ak = (prot,role,claim)
- if ak not in attackmap.keys():
- attackmap[ak] = set()
- attackmap[ak].add(tuple(attl))
-
- # Add to allprots set
- ALLPROTS.add(prot)
- for p in attl:
- ALLPROTS.add(prot)
-
- fp.close()
-
- return attackmap
-
-
-def shorten(prot):
- """
- Shorten protocol name
- """
- cutting = ["isoiec-","9798-"]
- for ct in cutting:
- if prot.startswith(ct):
- prot = prot[len(ct):]
- return prot.replace("-udkey","-ud")
-
-
-def prettyclaim(cl):
- """
- Rewrite if needed
- """
- return cl.replace("Commit","Agreement")
-
-
-def mpaTable(attackmap):
- """
- construct table for MPA attacks
- """
- counter = 1
- s = ""
-
- s += "\\begin{longtable}{|l|lll|l|}\n"
- s += "\\hline\n"
- for kk in sorted(ALLCLAIMS):
- if kk not in attackmap.keys():
- continue
- (prot,role,claim) = kk
-
- ats = str(attackmap[kk])
- sl = "%i & %s & %s & %s & %s \\\\ \n" % (counter,prot,role,claim,ats)
-
- s += sl
- counter = counter + 1
-
- s += "\\hline\n"
- s += "\\end{longtable}\n"
-
- return s
-
-
-def rotated(headl):
- """
- Add rotated headers
- """
- for i in range(0,len(headl)):
- headl[i] = "\\begin{sideways} %s \\end{sideways}\n" % (headl[i])
- return " & ".join(headl)
-
-
-def baseprot(prot):
- return shorten(prot)[:5]
-
-
-def mpaTable2(attackmap,tabtype="tabular",options=""):
- """
- construct table for MPA attacks
-
- Second attempt
- """
-
- # To find the number of columns, we first need to find all protocols involved in two-protocol attacks
- involved = set()
- for kk in attackmap.keys():
- for atl in attackmap[kk]:
- # convert tuple back to list
- att = list(atl)
- if len(att) == 1:
- # This attack involves one *additional* protocol, so is a two-protocol attack
- involved.add(att[0])
- colheads = sorted(involved)
- attcols = ""
- last = None
- for hd in colheads:
- prm = baseprot(hd)
- if last == prm:
- attcols += "@{\hspace{2mm}}c"
- else:
- last = prm
- attcols += "|c"
-
-
- #attcols = "c" * len(involved)
-
- counter = 1
- s = ""
-
- #s += "\\clearpage \n"
-
- s += "\\begin{%s}%s{|l|ll|%s|}\n" % (tabtype,options,attcols)
- s += "\\hline\n"
- s += rotated(["No","Prot","Claim"])
- for hd in colheads:
- s += "& \\begin{sideways}%s\\end{sideways} " % (shorten(hd))
- s += "\\\\ \n"
-
- s += "\\hline\n"
- last = None
- for kk in sorted(ALLCLAIMS):
- if kk not in attackmap.keys():
- continue
- (prot,role,claim) = kk
-
- prm = baseprot(prot)
- if last != prm:
- last = prm
- s += "\\hline\n"
-
- sl = ""
- sl += "%i & %s & %s %s " % (counter,shorten(prot),role,claim)
- for ch in colheads:
- se = tuple([ch])
- if se in attackmap[kk]:
- sl += "& $\\bullet$ "
- else:
- sl += "& $\\circ$ "
-
- sl += "\\\\ \n"
-
- s += sl
- counter = counter + 1
-
- s += "\\hline\n"
- s += "\\end{%s}\n" % (tabtype)
-
- return s
-
-
-def mpaTable3(attackmaps,tabtype="tabular",options=""):
- """
- construct table for MPA attacks
-
- attmaps = sequence of (attackmap, symbol)
-
- Symbol of the first matching is displayed
-
- Second attempt
- """
-
- global FFUNC
- # To find the number of columns, we first need to find all protocols involved in two-protocol attacks
- # Also populate "allkeys"
- involved = set()
- allkeys = set()
- for (attackmap,symbs) in attackmaps:
- for kk in attackmap.keys():
- allkeys.add(kk)
- for atl in attackmap[kk]:
- # convert tuple back to list
- att = list(atl)
- if len(att) == 1:
- # This attack involves one *additional* protocol, so is a two-protocol attack
- if FFUNC:
- if not FFUNC(att[0]):
- continue
-
- involved.add(att[0])
-
- colheads = sorted(involved)
- attcols = ""
- last = None
- for hd in colheads:
- prm = baseprot(hd)
- if last == prm:
- attcols += "@{\hspace{2mm}}c"
- else:
- last = prm
- attcols += "|c"
-
-
- #attcols = "c" * len(involved)
-
- counter = 1
- s = ""
-
- #s += "\\clearpage \n"
-
- s += "\\begin{%s}%s{|l|ll|%s|}\n" % (tabtype,options,attcols)
- s += "\\hline\n"
- s += rotated(["No","Prot","Claim"])
- for hd in colheads:
- s += "& \\begin{sideways}%s\\end{sideways} " % (shorten(hd))
- s += "\\\\ \n"
-
- s += "\\hline\n"
- last = None
- for kk in sorted(ALLCLAIMS):
- if kk not in attackmap.keys():
- continue
- (prot,role,claim) = kk
-
- prm = baseprot(prot)
- if last != prm:
- last = prm
- s += "\\hline\n"
-
- sl = ""
- sl += "%i & %s & %s %s " % (counter,shorten(prot),role,prettyclaim(claim))
- for ch in colheads:
- se = tuple([ch])
- sl += "& "
- for (attackmap,symb) in attackmaps:
- if kk in attackmap.keys():
- if se in attackmap[kk]:
- sl += symb
- break
-
- sl += "\\\\ \n"
-
- s += sl
- counter = counter + 1
-
- s += "\\hline\n"
- s += "\\end{%s}\n" % (tabtype)
-
- return s
-
-
-def scanClaimList(fn):
- """
- Simply gather claims
- """
-
- global ALLPROTS
- global ALLCLAIMS
- global FFUNC
-
- fp = open("gen-%s-claims.txt" % (fn),"r")
-
- claimmap = {}
- for rawline in fp.xreadlines():
-
- l = rawline.strip()
-
- if skipLine(l):
- continue
-
- dtl = splitStrip(l,"; ")
-
- filename = dtl[0]
- prot = dtl[1]
- if FFUNC:
- if not FFUNC(prot):
- continue
-
- label = dtl[2]
- (role,claim) = roleClaim(dtl[3])
-
- ALLCLAIMS.add((prot,role,claim))
- ALLPROTS.add(prot)
-
- fp.close()
-
- return claimmap
-
-def scanClaimFile(fn):
- """
- Construct claimmap
-
- prot -> roles -> claims
- """
-
- global ALLPROTS
- global ALLCLAIMS
- global FFUNC
-
- fp = open("gen-%s-correctclaims.tex" % (fn),"r")
-
- claimmap = {}
- for rawline in fp.xreadlines():
-
- l = rawline.strip()
-
- if skipLine(l):
- continue
-
- l = stripRowEnd(l)
-
- dtl = splitStrip(l,"&")
-
- prot = dtl[0]
- if FFUNC:
- if not FFUNC(prot):
- continue
-
- if prot not in claimmap.keys():
- claimmap[prot] = {}
-
- cll = splitStrip(dtl[1],";")
-
- for dt in cll:
- (role,claim) = roleClaim(dt)
-
- if role not in claimmap[prot].keys():
- claimmap[prot][role] = set()
-
- claimmap[prot][role].add(claim)
-
- ALLCLAIMS.add((prot,role,claim))
-
- ALLPROTS.add(prot)
-
- fp.close()
-
- return claimmap
-
-def getRoleClaims(rcmap):
-
- rc = set()
- for role in rcmap.keys():
- for claim in rcmap[role]:
- rc.add((role,claim))
-
- return rc
-
-def typeScanMatrix(cml,onlyChanged = False):
-
- global ALLPROTS
-
- """
- Scan for the influence of typing.
-
- Input:
-
- [(txt1,cm1),(txt2,cm2),...]
-
- """
- s = ""
-
- s += "\\begin{longtable}{|l|lll|%s|}\n" % ("c" * len(cml))
- s += "\\hline\n"
-
- s += "No & Prot & Role & Claim "
- for (txt,cm) in cml:
- s += "& %s " % (txt)
- s += "\\\\\n"
- s += "\\hline\n"
-
- goodverdict = "$\\circ$"
- badverdict = "$\\bullet$"
-
- counter = 1
- for (prot,role,claim) in sorted(ALLCLAIMS):
- # Header
- sl = "%i & %s & %s & %s " % (counter,prot,role,claim)
- alltrue = True
- for (txt,cm) in cml:
- verdict = badverdict
- if prot in cm.keys():
- if role in cm[prot].keys():
- if claim in cm[prot][role]:
- verdict = goodverdict
- if verdict == badverdict:
- alltrue = False
-
- sl += "& %s " % (verdict)
- sl += "\\\\\n"
-
- if alltrue == True:
- if onlyChanged == True:
- continue
-
- s += sl
- counter = counter + 1
-
- s += "\\hline\n"
- s += "\\end{longtable}\n"
- return s
-
-def typeScanMatrix2(cml,onlyChanged = False,additive = False):
-
- global ALLPROTS
-
- """
- Scan for the influence of typing.
-
- Input:
-
- [(txt1,cm1),(txt2,cm2),...]
-
- """
- s = ""
-
- s += "\\begin{longtable}{|l|lll||c|}\n"
- s += "\\hline\n"
-
- s += "No & Prot & Claim & Attacks"
- s += "\\\\\n"
- s += "\\hline\n"
- s += "\\hline\n"
-
- goodverdict = "$\\circ$"
- badverdict = "$\\bullet$"
-
- last = None
- counter = 1
- for (prot,role,claim) in sorted(ALLCLAIMS):
- if baseprot(prot) != last:
- last = baseprot(prot)
- s += "\\hline\n"
-
- # Header
- sl = "%i & %s & %s %s " % (counter,prot,role,prettyclaim(claim))
- alltrue = True
- res = ""
- for (txt,cm) in cml:
- verdict = badverdict
- if prot in cm.keys():
- if role in cm[prot].keys():
- if claim in cm[prot][role]:
- verdict = goodverdict
- if verdict == badverdict:
- alltrue = False
- if additive:
- res += txt
- else:
- res = txt
-
- sl += "& %s " % (res)
- sl += "\\\\\n"
-
- if alltrue == True:
- if onlyChanged == True:
- continue
-
- s += sl
- counter = counter + 1
-
- s += "\\hline\n"
- s += "\\end{longtable}\n"
- return s
-
-def typeScanMatrix3(hd1,hd2,cml,f,onlyChanged = False,tabletype="longtable"):
-
- global ALLPROTS
-
- """
- Scan for the influence of typing.
-
- Input:
-
- f is given as input a sequence of Bool (attack = False) of length len(cml), should return string.
-
- """
- s = ""
-
- s += "\\begin{%s}{|l|ll||%s|}\n" % (tabletype,hd1)
- s += "\\hline\n"
-
- s += rotated(["No","Protocol","Claim"]) + " & " + rotated(hd2)
- s += "\\\\\n"
- s += "\\hline\n"
- s += "\\hline\n"
-
- goodverdict = "$\\circ$"
- badverdict = "$\\bullet$"
-
- last = None
- counter = 1
- for (prot,role,claim) in sorted(ALLCLAIMS):
- if baseprot(prot) != last:
- last = baseprot(prot)
- s += "\\hline\n"
-
- # Header
- sl = "%i & %s & %s %s " % (counter,prot,role,prettyclaim(claim))
- alltrue = True
- res = ""
- resl = []
- for cm in cml:
- verdict = badverdict
- if prot in cm.keys():
- if role in cm[prot].keys():
- if claim in cm[prot][role]:
- verdict = goodverdict
- if verdict == badverdict:
- alltrue = False
- resl.append(False)
- else:
- resl.append(True)
-
- sl += "& %s " % (f(resl))
- sl += "\\\\\n"
-
- if alltrue == True:
- if onlyChanged == True:
- continue
-
- s += sl
- counter = counter + 1
-
- s += "\\hline\n"
- s += "\\end{%s}\n" % (tabletype)
- return s
-
-def docWrapper(s,title=None,author=None):
-
- pref = ""
- pref += "\\documentclass{article}\n"
- pref += "\\usepackage{a4}\n"
- pref += "\\usepackage{geometry}\n"
- pref += "\\usepackage{longtable}\n"
- pref += "\\usepackage{rotating}\n"
- pref += "\\begin{document}\n"
- if title or author:
- if title:
- pref += "\\title{%s}\n" % (title)
- if author:
- pref += "\\author{%s}\n" % (author)
- pref += "\\maketitle\n"
- post = ""
- post += "\\end{document}\n"
-
- return pref + s + post
-
-def secWrapper(s,title,level=0):
- """
- level :
-
- 0 section
- 1 subsection
- 2 subsub...
- """
- pref = "\\" + "sub" * level + "section{" + title + "}\n\n"
- post = "\n"
- return pref + s + post
-
-
-def sizeWrapper(s, width="!", height="!"):
-
- if (width != "!") or (height != "!"):
- s = "\\resizebox{%s}{%s}{ \n%s}\n" % (width,height,s)
- return s
-
-
-def fileWrite(fn,s):
-
- fp = open("%s.tex" % (fn), "w")
- fp.write(s)
- fp.close()
-
-
-def docWrite(fn,tex,author=None,title=None):
-
- fileWrite(fn, docWrapper(tex,author=author,title=title))
-
-
-def docMake(fn,tex,author=None,title=None):
-
- import commands
-
- docWrite(fn,tex,author,title)
- cmd = "pdflatex %s" % (fn)
- commands.getoutput(cmd)
-
-def f1(resl):
- txtl = []
- for t in resl:
- if t == True:
- txtl.append(" ")
- else:
- txtl.append("$\\bullet$")
- return " & ".join(txtl)
-
-def pb(tl,width):
- nl = []
- for t in tl:
- nl.append("\\parbox{%s}{%s}" % (width,t))
- return nl
-
-def makeReport(fn,includefiles=False):
- scanClaimList(fn + "-aa-t")
-
- cISOaat = scanClaimFile(fn + "-aa-t")
- cISOaab = scanClaimFile(fn + "-aa-b")
- cISOaau = scanClaimFile(fn + "-aa-u")
- cISOiut = scanClaimFile(fn + "-iu-t")
- cISOiub = scanClaimFile(fn + "-iu-b")
- cISOiuu = scanClaimFile(fn + "-iu-u")
- cISOext = scanClaimFile(fn + "-ex-t")
- cISOexb = scanClaimFile(fn + "-ex-b")
- cISOexu = scanClaimFile(fn + "-ex-u")
-
- tex = ""
- #tex += secWrapper(typeScanMatrix([("typed",cISOaat),("basic",cISOaab),("untyped",cISOaau)],onlyChanged = False),title="Normal mode (Alice-Alice communication allowed)")
- #tex += secWrapper(typeScanMatrix([("typed",cISOiut),("basic",cISOiub),("untyped",cISOiuu)],onlyChanged = True),title="Disallow Alice-Alice initiators")
- #tex += secWrapper(typeScanMatrix([("typed",cISOext),("basic",cISOexb),("untyped",cISOexu)],onlyChanged = True),title="Disallow Alice-Alice communications")
-
- orders = [cISOaab,
- cISOaat,
- cISOiub,
- cISOiut]
-
- sectex = typeScanMatrix3("c|c|c|c",pb(["No type checks\\\\Alice-talks-to-Alice initators","Type checks\\\\Alice-talks-to-Alice initators","No type checks\\\\No Alice-talks-to-Alice initators","Type checks\\\\No Alice-talks-to-Alice initators"],"49mm"), orders,f1,onlyChanged = True)
-
- mpatex = sizeWrapper(mpaTable3([
- (scanAttackFile(fn + "-ex-t"),"$\\bullet$"),
- (scanAttackFile(fn + "-aa-b"),"$\\circ$")
- ]),width="\\textwidth")
-
- if includefiles == True:
- fileWrite("../gen-att-" + fn,sectex)
- fileWrite("../gen-mpa-" + fn,mpatex)
-
- tex += secWrapper(sectex,title="Attacks found")
- tex += secWrapper(mpatex,title="MPA attacks")
- docMake(fn,tex,author="Cas Cremers",title="test report %s" % (fn))
-
-
-def filterPrefix(prot):
- """
- Returns true iff the protocol name is okay to be considered
- """
- if PREFIX:
- if not prot.startswith(PREFIX):
- return False
- return True
-
-def filterPrefixBD(prot):
- """
- Returns true iff the protocol name is okay to be considered
- """
- if PREFIX:
- if not prot.startswith(PREFIX):
- return False
- if prot.endswith("-ud"):
- return False
- if prot.endswith("-udkey"):
- return False
- return True
-
-
-def filterCombo(prot):
- """
- Returns true iff the protocol name is okay to be considered
- """
- if prot.find("-sig-child") >= 0:
- return False
-
- return True
-
-
-def filterISOsymmBD(prot):
- """
- Returns true iff the protocol name is okay to be considered
- """
- if prot.endswith("-ud"):
- return False
- if prot.endswith("-udkey"):
- return False
-
- if prot.startswith("isoiec-9798-2"):
- return True
- if prot.startswith("isoiec-9798-4"):
- return True
-
- return False
-
-
-
-if __name__ == "__main__":
-
- #reset()
- #PREFIX = "isoiec-9798-2"
- #makeReport(PREFIX)
-
- includefiles = True
-
- reset()
- FFUNC = filterCombo
- PREFIX = "ike1"
- makeReport(PREFIX,includefiles=includefiles)
-
- reset()
- FFUNC = filterCombo
- PREFIX = "ike2"
- makeReport(PREFIX,includefiles=includefiles)
-
- reset()
- FFUNC = filterCombo
- PREFIX = "ike0"
- makeReport(PREFIX,includefiles=includefiles)
-
-
-
-
-
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/skeme-basic.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/skeme-basic.cpp
deleted file mode 100644
index d9f58abac9bd56efe3cd9ff646b292c32c228fbd..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/skeme-basic.cpp
+++ /dev/null
@@ -1,61 +0,0 @@
-/** HEADDOC
- * @protocol SKEME
- * @reference Krawczyk, H., SKEME: A Versatile Secure Key Exchange Mechanism
- * for Internet,
- * Boyd C. and Mathuria A., Protocols for Authentication and
- * Key Agreement
- * @description SKEME is a set of protocols suitable for negotiation of
- * services in a general networked environment. The main
- * characteristics are forward secrecy, privacy and anonymity,
- * and DoS protection.
- * @variant Basic mode
-**/
-
-
-/** MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
- * Note: May use the same oracles as sts
-**/
-#define __SKEME__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-#define Kir prf(Ni,Nr)
-
-
-protocol skeme-basic(I, R)
-{
- role I {
- fresh i, Ni: Nonce;
- var Nr: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, {I, Ni}pk(R), g(i) );
- recv_2( R, I, {Nr}pk(I), Gr, prf(Kir, g(i), Gr, R, I) );
- send_3( I, R, prf(Kir, Gr, g(i), I, R) );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
-
- }
-
- role R {
- fresh r, Nr: Nonce;
- var Ni: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, {I, Ni}pk(R), Gi );
- send_2( R, I, {Nr}pk(I), g(r), prf(Kir, Gi, g(r), R, I) );
- recv_3( I, R, prf(Kir, g(r), Gi, I, R) );
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
-
- claim( R, Alive );
- claim( R, Weakagree );
-
- }
-}
\ No newline at end of file
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/skeme-basic.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/skeme-basic.spdl
deleted file mode 100644
index 8c53debe3080c80a8a0afccd60484535f60a0b5e..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/skeme-basic.spdl
+++ /dev/null
@@ -1,87 +0,0 @@
-# 1 "skeme-basic.cpp"
-# 1 "<command-line>"
-# 1 "skeme-basic.cpp"
-# 21 "skeme-basic.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, KDF(h(g(r),i)) );
- send_!SWAP2( SWAP, SWAP, KDF(h(g(i),r)) );
-
- }
-
-
-}
-# 22 "skeme-basic.cpp" 2
-
-
-
-
-protocol skeme-basic(I, R)
-{
- role I {
- fresh i, Ni: Nonce;
- var Nr: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, {I, Ni}pk(R), g(i) );
- recv_2( R, I, {Nr}pk(I), Gr, prf(prf(Ni,Nr), g(i), Gr, R, I) );
- send_3( I, R, prf(prf(Ni,Nr), Gr, g(i), I, R) );
-
-
- claim( I, SKR, KDF(h(Gr,i)) );
-
- claim( I, Alive );
- claim( I, Weakagree );
-
- }
-
- role R {
- fresh r, Nr: Nonce;
- var Ni: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, {I, Ni}pk(R), Gi );
- send_2( R, I, {Nr}pk(I), g(r), prf(prf(Ni,Nr), Gi, g(r), R, I) );
- recv_3( I, R, prf(prf(Ni,Nr), g(r), Gi, I, R) );
-
-
- claim( R, SKR, KDF(h(Gi,r)) );
-
- claim( R, Alive );
- claim( R, Weakagree );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/skeme-psk.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/skeme-psk.cpp
deleted file mode 100644
index 355edc2a0a1ee77831c3494e1cd43aaa35c4a825..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/skeme-psk.cpp
+++ /dev/null
@@ -1,82 +0,0 @@
-/** HEADDOC
- * @protocol SKEME
- * @reference Krawczyk, H., SKEME: A Versatile Secure Key Exchange Mechanism
- * for Internet,
- * Boyd C. and Mathuria A., Protocols for Authentication and
- * Key Agreement
- * @description SKEME is a set of protocols suitable for negotiation of
- * services in a general networked environment. The main
- * characteristics are forward secrecy, privacy and anonymity,
- * and DoS protection.
- * @variant Basic mode with pre-shared keys and correct application of DH
-**/
-
-
-/** MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
-**/
-#define __SKEME__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-/**
- * This role serves as an "oracle" to ensure the executability of the
- * protocol by taking care of the problems that arise from our way of
- * modelling k(I,R) = k(R,I).
- */
-protocol @executability(O) {
-#define Gi g(i)
-#define Gr g(r)
- role O {
- var i, r: Nonce;
- var I, R: Agent;
-
- // msg 2
- recv_!O1( O, O, prf(k(R,I), Gi, g(r), R, I) );
- send_!O2( O, O, prf(k(I,R), Gi, g(r), R, I) );
-
- // msg 3
- recv_!O3( O, O, prf(k(I,R), Gr, g(i), I, R) );
- send_!O4( O, O, prf(k(R,I), Gr, g(i), I, R) );
-
- }
-#undef Gi
-#undef Gr
-}
-
-
-protocol skeme-psk(I, R)
-{
- role I {
- fresh i: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, g(i) );
- recv_!2( R, I, Gr, prf(k(I,R), g(i), Gr, R, I) );
- send_!3( I, R, prf(k(I,R), Gr, g(i), I, R) );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
-
- }
-
- role R {
- fresh r: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Gi );
- send_!2( R, I, g(r), prf(k(R,I), Gi, g(r), R, I) );
- recv_!3( I, R, prf(k(R,I), g(r), Gi, I, R) );
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
-
- claim( R, Alive );
- claim( R, Weakagree );
-
- }
-}
\ No newline at end of file
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/skeme-psk.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/skeme-psk.spdl
deleted file mode 100644
index e3e8796cdff93ed5d9df1a5299618ee9d4cd4bee..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/skeme-psk.spdl
+++ /dev/null
@@ -1,109 +0,0 @@
-# 1 "skeme-psk.cpp"
-# 1 "<command-line>"
-# 1 "skeme-psk.cpp"
-# 20 "skeme-psk.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, KDF(h(g(r),i)) );
- send_!SWAP2( SWAP, SWAP, KDF(h(g(i),r)) );
-
- }
-
-
-}
-# 21 "skeme-psk.cpp" 2
-
-
-
-
-
-
-
-protocol @executability(O) {
-
-
- role O {
- var i, r: Nonce;
- var I, R: Agent;
-
-
- recv_!O1( O, O, prf(k(R,I), g(i), g(r), R, I) );
- send_!O2( O, O, prf(k(I,R), g(i), g(r), R, I) );
-
-
- recv_!O3( O, O, prf(k(I,R), g(r), g(i), I, R) );
- send_!O4( O, O, prf(k(R,I), g(r), g(i), I, R) );
-
- }
-
-
-}
-
-
-protocol skeme-psk(I, R)
-{
- role I {
- fresh i: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, g(i) );
- recv_!2( R, I, Gr, prf(k(I,R), g(i), Gr, R, I) );
- send_!3( I, R, prf(k(I,R), Gr, g(i), I, R) );
-
-
- claim( I, SKR, KDF(h(Gr,i)) );
-
- claim( I, Alive );
- claim( I, Weakagree );
-
- }
-
- role R {
- fresh r: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Gi );
- send_!2( R, I, g(r), prf(k(R,I), Gi, g(r), R, I) );
- recv_!3( I, R, prf(k(R,I), g(r), Gi, I, R) );
-
-
- claim( R, SKR, KDF(h(Gi,r)) );
-
- claim( R, Alive );
- claim( R, Weakagree );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/skeme-rekey.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/skeme-rekey.cpp
deleted file mode 100644
index a1915a263d78bb76b9ee59e9b94b882f069d0104..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/skeme-rekey.cpp
+++ /dev/null
@@ -1,80 +0,0 @@
-/** HEADDOC
- * @protocol SKEME
- * @reference Krawczyk, H., SKEME: A Versatile Secure Key Exchange Mechanism
- * for Internet,
- * Boyd C. and Mathuria A., Protocols for Authentication and
- * Key Agreement
- * @description SKEME is a set of protocols suitable for negotiation of
- * services in a general networked environment. The main
- * characteristics are forward secrecy, privacy and anonymity,
- * and DoS protection.
- * @variant Fast rekeying protocol
-**/
-
-/** MACRO DEFINITIONS
- * Needs preprocessing by cpp before fed to scyther
-**/
-#define __SKEME_REKEY__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-/**
- * This role serves as an "oracle" to ensure the executability of the
- * protocol by taking care of the problems that arise from our way of
- * modelling k(I,R) = k(R,I).
- */
-protocol @executability(O) {
-#define Gi g(i)
-#define Gr g(r)
- role O {
- var Ni, Nr: Nonce;
- var I, R: Agent;
-
- // msg 2
- recv_!O1( O, O, prf(k(R,I), Ni, Nr, R, I) );
- send_!O2( O, O, prf(k(I,R), Ni, Nr, R, I) );
-
- // msg 3
- recv_!O3( O, O, prf(k(I,R), Nr, Ni, I, R) );
- send_!O4( O, O, prf(k(R,I), Nr, Ni, I, R) );
-
- }
-#undef Gi
-#undef Gr
-}
-
-protocol skeme-rekey(I, R)
-{
- role I {
- fresh Ni: Nonce;
- var Nr: Nonce;
-
- send_1( I, R, Ni );
- recv_!2( R, I, Nr, prf(k(I,R), Ni, Nr, R, I) );
- send_!3( I, R, prf(k(I,R), Nr, Ni, I, R) );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
-
- }
-
- role R {
- fresh Nr: Nonce;
- var Ni: Nonce;
-
- recv_1( I, R, Ni );
- send_!2( R, I, Nr, prf(k(I,R), Ni, Nr, R, I) );
- recv_!3( I, R, prf(k(I,R), Nr, Ni, I, R) );
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
-
- claim( R, Alive );
- claim( R, Weakagree );
-
- }
-}
\ No newline at end of file
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/skeme-rekey.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/skeme-rekey.spdl
deleted file mode 100644
index acd0c509c4f46026ed5ae0199bef7bdccfa03bb4..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/skeme-rekey.spdl
+++ /dev/null
@@ -1,111 +0,0 @@
-# 1 "skeme-rekey.cpp"
-# 1 "<command-line>"
-# 1 "skeme-rekey.cpp"
-# 19 "skeme-rekey.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-# 97 "common.h"
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-# 147 "common.h"
- var I, R: Agent;
-
-
- recv_!SWAP1( SWAP, SWAP, KDF(k(I,R),prf(k(I,R), Ni, Nr, R, I)) );
- send_!SWAP2( SWAP, SWAP, KDF(k(R,I),prf(k(R,I), Ni, Nr, R, I)) );
-
- }
-
-
-}
-# 20 "skeme-rekey.cpp" 2
-
-
-
-
-
-
-
-protocol @executability(O) {
-
-
- role O {
- var Ni, Nr: Nonce;
- var I, R: Agent;
-
-
- recv_!O1( O, O, prf(k(R,I), Ni, Nr, R, I) );
- send_!O2( O, O, prf(k(I,R), Ni, Nr, R, I) );
-
-
- recv_!O3( O, O, prf(k(I,R), Nr, Ni, I, R) );
- send_!O4( O, O, prf(k(R,I), Nr, Ni, I, R) );
-
- }
-
-
-}
-
-protocol skeme-rekey(I, R)
-{
- role I {
- fresh Ni: Nonce;
- var Nr: Nonce;
-
- send_1( I, R, Ni );
- recv_!2( R, I, Nr, prf(k(I,R), Ni, Nr, R, I) );
- send_!3( I, R, prf(k(I,R), Nr, Ni, I, R) );
-
-
- claim( I, SKR, KDF(k(I,R),prf(k(I,R), Ni, Nr, R, I)) );
-
- claim( I, Alive );
- claim( I, Weakagree );
-
- }
-
- role R {
- fresh Nr: Nonce;
- var Ni: Nonce;
-
- recv_1( I, R, Ni );
- send_!2( R, I, Nr, prf(k(I,R), Ni, Nr, R, I) );
- recv_!3( I, R, prf(k(I,R), Nr, Ni, I, R) );
-
-
- claim( R, SKR, KDF(k(R,I),prf(k(R,I), Ni, Nr, R, I)) );
-
- claim( R, Alive );
- claim( R, Weakagree );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/sts-mac.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/sts-mac.cpp
deleted file mode 100644
index 9faaf4f7959c1692fca248d8db8a180eb348647f..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/sts-mac.cpp
+++ /dev/null
@@ -1,78 +0,0 @@
-/** HEADDOC
- * @protocol Station-to-Station Protocol (STS)
- * @reference Diffie W., van Oorschot P. C., and Wiener M. J.,
- * Authentication and authenticated key exchange,
- * Boyd C. and Mathuria A., Protocols for Authentication and
- * Key Agreement
- * @description STS adds a diGital signaure to the exchanged messages to
- * provide authentication for the Diffie-Hellman protocol. In
- * addition, the shared secret is used to provide further
- * assurances.
- * @variant Variant using MACs
-**/
-
-#define __STS__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-/**
- * This role serves as an "oracle" to ensure the executability of the
- * protocol by taking care of the problems that arise from our way of
- * modelling Diffie-Hellman keys.
- */
-protocol @executability(O) {
-#define Gi g(i)
-#define Gr g(r)
- role O {
- var i, r: Nonce;
-
- // msg 2
- recv_!O1( O, O, MAC(Zr, g(r), Gi) );
- send_!O2( O, O, MAC(Zi, g(r), Gi) );
-
- // msg 3
- recv_!O3( O, O, MAC(Zi, Gi, g(r)) );
- send_!O4( O, O, MAC(Zr, Gi, g(r)) );
-
- }
-#undef Gi
-#undef Gr
-}
-
-// It is not specified how the session key is derived from the ephemeral DH
-// secret Z; we use KDF(Z).
-protocol sts-mac(I, R)
-{
- role I {
- fresh i: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, g(i) );
- recv_!2( R, I, Gr, {Gr, g(i)}sk(R), MAC(Zi, Gr, g(i)) );
- send_!3( I, R, {g(i), Gr}sk(I), MAC(Zi, g(i), Gr) );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
-
- }
-
- role R {
- fresh r: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Gi );
- send_!2( R, I, Gi, {g(r), Gi}sk(R), MAC(Zr, g(r), Gi) );
- recv_!3( I, R, {Gi, g(r)}sk(I), MAC(Zr, Gi, g(r)) );
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
-
- claim( R, Alive );
- claim( R, Weakagree );
-
- }
-}
\ No newline at end of file
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/sts-mac.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/sts-mac.spdl
deleted file mode 100644
index 09c583b7bd3fa51dfb2a73564ea95416dc2b70ac..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/sts-mac.spdl
+++ /dev/null
@@ -1,112 +0,0 @@
-# 1 "sts-mac.cpp"
-# 1 "<command-line>"
-# 1 "sts-mac.cpp"
-# 16 "sts-mac.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-# 94 "common.h"
-hashfunction MAC;
-
-
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, KDF(h(g(r),i)) );
- send_!SWAP2( SWAP, SWAP, KDF(h(g(i),r)) );
-
- }
-
-
-}
-# 17 "sts-mac.cpp" 2
-
-
-
-
-
-
-
-protocol @executability(O) {
-
-
- role O {
- var i, r: Nonce;
-
-
- recv_!O1( O, O, MAC(h(g(i),r), g(r), g(i)) );
- send_!O2( O, O, MAC(h(g(r),i), g(r), g(i)) );
-
-
- recv_!O3( O, O, MAC(h(g(r),i), g(i), g(r)) );
- send_!O4( O, O, MAC(h(g(i),r), g(i), g(r)) );
-
- }
-
-
-}
-
-
-
-protocol sts-mac(I, R)
-{
- role I {
- fresh i: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, g(i) );
- recv_!2( R, I, Gr, {Gr, g(i)}sk(R), MAC(h(Gr,i), Gr, g(i)) );
- send_!3( I, R, {g(i), Gr}sk(I), MAC(h(Gr,i), g(i), Gr) );
-
-
- claim( I, SKR, KDF(h(Gr,i)) );
-
- claim( I, Alive );
- claim( I, Weakagree );
-
- }
-
- role R {
- fresh r: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Gi );
- send_!2( R, I, Gi, {g(r), Gi}sk(R), MAC(h(Gi,r), g(r), Gi) );
- recv_!3( I, R, {Gi, g(r)}sk(I), MAC(h(Gi,r), Gi, g(r)) );
-
-
- claim( R, SKR, KDF(h(Gi,r)) );
-
- claim( R, Alive );
- claim( R, Weakagree );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/sts-main.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/sts-main.cpp
deleted file mode 100644
index b95d30660c5dd6ea65619e864d559cf615d6dfcd..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/sts-main.cpp
+++ /dev/null
@@ -1,79 +0,0 @@
-/** HEADDOC
- * @protocol Station-to-Station Protocol (STS)
- * @reference Diffie W., van Oorschot P. C., and Wiener M. J.,
- * Authentication and authenticated key exchange,
- * Boyd C. and Mathuria A., Protocols for Authentication and
- * Key Agreement
- * @description STS adds a digital signaure to the exchanged messages to
- * provide authentication for the Diffie-Hellman protocol. In
- * addition, the shared secret is used to provide further
- * assurances.
-**/
-
-#define __STS__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-/**
- * This role serves as an "oracle" to ensure the executability of the
- * protocol by taking care of the problems that arise from our way of
- * modelling Diffie-Hellman keys.
- */
-protocol @executability(O) {
-#define Gi g(i)
-#define Gr g(r)
- role O {
- var i, r: Nonce;
- var I, R: Agent;
-
- // msg 2
- recv_!O1( O, O, {{g(r), Gi}sk(R)}SKr );
- send_!O2( O, O, {{g(r), Gi}sk(R)}SKi );
-
- // msg 3
- recv_!O3( O, O, {{g(i), Gr}sk(I)}SKi );
- send_!O4( O, O, {{g(i), Gr}sk(I)}SKr );
-
- }
-#undef Gi
-#undef Gr
-}
-
-
-// It is not specified how the session key is derived from the ephemeral DH
-// secret Z; we use KDF(Z).
-protocol sts-main(I, R)
-{
- role I {
- fresh i: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, g(i) );
- recv_!2( R, I, Gr, {{Gr, g(i)}sk(R)}SKi );
- send_!3( I, R, {{g(i), Gr}sk(I)}SKi );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
-
- }
-
- role R {
- fresh r: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Gi );
- send_!2( R, I, g(r), {{g(r), Gi}sk(R)}SKr );
- recv_!3( I, R, {{Gi, g(r)}sk(I)}SKr );
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
-
- claim( R, Alive );
- claim( R, Weakagree );
-
- }
-}
\ No newline at end of file
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/sts-main.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/sts-main.spdl
deleted file mode 100644
index 4cfb76ca7e2aa619433953010d6a7827ce67c46b..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/sts-main.spdl
+++ /dev/null
@@ -1,114 +0,0 @@
-# 1 "sts-main.cpp"
-# 1 "<command-line>"
-# 1 "sts-main.cpp"
-# 15 "sts-main.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-# 94 "common.h"
-hashfunction MAC;
-
-
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, KDF(h(g(r),i)) );
- send_!SWAP2( SWAP, SWAP, KDF(h(g(i),r)) );
-
- }
-
-
-}
-# 16 "sts-main.cpp" 2
-
-
-
-
-
-
-
-protocol @executability(O) {
-
-
- role O {
- var i, r: Nonce;
- var I, R: Agent;
-
-
- recv_!O1( O, O, {{g(r), g(i)}sk(R)}KDF(h(g(i),r)) );
- send_!O2( O, O, {{g(r), g(i)}sk(R)}KDF(h(g(r),i)) );
-
-
- recv_!O3( O, O, {{g(i), g(r)}sk(I)}KDF(h(g(r),i)) );
- send_!O4( O, O, {{g(i), g(r)}sk(I)}KDF(h(g(i),r)) );
-
- }
-
-
-}
-
-
-
-
-protocol sts-main(I, R)
-{
- role I {
- fresh i: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, g(i) );
- recv_!2( R, I, Gr, {{Gr, g(i)}sk(R)}KDF(h(Gr,i)) );
- send_!3( I, R, {{g(i), Gr}sk(I)}KDF(h(Gr,i)) );
-
-
- claim( I, SKR, KDF(h(Gr,i)) );
-
- claim( I, Alive );
- claim( I, Weakagree );
-
- }
-
- role R {
- fresh r: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Gi );
- send_!2( R, I, g(r), {{g(r), Gi}sk(R)}KDF(h(Gi,r)) );
- recv_!3( I, R, {{Gi, g(r)}sk(I)}KDF(h(Gi,r)) );
-
-
- claim( R, SKR, KDF(h(Gi,r)) );
-
- claim( R, Alive );
- claim( R, Weakagree );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/sts-modified.cpp b/Vagrant Files/shared/scyther/Protocols/IKE/sts-modified.cpp
deleted file mode 100644
index 458a042a58b69b03edd3f3b62b04b833dbc5c433..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/sts-modified.cpp
+++ /dev/null
@@ -1,55 +0,0 @@
-/** HEADDOC
- * @protocol Station-to-Station Protocol (STS)
- * @reference Diffie W., van Oorschot P. C., and Wiener M. J.,
- * Authentication and authenticated key exchange,
- * Boyd C. and Mathuria A., Protocols for Authentication and
- * Key Agreement
- * @description STS adds a diGital signaure to the exchanged messages to
- * provide authentication for the Diffie-Hellman protocol. In
- * addition, the shared secret is used to provide further
- * assurances.
- * @variant Variant proposed by Boyd et al to prevent unknown key-share
- * attacks.
-**/
-
-#define __STS__
-#ifndef __ORACLE__
-#include "common.h"
-#endif
-
-// It is not specified how the session key is derived from the ephemeral DH
-// secret Z; we use KDF(Z).
-protocol sts-modified(I, R)
-{
- role I {
- fresh i: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, g(i) );
- recv_2( R, I, Gr, {Gr, g(i), I}sk(R) );
- send_3( I, R, {g(i), Gr, R}sk(I) );
-
- /* SECURITY CLAIMS */
- claim( I, SKR, SKi );
-
- claim( I, Alive );
- claim( I, Weakagree );
-
- }
-
- role R {
- fresh r: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Gi );
- send_2( R, I, g(r), {g(r), Gi, I}sk(R) );
- recv_3( I, R, {Gi, g(r), R}sk(I) );
-
- /* SECURITY CLAIMS */
- claim( R, SKR, SKr );
-
- claim( R, Alive );
- claim( R, Weakagree );
-
- }
-}
\ No newline at end of file
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/sts-modified.spdl b/Vagrant Files/shared/scyther/Protocols/IKE/sts-modified.spdl
deleted file mode 100644
index 660d068d8beeba783ff26fdb0633a773901ff2e0..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/sts-modified.spdl
+++ /dev/null
@@ -1,88 +0,0 @@
-# 1 "sts-modified.cpp"
-# 1 "<command-line>"
-# 1 "sts-modified.cpp"
-# 17 "sts-modified.cpp"
-# 1 "common.h" 1
-
-
-
-
- hashfunction prf, KDF;
-
-
-
-
-
-
-hashfunction g, h;
-# 94 "common.h"
-hashfunction MAC;
-
-
-protocol @oracle (DH, SWAP) {
-
-
-
-
-
-
-
- role DH {
- var i, r: Nonce;
-
- recv_!DH1( DH, DH, h(g(r),i) );
- send_!DH2( DH, DH, h(g(i),r) );
- }
-
-
-
-
- role SWAP {
- var i, r, Ni, Nr: Nonce;
-# 150 "common.h"
- recv_!SWAP1( SWAP, SWAP, KDF(h(g(r),i)) );
- send_!SWAP2( SWAP, SWAP, KDF(h(g(i),r)) );
-
- }
-
-
-}
-# 18 "sts-modified.cpp" 2
-
-
-
-
-protocol sts-modified(I, R)
-{
- role I {
- fresh i: Nonce;
- var Gr: Ticket;
-
- send_1( I, R, g(i) );
- recv_2( R, I, Gr, {Gr, g(i), I}sk(R) );
- send_3( I, R, {g(i), Gr, R}sk(I) );
-
-
- claim( I, SKR, KDF(h(Gr,i)) );
-
- claim( I, Alive );
- claim( I, Weakagree );
-
- }
-
- role R {
- fresh r: Nonce;
- var Gi: Ticket;
-
- recv_1( I, R, Gi );
- send_2( R, I, g(r), {g(r), Gi, I}sk(R) );
- recv_3( I, R, {Gi, g(r), R}sk(I) );
-
-
- claim( R, SKR, KDF(h(Gi,r)) );
-
- claim( R, Alive );
- claim( R, Weakagree );
-
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/verify.sh b/Vagrant Files/shared/scyther/Protocols/IKE/verify.sh
deleted file mode 100644
index 44f2b619b55d044267edded5535bebc576e72f22..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/verify.sh
+++ /dev/null
@@ -1,149 +0,0 @@
-#############################################################################
-#
-# NAME
-# verify - batch protocol verifier script for scyther
-#
-# SYNOPSIS
-# ./verify.sh [option]... [file]...
-#
-# DESCRIPTION
-# Verify protocol specifications using scyther.
-#
-# OPTIONS
-#
-# -d Debug mode [false]
-# -e Execution environment [cluster]
-# -h Help
-# -i Skip attack patterns of the form Alice talking to Alice
-# -l lower bound of claims to check [1]
-# -m Adversary-compromise model [ext]
-# -o Output directory (attack graphs) [./graphs/]
-# -r number of runs [6]
-# -t timeout in s
-# -u upper bound of claims to check [1]
-#
-# EXAMPLE
-# ./verify.sh -m br -o . *.spdl
-#
-#############################################################################
-
-
-#!/bin/bash
-
-# Default values
-CLAIM[0]=1
-CLAIM[1]=1
-DEBUG=false
-ENV='cluster'
-FILES="*.spdl"
-INITUNIQUE=
-MODEL='ext'
-OUTDIR='./graphs'
-RUNS='-r 6'
-SCYTHER='../scyther/Scyther/scyther-linux'
-TIMEOUT=
-
-# Adversary-compromise models
-# EXT
-MODELS[0]=
-# INT
-MODELS[1]='--LKRothers 1'
-# CA
-MODELS[2]='--LKRactor 1'
-# AF
-MODELS[3]='--LKRafter 1'
-# AFC
-MODELS[4]='--LKRaftercorrect 1'
-# BR
-MODELS[5]='--LKRothers 1 --SKR 1 --SKRinfer' # (inferred session keys)
-MODELS[6]='--LKRothers 1 --SKR 1'
-# CKw
-MODELS[7]='--LKRothers 1 --LKRactor 1 --LKRaftercorrect 1 --SKR 1 --SKRinfer --SSR 1'
-MODELS[8]='--LKRothers 1 --LKRactor 1 --LKRaftercorrect 1 --SKR 1 --SSR 1'
-# CK
-MODELS[9]='--LKRothers 1 --LKRafter 1 --LKRaftercorrect 1 --SKR 1 --SKRinfer --SSR 1'
-MODELS[10]='--LKRothers 1 --LKRafter 1 --LKRaftercorrect 1 --SKR 1 --SSR 1'
-# eCK-1
-MODELS[11]='--LKRothers 1 --SKR 1 --SKRinfer --RNR 1'
-MODELS[12]='--LKRothers 1 --SKR 1 --RNR 1'
-# eCK-2
-MODELS[13]='--LKRothers 1 --LKRactor 1 --LKRaftercorrect 1 --SKR 1 --SKRinfer'
-MODELS[14]='--LKRothers 1 --LKRactor 1 --LKRaftercorrect 1 --SKR 1'
-
-
-# Parse command line arguments
-while getopts “de:hil:m:o:r:t:u:” FLAG;
-do
- case $FLAG in
- d) DEBUG=true;;
- e) ENV=$OPTARG;;
- i) INITUNIQUE='--init-unique';;
- l) CLAIM[0]=$OPTARG;;
- m) MODEL=$OPTARG;;
- o) OUTDIR=$OPTARG;;
- r) RUNS="-r $OPTARG";;
- t) TIMEOUT="-T $OPTARG";;
- u) CLAIM[1]=$OPTARG;;
- h|?)
- printf "Usage: %s: [-l num][-u num][-d][-e [cluster|remote|local]][-h][-m model][-o value][-r num][-t sec]file[...]\n" $(basename $0) >&2
- exit 1;;
- esac
-done
-shift $(($OPTIND - 1))
-
-# Remaining arguments treated as specification files
-if [ -n "$*" ]; then
- FILES="$*"
- # mkdir -p "$OUTDIR$TSTAMP"
-fi
-
-
-# Parse model identifiers
-mflags=
-case $MODEL in
- int) mflags=${MODELS[1]};;
- ca) mflags=${MODELS[2]};;
- af) mflags=${MODELS[3]};;
- afc) mflags=${MODELS[4]};;
- bri) mflags=${MODELS[5]};;
- br) mflags=${MODELS[6]};;
- ckwi) mflags=${MODELS[7]};;
- ckw) mflags=${MODELS[8]};;
- cki) mflags=${MODELS[9]};;
- ck) mflags=${MODELS[10]};;
- eck1i) mflags=${MODELS[11]};;
- eck1) mflags=${MODELS[12]};;
- eck2i) mflags=${MODELS[13]};;
- eck2) mflags=${MODELS[14]};;
-esac
-
-
-# Verify
-for file in $FILES;
-do
- EXT=`echo "$file" | sed 's/^.*\.//'`
- if [ "$EXT" == 'spdl' ]; then
- # Extract protocol name
- tmp=`basename $file .spdl`
- p=`basename $tmp .pp`
-
- # Execute scyther for selected models and claim
- for (( c=${CLAIM[0]}; c<=${CLAIM[1]}; c++ ));
- do
- init="$SCYTHER $TIMEOUT --force-regular $INITUNIQUE $RUNS $mflags $file -d -o $OUTDIR/${p}_adv-${MODEL}_I$c.dot --filter=$p,I$c"
- resp="$SCYTHER $TIMEOUT --force-regular $INITUNIQUE $RUNS $mflags $file -d -o $OUTDIR/${p}_adv-${MODEL}_R$c.dot --filter=$p,R$c"
- if $DEBUG; then
- echo $init
- echo $resp
- elif [ $ENV = "cluster" ]; then
- bsub -W 08:00 -R "rusage[mem=4096]" $init
- bsub -W 08:00 -R "rusage[mem=4096]" $resp
- else # $ENV = local
- time $init
- time $resp
- fi
- done
- else
- printf "WARNING: %s could not be processed." $file
- fi
-done
diff --git a/Vagrant Files/shared/scyther/Protocols/IKE/verify_all.sh b/Vagrant Files/shared/scyther/Protocols/IKE/verify_all.sh
deleted file mode 100644
index 0cad2f655dcce8da95e9242b56b4c8304eb0c3b7..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/IKE/verify_all.sh
+++ /dev/null
@@ -1,20 +0,0 @@
-#!/bin/bash
-
-if [ -n "$*" ]; then
- FILES="$*"
- ./verify.sh -i -r 4 -l 1 -u 3 -e remote $FILES
- ./verify.sh -i -r 4 -l 1 -u 3 -e remote -m int $FILES
- ./verify.sh -i -r 4 -l 1 -u 3 -e remote -m ca $FILES
- ./verify.sh -i -r 4 -l 1 -u 3 -e remote -m afc $FILES
- ./verify.sh -i -r 4 -l 1 -u 3 -e remote -m af $FILES
- ./verify.sh -i -r 4 -l 1 -u 3 -e remote -m br $FILES
- ./verify.sh -i -r 4 -l 1 -u 3 -e remote -m bri $FILES
- ./verify.sh -i -r 4 -l 1 -u 3 -e remote -m ckw $FILES
- ./verify.sh -i -r 4 -l 1 -u 3 -e remote -m ckwi $FILES
- ./verify.sh -i -r 4 -l 1 -u 3 -e remote -m ck $FILES
- ./verify.sh -i -r 4 -l 1 -u 3 -e remote -m cki $FILES
- ./verify.sh -i -r 4 -l 1 -u 3 -e remote -m eck1 $FILES
- ./verify.sh -i -r 4 -l 1 -u 3 -e remote -m eck1i $FILES
- ./verify.sh -i -r 4 -l 1 -u 3 -e remote -m eck2 $FILES
- ./verify.sh -i -r 4 -l 1 -u 3 -e remote -m eck2i $FILES
-fi
diff --git a/Vagrant Files/shared/scyther/Protocols/ISO-9798/Makefile b/Vagrant Files/shared/scyther/Protocols/ISO-9798/Makefile
deleted file mode 100644
index e0a1179337a6a2cad3c23ca6b5cad28b02ef8c2a..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/ISO-9798/Makefile
+++ /dev/null
@@ -1,16 +0,0 @@
-
-outputs= isoiec-9798-3-6-1.spdl isoiec-9798-3-6-2.spdl \
- isoiec-9798-3-7-1.spdl isoiec-9798-3-7-2.spdl
-
-all: $(outputs)
-
-isoiec-9798-3-6-%.spdl: isoiec-9798-3-6-%.cpp isoiec-9798-3-6.template
- cpp -C -P $< >$@
-
-isoiec-9798-3-7-%.spdl: isoiec-9798-3-7-%.cpp isoiec-9798-3-7.template
- cpp -C -P $< >$@
-
-clean:
- \rm -f $(outputs)
-
-
diff --git a/Vagrant Files/shared/scyther/Protocols/ISO-9798/iso25-tag.spdl b/Vagrant Files/shared/scyther/Protocols/ISO-9798/iso25-tag.spdl
deleted file mode 100644
index a97164b55fb7d6aff4c72839cd56bd59777ad6bc..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/ISO-9798/iso25-tag.spdl
+++ /dev/null
@@ -1,78 +0,0 @@
-/*
- * Modeled from ISO/IEC 9798
- * Modeler: Cas Cremers, Dec. 2010
- *
- * symmetric
- * ttp
- * four-pass
- * mutual
- *
- * Modeling notes:
- * - The use of TNb in message 4, as specified by the ISO standard, is
- * different from other models, in which it was TNa.
- */
-usertype SessionKey;
-usertype Tag;
-
-const t1,t2a,t2b,t3,t4,t5: Tag;
-
-protocol isoiec-9798-2-5(A,B,P)
-{
- role A
- {
- fresh TVPa: Nonce;
- var T: Ticket;
- fresh TNa: Nonce;
- var TNb: Nonce;
- var Kab: SessionKey;
- fresh Text1,Text5,Text6: Ticket;
- var Text3,Text4,Text7,Text8: Ticket;
-
- send_1(A,P, TVPa, B, Text1);
- recv_2(P,A, Text4, { t2a, TVPa, Kab, B, Text3 }k(A,P), T );
- claim(A,Running,B,Kab,Text5);
- send_3(A,B, Text6, T, { t3, TNa, B, Text5 }Kab );
- recv_4(B,A, Text8, { t4, TNb, A, Text7 }Kab );
-
- claim(A,Commit,B,Kab,Text5,Text7);
- claim(A,Secret,Kab);
- claim(A,Secret,Text5);
- claim(A,Secret,Text7);
- claim(A,Alive);
- claim(A,Weakagree);
- }
- role B
- {
- var TNp: Nonce;
- var TNa: Nonce;
- fresh TNb: Nonce;
- var Kab: SessionKey;
- fresh Text7,Text8: Ticket;
- var Text2,Text5,Text6: Ticket;
-
- recv_3(A,B, Text6, { t2b, TNp, Kab, A, Text2 }k(B,P), {
- t3, TNa, B, Text5 }Kab );
- claim(B,Running,A,Kab,Text5,Text7);
- send_4(B,A, Text8, { t4, TNb, A, Text7 }Kab );
-
- claim(B,Commit,A,Kab,Text5);
- claim(B,Secret,Kab);
- claim(B,Secret,Text5);
- claim(B,Secret,Text7);
- claim(B,Alive);
- claim(B,Weakagree);
- }
- role P
- {
- var TVPa: Nonce;
- fresh TNp: Nonce;
- fresh Kab: SessionKey;
- fresh Text2,Text3,Text4: Ticket;
- var Text1: Ticket;
-
- recv_1(A,P, TVPa, B, Text1);
- send_2(P,A, Text4, { t2a, TVPa, Kab, B, Text3 }k(A,P),
- { t2b, TNp, Kab, A, Text2 }k(B,P) );
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/ISO-9798/iso26-tag.spdl b/Vagrant Files/shared/scyther/Protocols/ISO-9798/iso26-tag.spdl
deleted file mode 100644
index ced5d0259ee01c6e84f3b38eec40bfc35aaf7806..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/ISO-9798/iso26-tag.spdl
+++ /dev/null
@@ -1,95 +0,0 @@
-/*
- * Modeled from ISO/IEC 9798
- * Modeler: Cas Cremers, Dec. 2010
- *
- * symmetric
- * ttp
- * five-pass
- * mutual
- *
- * MPA Attack reported by Mathuria:
- * - Type flaw MPA when in parallel with Abadi-Needham protocol.
- *
- */
-usertype Tag;
-
-const t1,t2,t3,t4,t5: Tag;
-
-protocol isoiec-9798-2-6-tag(A,B,P)
-{
- role A
- {
- var Rb: Nonce;
- fresh Ra,Rpa: Nonce;
- var Kab: SessionKey;
- var T: Ticket;
- fresh Text2,Text6,Text7: Ticket;
- var Text1,Text4,Text5,Text8,Text9: Ticket;
-
- recv_1(B,A, Rb, Text1);
- send_2(A,P, Ra, Rb, B, Text2);
- recv_3(P,A, Text5, {t1, Ra,Kab,B,Text4}k(A,P), T );
- claim(A,Running,B,Kab,Text6);
- send_4(A,B, Text7, T, {t3,Rpa,Rb,Text6}Kab );
- recv_5(B,A, Text9, {t4,Rb,Rpa,Text8}Kab );
-
- claim(A,Commit,B,Kab,Text6,Text8);
- claim(A,Secret,Kab);
- claim(A,Secret,Text6);
- claim(A,Secret,Text8);
- claim(A,Alive);
- claim(A,Weakagree);
- }
- role B
- {
- fresh Rb: Nonce;
- var Rpa: Nonce;
- var Kab: SessionKey;
- fresh Text1,Text8,Text9: Ticket;
- var Text3,Text6,Text7: Ticket;
-
- send_1(B,A, Rb, Text1);
- recv_4(A,B, Text7, {t2,Rb,Kab,A,Text3}k(B,P), {t3,Rpa,Rb,Text6}Kab );
- claim(B,Running,A,Kab,Text6,Text8);
- send_5(B,A, Text9, {t4,Rb,Rpa,Text8}Kab );
-
- claim(B,Commit,A,Kab,Text6);
- claim(B,Secret,Kab);
- claim(B,Secret,Text6);
- claim(B,Secret,Text8);
- claim(B,Alive);
- claim(B,Weakagree);
- }
- role P
- {
- var Ra, Rb: Nonce;
- fresh Kab: SessionKey;
- fresh Text3,Text4,Text5: Ticket;
- var Text2: Ticket;
-
- recv_2(A,P, Ra, Rb, B, Text2);
- send_3(P,A, Text5, {t1,Ra,Kab,B,Text4}k(A,P),
- {t2,Rb,Kab,A,Text3}k(B,P) );
- }
-}
-
-protocol @keysymm26(A,B,P)
-{
- role A
- {
- var TVPN: Nonce;
- var Kab: SessionKey;
- var Text: Ticket;
- var Tag: Ticket;
-
- recv_!1(B,A, { Tag,TVPN, Kab, B, Text }k(P,A) );
- send_!2(A,B, { Tag,TVPN, Kab, B, Text }k(A,P) );
- }
- role B
- {
- }
- role P
- {
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-2-1-udkey.spdl b/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-2-1-udkey.spdl
deleted file mode 100644
index e1f8be609a90fde6cc1c531a344932d598b1086f..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-2-1-udkey.spdl
+++ /dev/null
@@ -1,35 +0,0 @@
-/*
- * Modeled from ISO/IEC 9798
- * Modeler: Cas Cremers, Dec. 2010
- *
- * symmetric
- * one-pass
- * unilateral
- *
- * Note: the identity B may be ommitted, if
- * (a) the environment disallows such attacks, or
- * (b) a unidirectional key is used
- */
-protocol isoiec-9798-2-1-udkey(A,B)
-{
- role A
- {
- fresh TNA: Nonce;
- fresh Text1,Text2: Ticket;
-
- claim(A,Running,B,TNA,Text1);
- send_1(A,B, Text2, { TNA, Text1 }k(A,B) );
- }
- role B
- {
- var TNA: Nonce;
- var Text1,Text2: Ticket;
-
- recv_1(A,B, Text2, { TNA, Text1 }k(A,B) );
-
- claim(B,Commit,A,TNA,Text1);
- claim(B,Alive);
- claim(B,Weakagree);
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-2-1.spdl b/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-2-1.spdl
deleted file mode 100644
index 0d47be3137db77fd9bc6a89bcfd1c3cdb6ea932c..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-2-1.spdl
+++ /dev/null
@@ -1,55 +0,0 @@
-/*
- * Modeled from ISO/IEC 9798
- * Modeler: Cas Cremers, Dec. 2010
- *
- * symmetric
- * one-pass
- * unilateral
- *
- * Note: the identity B may be ommitted, if
- * (a) the environment disallows such attacks, or
- * (b) a unidirectional key is used
- */
-protocol @keysymm-21(A,B)
-{
- role A
- {
- var T: Nonce;
- var Text: Ticket;
-
- recv_!1(B,A, { T, A, Text }k(A,B) );
- send_!2(A,B, { T, A, Text }k(B,A) );
- }
- role B
- {
- var T: Nonce;
- var Text: Ticket;
-
- recv_!3(A,B, { T, B, Text }k(A,B) );
- send_!4(B,A, { T, B, Text }k(B,A) );
- }
-}
-
-protocol isoiec-9798-2-1(A,B)
-{
- role A
- {
- fresh TNA: Nonce;
- fresh Text1,Text2: Ticket;
-
- claim(A,Running,B,TNA,Text1);
- send_1(A,B, Text2, { TNA, B, Text1 }k(A,B) );
- }
- role B
- {
- var TNA: Nonce;
- var Text1,Text2: Ticket;
-
- recv_1(A,B, Text2, { TNA, B, Text1 }k(A,B) );
-
- claim(B,Commit,A,TNA,Text1);
- claim(B,Alive);
- claim(B,Weakagree);
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-2-2-udkey.spdl b/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-2-2-udkey.spdl
deleted file mode 100644
index 314aa8e820366bd1d122fdac1b5bd1d572d36840..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-2-2-udkey.spdl
+++ /dev/null
@@ -1,40 +0,0 @@
-/*
- * Modeled from ISO/IEC 9798
- * Modeler: Cas Cremers, Dec. 2010
- *
- * symmetric
- * two-pass
- * unilateral
- *
- * Note: the identity A may be ommitted, if
- * (a) the environment disallows such attacks, or
- * (b) a unidirectional key is used
- *
- */
-protocol isoiec-9798-2-2-udkey(A,B)
-{
- role A
- {
- var RB: Nonce;
- var Text1: Ticket;
- fresh Text2,Text3: Ticket;
-
- recv_1(B,A, RB,Text1 );
- claim(A,Running,B,RB,Text2);
- send_2(A,B, Text3, { RB, Text2 }k(B,A) );
- }
- role B
- {
- fresh RB: Nonce;
- fresh Text1: Ticket;
- var Text2,Text3: Ticket;
-
- send_1(B,A, RB,Text1 );
- recv_2(A,B, Text3, { RB, Text2 }k(B,A) );
-
- claim(B,Commit,A,RB,Text2);
- claim(B,Alive);
- claim(B,Weakagree);
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-2-2.spdl b/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-2-2.spdl
deleted file mode 100644
index fc1ae687bac0b7618131dfcd76bcd226cd88ecf0..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-2-2.spdl
+++ /dev/null
@@ -1,59 +0,0 @@
-/*
- * Modeled from ISO/IEC 9798
- * Modeler: Cas Cremers, Dec. 2010
- *
- * symmetric
- * two-pass
- * unilateral
- *
- * Note: the identity A may be ommitted, if
- * (a) the environment disallows such attacks, or
- * (b) a unidirectional key is used
- */
-protocol @keysymm-22(A,B)
-{
- role A
- {
- var T: Nonce;
- var Text: Ticket;
-
- recv_!1(B,A, { T, A, Text }k(A,B) );
- send_!2(A,B, { T, A, Text }k(B,A) );
- }
- role B
- {
- var T: Nonce;
- var Text: Ticket;
-
- recv_!3(A,B, { T, B, Text }k(A,B) );
- send_!4(B,A, { T, B, Text }k(B,A) );
- }
-}
-
-protocol isoiec-9798-2-2(A,B)
-{
- role A
- {
- var RB: Nonce;
- var Text1: Ticket;
- fresh Text2,Text3: Ticket;
-
- recv_1(B,A, RB,Text1 );
- claim(A,Running,B,RB,Text2);
- send_2(A,B, Text3, { RB, B, Text2 }k(B,A) );
- }
- role B
- {
- fresh RB: Nonce;
- fresh Text1: Ticket;
- var Text2,Text3: Ticket;
-
- send_1(B,A, RB,Text1 );
- recv_2(A,B, Text3, { RB, B, Text2 }k(B,A) );
-
- claim(B,Commit,A,RB,Text2);
- claim(B,Alive);
- claim(B,Weakagree);
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-2-3-udkey.spdl b/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-2-3-udkey.spdl
deleted file mode 100644
index 9fddf6915a561d4ba8ff6c7831755e96dc2fe01d..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-2-3-udkey.spdl
+++ /dev/null
@@ -1,49 +0,0 @@
-/*
- * Modeled from ISO/IEC 9798
- * Modeler: Cas Cremers, Dec. 2010
- *
- * symmetric
- * two-pass
- * mutual
- *
- * Note: the identity inside the encryption may be ommitted, if
- * (a) the environment disallows such attacks, or
- * (b) a unidirectional key is used
- *
- * In case (b), modeled here, the second key is reversed.
- *
- */
-protocol isoiec-9798-2-3-udkey(A,B)
-{
- role A
- {
- fresh TNA: Nonce;
- var TNB: Nonce;
- fresh Text1,Text2: Ticket;
- var Text3,Text4: Ticket;
-
- claim(A,Running,B,TNA,Text1);
- send_1(A,B, Text2, { TNA, Text1 }k(A,B) );
- recv_2(B,A, Text4, { TNB, Text3 }k(B,A) );
-
- claim(A,Commit,B,TNB,Text3);
- claim(A,Alive);
- claim(A,Weakagree);
- }
- role B
- {
- var TNA: Nonce;
- fresh TNB: Nonce;
- var Text1,Text2: Ticket;
- fresh Text3,Text4: Ticket;
-
- recv_1(A,B, Text2, { TNA, Text1 }k(A,B) );
- claim(B,Running,A,TNB,Text3);
- send_2(B,A, Text4, { TNB, Text3 }k(B,A) );
-
- claim(B,Commit,A,TNA,Text1);
- claim(B,Alive);
- claim(B,Weakagree);
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-2-3.spdl b/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-2-3.spdl
deleted file mode 100644
index 6f2f86ba77ac32907fd3f35a682dbdc5e92a59df..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-2-3.spdl
+++ /dev/null
@@ -1,67 +0,0 @@
-/*
- * Modeled from ISO/IEC 9798
- * Modeler: Cas Cremers, Dec. 2010
- *
- * symmetric
- * two-pass
- * mutual
- *
- * Note: the identity inside the encryption may be ommitted, if
- * (a) the environment disallows such attacks, or
- * (b) a unidirectional key is used
- *
- */
-protocol @keysymm-23(A,B)
-{
- role A
- {
- var T: Nonce;
- var Text: Ticket;
-
- recv_!1(B,A, { T, A, Text }k(A,B) );
- send_!2(A,B, { T, A, Text }k(B,A) );
- }
- role B
- {
- var T: Nonce;
- var Text: Ticket;
-
- recv_!3(A,B, { T, B, Text }k(A,B) );
- send_!4(B,A, { T, B, Text }k(B,A) );
- }
-}
-
-protocol isoiec-9798-2-3(A,B)
-{
- role A
- {
- fresh TNA: Nonce;
- var TNB: Nonce;
- fresh Text1,Text2: Ticket;
- var Text3,Text4: Ticket;
-
- claim(A,Running,B,TNA,Text1);
- send_1(A,B, Text2, { TNA, B, Text1 }k(A,B) );
- recv_2(B,A, Text4, { TNB, A, Text3 }k(A,B) );
-
- claim(A,Commit,B,TNB,Text3);
- claim(A,Alive);
- claim(A,Weakagree);
- }
- role B
- {
- var TNA: Nonce;
- fresh TNB: Nonce;
- var Text1,Text2: Ticket;
- fresh Text3,Text4: Ticket;
-
- recv_1(A,B, Text2, { TNA, B, Text1 }k(A,B) );
- claim(B,Running,A,TNB,Text3);
- send_2(B,A, Text4, { TNB, A, Text3 }k(A,B) );
-
- claim(B,Commit,A,TNA,Text1);
- claim(B,Alive);
- claim(B,Weakagree);
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-2-4-udkey.spdl b/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-2-4-udkey.spdl
deleted file mode 100644
index 28694defb93c3fd31861f1594363bfe4915b0243..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-2-4-udkey.spdl
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * Modeled from ISO/IEC 9798
- * Modeler: Cas Cremers, Dec. 2010
- *
- * symmetric
- * three-pass
- * mutual
- *
- * Note: the identity inside the encryption may be ommitted, if
- * (a) the environment disallows such attacks, or
- * (b) a unidirectional key is used
- *
- * In case (b), modeled here, the second key is reversed.
- */
-protocol isoiec-9798-2-4-udkey(A,B)
-{
- role A
- {
- var RB: Nonce;
- fresh RA: Nonce;
- var Text1,Text4,Text5: Ticket;
- fresh Text2,Text3: Ticket;
-
- recv_1(B,A, RB,Text1 );
- claim(A,Running,B,RA,RB,Text2);
- send_2(A,B, Text3, { RA, RB, Text2 }k(A,B) );
- recv_3(B,A, Text5, { RB, RA, Text4 }k(B,A) );
-
- claim(A,Commit,B,RA,RB,Text2,Text4);
- claim(A,Alive);
- claim(A,Weakagree);
- }
- role B
- {
- fresh RB: Nonce;
- var RA: Nonce;
- fresh Text1,Text4,Text5: Ticket;
- var Text2,Text3: Ticket;
-
- send_1(B,A, RB,Text1 );
- recv_2(A,B, Text3, { RA, RB, Text2 }k(A,B) );
- claim(B,Running,A,RA,RB,Text2,Text4);
- send_3(B,A, Text5, { RB, RA, Text4 }k(B,A) );
-
- claim(B,Commit,A,RA,RB,Text2);
- claim(B,Alive);
- claim(B,Weakagree);
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-2-4.spdl b/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-2-4.spdl
deleted file mode 100644
index 5d709c061df7f53209dc15892d37b5b35465ac8e..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-2-4.spdl
+++ /dev/null
@@ -1,88 +0,0 @@
-/*
- * Modeled from ISO/IEC 9798
- * Modeler: Cas Cremers, Dec. 2010
- *
- * symmetric
- * three-pass
- * mutual
- *
- * Note: the identity inside the encryption may be ommitted, if
- * (a) the environment disallows such attacks, or
- * (b) a unidirectional key is used
- */
-protocol @keysymm-24a(A,B)
-{
- role A
- {
- var T1,T2: Nonce;
- var Text: Ticket;
-
- recv_!1(B,A, { T1, T2, A, Text }k(A,B) );
- send_!2(A,B, { T1, T2, A, Text }k(B,A) );
- }
- role B
- {
- var T1,T2: Nonce;
- var Text: Ticket;
-
- recv_!3(A,B, { T1, T2, B, Text }k(A,B) );
- send_!4(B,A, { T1, T2, B, Text }k(B,A) );
- }
-}
-
-protocol @keysymm-24b(A,B)
-{
- role A
- {
- var T1,T2: Nonce;
- var Text: Ticket;
-
- recv_!1(B,A, { T1, T2, Text }k(A,B) );
- send_!2(A,B, { T1, T2, Text }k(B,A) );
- }
- role B
- {
- var T1,T2: Nonce;
- var Text: Ticket;
-
- recv_!3(A,B, { T1, T2, Text }k(A,B) );
- send_!4(B,A, { T1, T2, Text }k(B,A) );
- }
-}
-
-protocol isoiec-9798-2-4(A,B)
-{
- role A
- {
- var RB: Nonce;
- fresh RA: Nonce;
- var Text1,Text4,Text5: Ticket;
- fresh Text2,Text3: Ticket;
-
- recv_1(B,A, RB,Text1 );
- claim(A,Running,B,RA,RB,Text2);
- send_2(A,B, Text3, { RA, RB, B, Text2 }k(A,B) );
- recv_3(B,A, Text5, { RB, RA, Text4 }k(A,B) );
-
- claim(A,Commit,B,RA,RB,Text2,Text4);
- claim(A,Alive);
- claim(A,Weakagree);
- }
- role B
- {
- fresh RB: Nonce;
- var RA: Nonce;
- fresh Text1,Text4,Text5: Ticket;
- var Text2,Text3: Ticket;
-
- send_1(B,A, RB,Text1 );
- recv_2(A,B, Text3, { RA, RB, B, Text2 }k(A,B) );
- claim(B,Running,A,RA,RB,Text2,Text4);
- send_3(B,A, Text5, { RB, RA, Text4 }k(A,B) );
-
- claim(B,Commit,A,RA,RB,Text2);
- claim(B,Alive);
- claim(B,Weakagree);
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-2-5.spdl b/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-2-5.spdl
deleted file mode 100644
index 7a98c0de840abd28d69c3c584107b0b41a3ffd07..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-2-5.spdl
+++ /dev/null
@@ -1,93 +0,0 @@
-/*
- * Modeled from ISO/IEC 9798
- * Modeler: Cas Cremers, Dec. 2010
- *
- * symmetric
- * ttp
- * four-pass
- * mutual
- *
- * Modeling notes:
- * - The use of TNb in message 4, as specified by the ISO standard, is
- * different from other models, in which it was TNa.
- */
-usertype SessionKey;
-
-protocol isoiec-9798-2-5(A,B,P)
-{
- role A
- {
- fresh TVPa: Nonce;
- var T: Ticket;
- fresh TNa: Nonce;
- var TNb: Nonce;
- var Kab: SessionKey;
- fresh Text1,Text5,Text6: Ticket;
- var Text3,Text4,Text7,Text8: Ticket;
-
- send_1(A,P, TVPa, B, Text1);
- recv_2(P,A, Text4, { TVPa, Kab, B, Text3 }k(A,P), T );
- claim(A,Running,B,Kab,Text5);
- send_3(A,B, Text6, T, { TNa, B, Text5 }Kab );
- recv_4(B,A, Text8, { TNb, A, Text7 }Kab );
-
- claim(A,Commit,B,Kab,Text5,Text7);
- claim(A,Secret,Kab);
- claim(A,Secret,Text5);
- claim(A,Secret,Text7);
- claim(A,Alive);
- claim(A,Weakagree);
- }
- role B
- {
- var TNp: Nonce;
- var TNa: Nonce;
- fresh TNb: Nonce;
- var Kab: SessionKey;
- fresh Text7,Text8: Ticket;
- var Text2,Text5,Text6: Ticket;
-
- recv_3(A,B, Text6, { TNp, Kab, A, Text2 }k(B,P), { TNa, B, Text5 }Kab );
- claim(B,Running,A,Kab,Text5,Text7);
- send_4(B,A, Text8, { TNb, A, Text7 }Kab );
-
- claim(B,Commit,A,Kab,Text5);
- claim(B,Secret,Kab);
- claim(B,Secret,Text5);
- claim(B,Secret,Text7);
- claim(B,Alive);
- claim(B,Weakagree);
- }
- role P
- {
- var TVPa: Nonce;
- fresh TNp: Nonce;
- fresh Kab: SessionKey;
- fresh Text2,Text3,Text4: Ticket;
- var Text1: Ticket;
-
- recv_1(A,P, TVPa, B, Text1);
- send_2(P,A, Text4, { TVPa, Kab, B, Text3 }k(A,P),
- { TNp, Kab, A, Text2 }k(B,P) );
- }
-}
-
-protocol @keysymm25(A,B,P)
-{
- role A
- {
- var TVPN: Nonce;
- var Kab: SessionKey;
- var Text: Ticket;
-
- recv_!1(B,A, { TVPN, Kab, B, Text }k(P,A) );
- send_!2(A,B, { TVPN, Kab, B, Text }k(A,P) );
- }
- role B
- {
- }
- role P
- {
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-2-6.spdl b/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-2-6.spdl
deleted file mode 100644
index 703885b8a4968e96bfb53f35945f4300a83a7686..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-2-6.spdl
+++ /dev/null
@@ -1,90 +0,0 @@
-/*
- * Modeled from ISO/IEC 9798
- * Modeler: Cas Cremers, Dec. 2010
- *
- * symmetric
- * ttp
- * five-pass
- * mutual
- *
- * MPA Attack reported by Mathuria:
- * - Type flaw MPA when in parallel with Abadi-Needham protocol.
- *
- */
-protocol isoiec-9798-2-6(A,B,P)
-{
- role A
- {
- var Rb: Nonce;
- fresh Ra,Rpa: Nonce;
- var Kab: SessionKey;
- var T: Ticket;
- fresh Text2,Text6,Text7: Ticket;
- var Text1,Text4,Text5,Text8,Text9: Ticket;
-
- recv_1(B,A, Rb, Text1);
- send_2(A,P, Ra, Rb, B, Text2);
- recv_3(P,A, Text5, {Ra,Kab,B,Text4}k(A,P), T );
- claim(A,Running,B,Kab,Text6);
- send_4(A,B, Text7, T, {Rpa,Rb,Text6}Kab );
- recv_5(B,A, Text9, {Rb,Rpa,Text8}Kab );
-
- claim(A,Commit,B,Kab,Text6,Text8);
- claim(A,Secret,Kab);
- claim(A,Secret,Text6);
- claim(A,Secret,Text8);
- claim(A,Alive);
- claim(A,Weakagree);
- }
- role B
- {
- fresh Rb: Nonce;
- var Rpa: Nonce;
- var Kab: SessionKey;
- fresh Text1,Text8,Text9: Ticket;
- var Text3,Text6,Text7: Ticket;
-
- send_1(B,A, Rb, Text1);
- recv_4(A,B, Text7, {Rb,Kab,A,Text3}k(B,P), {Rpa,Rb,Text6}Kab );
- claim(B,Running,A,Kab,Text6,Text8);
- send_5(B,A, Text9, {Rb,Rpa,Text8}Kab );
-
- claim(B,Commit,A,Kab,Text6);
- claim(B,Secret,Kab);
- claim(B,Secret,Text6);
- claim(B,Secret,Text8);
- claim(B,Alive);
- claim(B,Weakagree);
- }
- role P
- {
- var Ra, Rb: Nonce;
- fresh Kab: SessionKey;
- fresh Text3,Text4,Text5: Ticket;
- var Text2: Ticket;
-
- recv_2(A,P, Ra, Rb, B, Text2);
- send_3(P,A, Text5, {Ra,Kab,B,Text4}k(A,P),
- {Rb,Kab,A,Text3}k(B,P) );
- }
-}
-
-protocol @keysymm26(A,B,P)
-{
- role A
- {
- var TVPN: Nonce;
- var Kab: SessionKey;
- var Text: Ticket;
-
- recv_!1(B,A, { TVPN, Kab, B, Text }k(P,A) );
- send_!2(A,B, { TVPN, Kab, B, Text }k(A,P) );
- }
- role B
- {
- }
- role P
- {
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-3-1.spdl b/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-3-1.spdl
deleted file mode 100644
index 42b5667f3b18e9856a9f5be80ff7757794202deb..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-3-1.spdl
+++ /dev/null
@@ -1,33 +0,0 @@
-/*
- * Modeled from ISO/IEC 9798
- * Modeler: Cas Cremers, Dec. 2010
- *
- * signature
- * one-pass
- * unilateral
- */
-const Cert: Function;
-
-protocol isoiec-9798-3-1(A,B)
-{
- role A
- {
- fresh TNA: Nonce;
- fresh Text1,Text2: Ticket;
-
- claim(A,Running,B,TNA,Text1);
- send_1(A,B, Cert(A),TNA,B,Text2, { TNA, B, Text1 }sk(A) );
- }
- role B
- {
- var TNA: Nonce;
- var Text1,Text2: Ticket;
-
- recv_1(A,B, Cert(A),TNA,B,Text2, { TNA, B, Text1 }sk(A) );
-
- claim(B,Commit,A,TNA,Text1);
- claim(B,Alive);
- claim(B,Weakagree);
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-3-2.spdl b/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-3-2.spdl
deleted file mode 100644
index 97f5c681b0c17c18e7bee5aa6db61799b0a2cb57..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-3-2.spdl
+++ /dev/null
@@ -1,39 +0,0 @@
-/*
- * Modeled from ISO/IEC 9798
- * Modeler: Cas Cremers, Dec. 2010
- *
- * signature
- * two-pass
- * unilateral
- */
-const Cert: Function;
-
-protocol isoiec-9798-3-2(A,B)
-{
- role A
- {
- var Rb: Nonce;
- fresh Ra: Nonce;
- var Text1: Ticket;
- fresh Text2,Text3: Ticket;
-
- recv_1(B,A, Rb,Text1 );
- claim(A,Running,B,Ra,Rb,Text2);
- send_2(A,B, Cert(A),Ra,Rb,B,Text3, { Ra, Rb, B, Text2 }sk(A) );
- }
- role B
- {
- fresh Rb: Nonce;
- var Ra: Nonce;
- fresh Text1: Ticket;
- var Text2,Text3: Ticket;
-
- send_1(B,A, Rb,Text1 );
- recv_2(A,B, Cert(A),Ra,Rb,B,Text3, { Ra, Rb, B, Text2 }sk(A) );
-
- claim(B,Commit,A,Ra,Rb,Text2);
- claim(B,Alive);
- claim(B,Weakagree);
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-3-3.spdl b/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-3-3.spdl
deleted file mode 100644
index ca1d944b376fa3c23e2bc98495fb8d7aa30d1add..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-3-3.spdl
+++ /dev/null
@@ -1,44 +0,0 @@
-/*
- * Modeled from ISO/IEC 9798
- * Modeler: Cas Cremers, Dec. 2010
- *
- * signature
- * two-pass
- * mutual
- */
-const Cert: Function;
-
-protocol isoiec-9798-3-3(A,B)
-{
- role A
- {
- fresh TNA: Nonce;
- var TNB: Nonce;
- fresh Text1,Text2: Ticket;
- var Text3,Text4: Ticket;
-
- claim(A,Running,B,TNA,Text1);
- send_1(A,B, Cert(A), TNA, B,Text2, { TNA, B, Text1 }sk(A) );
- recv_2(B,A, Cert(B), TNB, A,Text4, { TNB, A, Text3 }sk(B) );
-
- claim(A,Commit,B,TNB,Text3);
- claim(A,Alive);
- claim(A,Weakagree);
- }
- role B
- {
- var TNA: Nonce;
- fresh TNB: Nonce;
- var Text1,Text2: Ticket;
- fresh Text3,Text4: Ticket;
-
- recv_1(A,B, Cert(A), TNA, B,Text2, { TNA, B, Text1 }sk(A) );
- claim(B,Running,A,TNB,Text3);
- send_2(B,A, Cert(B), TNB, A,Text4, { TNB, A, Text3 }sk(B) );
-
- claim(B,Commit,A,TNA,Text1);
- claim(B,Alive);
- claim(B,Weakagree);
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-3-4.spdl b/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-3-4.spdl
deleted file mode 100644
index f8bfbbcac3a3e930dd00265356ceb4b845d0b183..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-3-4.spdl
+++ /dev/null
@@ -1,46 +0,0 @@
-/*
- * Modeled from ISO/IEC 9798
- * Modeler: Cas Cremers, Dec. 2010
- *
- * signature
- * three-pass
- * mutual
- */
-const Cert: Function;
-
-protocol isoiec-9798-3-4(A,B)
-{
- role A
- {
- var RB: Nonce;
- fresh RA: Nonce;
- var Text1,Text4,Text5: Ticket;
- fresh Text2,Text3: Ticket;
-
- recv_1(B,A, RB,Text1 );
- claim(A,Running,B,RA,RB,Text2);
- send_2(A,B, Cert(B), RA,RB,B,Text3, { RA, RB, B, Text2 }sk(A) );
- recv_3(B,A, Cert(A), RB,RA,A,Text5, { RB, RA, A, Text4 }sk(B) );
-
- claim(A,Commit,B,RA,RB,Text2,Text4);
- claim(A,Alive);
- claim(A,Weakagree);
- }
- role B
- {
- fresh RB: Nonce;
- var RA: Nonce;
- fresh Text1,Text4,Text5: Ticket;
- var Text2,Text3: Ticket;
-
- send_1(B,A, RB,Text1 );
- recv_2(A,B, Cert(B), RA,RB,B,Text3, { RA, RB, B, Text2 }sk(A) );
- claim(B,Running,A,RA,RB,Text2,Text4);
- send_3(B,A, Cert(A), RB,RA,A,Text5, { RB, RA, A, Text4 }sk(B) );
-
- claim(B,Commit,A,RA,RB,Text2);
- claim(B,Alive);
- claim(B,Weakagree);
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-3-5.spdl b/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-3-5.spdl
deleted file mode 100644
index 237e56f920e146e3c9775b3056a50bc2049ab138..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-3-5.spdl
+++ /dev/null
@@ -1,49 +0,0 @@
-/*
- * Modeled from ISO/IEC 9798
- * Modeler: Cas Cremers, Dec. 2010
- *
- * signature
- * two-pass
- * mutual
- * parallel
- */
-const Cert: Function;
-
-protocol isoiec-9798-3-5(A,B)
-{
- role A
- {
- fresh RA: Nonce;
- var RB: Nonce;
- fresh Text1,Text3,Text4: Ticket;
- var Text2,Text5,Text6: Ticket;
-
- send_1(A,B, Cert(A), RA,Text1 );
- recv_2(B,A, Cert(B), RB,Text2 );
- recv_3(B,A, RB,RA,A,Text6, { RB, RA, A, Text5 }sk(B) );
- claim(A,Running,B,RA,RB,Text3,Text5);
- send_4(A,B, RA,RB,B,Text4, { RA, RB, B, Text3 }sk(A) );
-
- claim(A,Commit,B,RA,RB,Text5);
- claim(A,Alive);
- claim(A,Weakagree);
- }
- role B
- {
- var RA: Nonce;
- fresh RB: Nonce;
- var Text1,Text3,Text4: Ticket;
- fresh Text2,Text5,Text6: Ticket;
-
- recv_1(A,B, Cert(A), RA,Text1 );
- send_2(B,A, Cert(B), RB,Text2 );
- claim(B,Running,A,RA,RB,Text5);
- send_3(B,A, RB,RA,A,Text6, { RB, RA, A, Text5 }sk(B) );
- recv_4(A,B, RA,RB,B,Text4, { RA, RB, B, Text3 }sk(A) );
-
- claim(B,Commit,A,RA,RB,Text3,Text5);
- claim(B,Alive);
- claim(B,Weakagree);
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-3-6-1.cpp b/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-3-6-1.cpp
deleted file mode 100644
index fb5b93be4200025a326d7c3f20db867266287e8f..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-3-6-1.cpp
+++ /dev/null
@@ -1,12 +0,0 @@
-#define NAME isoiec-9798-3-6-1
-#define IA A
-#define IB B
-#define ResA A,pk(A)
-#define ResB B,pk(B)
-#define TokenAB Text9,ResA,{Rb,ResA,Text5}sk(T),{Rb,Ra,B,A,Text8}sk(A)
-#define TokenBA Ra,Rb,Text3,{B,Ra,Rb,A,Text2}sk(B)
-#define TokenTA ResA,ResB,{Rpa,ResB,Text6}sk(T),{Rb,ResA,Text5}sk(T)
-
-#include "isoiec-9798-3-6.template"
-
-
diff --git a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-3-6-1.spdl b/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-3-6-1.spdl
deleted file mode 100644
index 51545a6a2d82871366e77c3f4aa53321c8f76978..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-3-6-1.spdl
+++ /dev/null
@@ -1,69 +0,0 @@
-
-
-/*
- * Modeled from ISO standard
- *
- * signature
- * ttp
- * five-pass
- * mutual
- *
- * A initiates and also communicates with T
- *
- * parameters:
- *
- * NAME
- * IA
- * IB
- * ResA
- * ResB
- * TokenAB
- * TokenBA (although identical in both cases)
- * TokenTA
- *
- */
-protocol isoiec-9798-3-6-1(A,B,T)
-{
- role A
- {
- fresh Ra,Rpa: Nonce;
- fresh Text1,Text4,Text8,Text9: Ticket;
- var Rb: Nonce;
- var Text2,Text3;
- var Text5,Text6,Text7: Ticket;
-
- send_1(A,B, Ra,A,Text1);
- recv_2(B,A, B,Ra,Rb,Text3,{B,Ra,Rb,A,Text2}sk(B));
- send_3(A,T, Rpa,Rb,A,B,Text4);
- recv_4(T,A, Text7,A,pk(A),B,pk(B),{Rpa,B,pk(B),Text6}sk(T),{Rb,A,pk(A),Text5}sk(T));
- claim(A,Running,B,Ra,Rb,Text8);
- send_5(A,B, Text9,A,pk(A),{Rb,A,pk(A),Text5}sk(T),{Rb,Ra,B,A,Text8}sk(A));
-
- claim(A,Commit,B,Ra,Rb,Text2);
- claim(A,Alive);
- }
- role B
- {
- var Ra,Rpa: Nonce;
- var Text1,Text5,Text8,Text9: Ticket;
- fresh Text2,Text3,Text4: Ticket;
- fresh Rb: Nonce;
-
- recv_1(A,B, Ra,A,Text1);
- claim(B,Running,A,Ra,Rb,Text2);
- send_2(B,A, B,Ra,Rb,Text3,{B,Ra,Rb,A,Text2}sk(B));
- recv_5(A,B, Text9,A,pk(A),{Rb,A,pk(A),Text5}sk(T),{Rb,Ra,B,A,Text8}sk(A));
-
- claim(B,Commit,A,Ra,Rb,Text8);
- claim(B,Alive);
- }
- role T
- {
- var Rpa, Rb: Nonce;
- var Text4: Ticket;
- fresh Text5,Text6,Text7: Ticket;
-
- recv_3(A,T, Rpa,Rb,A,B,Text4);
- send_4(T,A, Text7,A,pk(A),B,pk(B),{Rpa,B,pk(B),Text6}sk(T),{Rb,A,pk(A),Text5}sk(T));
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-3-6-2.cpp b/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-3-6-2.cpp
deleted file mode 100644
index d40ca51980370235268f78398760d83860d1f6f1..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-3-6-2.cpp
+++ /dev/null
@@ -1,12 +0,0 @@
-#define NAME isoiec-9798-3-6-2
-#define IA A
-#define IB B
-#define ResA A,pk(A)
-#define ResB B,pk(B)
-#define TokenAB Rpa,Text9,TokenTA,{Rb,Ra,B,A,Text8}sk(A)
-#define TokenBA Ra,Rb,Text3,{B,Ra,Rb,A,Text2}sk(B)
-#define TokenTA ResA,ResB,{Rpa,Rb,ResA,ResB,Text5}sk(T)
-
-#include "isoiec-9798-3-6.template"
-
-
diff --git a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-3-6-2.spdl b/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-3-6-2.spdl
deleted file mode 100644
index 3debbc7fd17759030d1d8b979db998f2a6edbc53..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-3-6-2.spdl
+++ /dev/null
@@ -1,69 +0,0 @@
-
-
-/*
- * Modeled from ISO standard
- *
- * signature
- * ttp
- * five-pass
- * mutual
- *
- * A initiates and also communicates with T
- *
- * parameters:
- *
- * NAME
- * IA
- * IB
- * ResA
- * ResB
- * TokenAB
- * TokenBA (although identical in both cases)
- * TokenTA
- *
- */
-protocol isoiec-9798-3-6-2(A,B,T)
-{
- role A
- {
- fresh Ra,Rpa: Nonce;
- fresh Text1,Text4,Text8,Text9: Ticket;
- var Rb: Nonce;
- var Text2,Text3;
- var Text5,Text6,Text7: Ticket;
-
- send_1(A,B, Ra,A,Text1);
- recv_2(B,A, B,Ra,Rb,Text3,{B,Ra,Rb,A,Text2}sk(B));
- send_3(A,T, Rpa,Rb,A,B,Text4);
- recv_4(T,A, Text7,A,pk(A),B,pk(B),{Rpa,Rb,A,pk(A),B,pk(B),Text5}sk(T));
- claim(A,Running,B,Ra,Rb,Text8);
- send_5(A,B, Rpa,Text9,A,pk(A),B,pk(B),{Rpa,Rb,A,pk(A),B,pk(B),Text5}sk(T),{Rb,Ra,B,A,Text8}sk(A));
-
- claim(A,Commit,B,Ra,Rb,Text2);
- claim(A,Alive);
- }
- role B
- {
- var Ra,Rpa: Nonce;
- var Text1,Text5,Text8,Text9: Ticket;
- fresh Text2,Text3,Text4: Ticket;
- fresh Rb: Nonce;
-
- recv_1(A,B, Ra,A,Text1);
- claim(B,Running,A,Ra,Rb,Text2);
- send_2(B,A, B,Ra,Rb,Text3,{B,Ra,Rb,A,Text2}sk(B));
- recv_5(A,B, Rpa,Text9,A,pk(A),B,pk(B),{Rpa,Rb,A,pk(A),B,pk(B),Text5}sk(T),{Rb,Ra,B,A,Text8}sk(A));
-
- claim(B,Commit,A,Ra,Rb,Text8);
- claim(B,Alive);
- }
- role T
- {
- var Rpa, Rb: Nonce;
- var Text4: Ticket;
- fresh Text5,Text6,Text7: Ticket;
-
- recv_3(A,T, Rpa,Rb,A,B,Text4);
- send_4(T,A, Text7,A,pk(A),B,pk(B),{Rpa,Rb,A,pk(A),B,pk(B),Text5}sk(T));
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-3-6.template b/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-3-6.template
deleted file mode 100644
index e8b6a804b727dec57ecaf6ea614586c2d69bf471..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-3-6.template
+++ /dev/null
@@ -1,68 +0,0 @@
-/*
- * Modeled from ISO standard
- *
- * signature
- * ttp
- * five-pass
- * mutual
- *
- * A initiates and also communicates with T
- *
- * parameters:
- *
- * NAME
- * IA
- * IB
- * ResA
- * ResB
- * TokenAB
- * TokenBA (although identical in both cases)
- * TokenTA
- *
- */
-protocol NAME(A,B,T)
-{
- role A
- {
- fresh Ra,Rpa: Nonce;
- fresh Text1,Text4,Text8,Text9: Ticket;
- var Rb: Nonce;
- var Text2,Text3;
- var Text5,Text6,Text7: Ticket;
-
- send_1(A,B, Ra,IA,Text1);
- recv_2(B,A, IB,TokenBA);
- send_3(A,T, Rpa,Rb,IA,IB,Text4);
- recv_4(T,A, Text7,TokenTA);
- claim(A,Running,B,Ra,Rb,Text8);
- send_5(A,B, TokenAB);
-
- claim(A,Commit,B,Ra,Rb,Text2);
- claim(A,Alive);
- }
- role B
- {
- var Ra,Rpa: Nonce;
- var Text1,Text5,Text8,Text9: Ticket;
- fresh Text2,Text3,Text4: Ticket;
- fresh Rb: Nonce;
-
- recv_1(A,B, Ra,IA,Text1);
- claim(B,Running,A,Ra,Rb,Text2);
- send_2(B,A, IB,TokenBA);
- recv_5(A,B, TokenAB);
-
- claim(B,Commit,A,Ra,Rb,Text8);
- claim(B,Alive);
- }
- role T
- {
- var Rpa, Rb: Nonce;
- var Text4: Ticket;
- fresh Text5,Text6,Text7: Ticket;
-
- recv_3(A,T, Rpa,Rb,IA,IB,Text4);
- send_4(T,A, Text7,TokenTA);
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-3-7-1.cpp b/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-3-7-1.cpp
deleted file mode 100644
index fd972110f8218f012f6cd23fb5e2828d80a4298e..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-3-7-1.cpp
+++ /dev/null
@@ -1,12 +0,0 @@
-#define NAME isoiec-9798-3-7-1
-#define IA A
-#define IB B
-#define ResA A,pk(A)
-#define ResB B,pk(B)
-#define TokenAB Text7,Ra,ResA,{Rb,ResA,Text3}sk(T),{Rb,Ra,B,A,Text6}sk(A)
-#define TokenBA Ra,Rb,Text9,{A,Ra,Rb,B,Text8}sk(B)
-#define TokenTA ResA,ResB,{Rpa,ResB,Text4}sk(T),{Rb,ResA,Text3}sk(T)
-
-#include "isoiec-9798-3-7.template"
-
-
diff --git a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-3-7-1.spdl b/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-3-7-1.spdl
deleted file mode 100644
index 516ceb00e1ef7ad22b45be7c8f9f460e07abc074..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-3-7-1.spdl
+++ /dev/null
@@ -1,66 +0,0 @@
-/*
- * Modeled from ISO standard
- *
- * signature
- * ttp
- * five-pass
- * mutual
- *
- * B initiates and A communicates with T
- *
- * parameters:
- *
- * NAME
- * IA
- * IB
- * ResA
- * ResB
- * TokenAB
- * TokenBA (although identical in both cases)
- * TokenTA
- *
- */
-protocol isoiec-9798-3-7-1(A,B,T)
-{
- role A
- {
- fresh Ra,Rpa: Nonce;
- var Rb: Nonce;
- var Text1,Text3,Text4,Text5,Text8,Text9: Ticket;
- fresh Text2,Text6,Text7: Ticket;
-
- recv_1(B,A, Rb,B,Text1 );
- send_2(A,T, Rpa,Rb,A,Text2 );
- recv_3(T,A, Text5, A,pk(A),B,pk(B),{Rpa,B,pk(B),Text4}sk(T),{Rb,A,pk(A),Text3}sk(T) );
- claim(A,Running,B,Ra,Rb,Text6);
- send_4(A,B, A, Text7,Ra,A,pk(A),{Rb,A,pk(A),Text3}sk(T),{Rb,Ra,B,A,Text6}sk(A) );
- recv_5(B,A, Ra,Rb,Text9,{A,Ra,Rb,B,Text8}sk(B) );
-
- claim(A,Commit,B,Ra,Rb,Text8);
- claim(A,Alive);
- }
- role B
- {
- fresh Text1,Text8,Text9: Ticket;
- fresh Rb: Nonce;
- var Text3,Text4,Text6,Text7: Ticket;
- var Ra,Rpa: Nonce;
-
- send_1(B,A, Rb,B,Text1 );
- recv_4(A,B, A, Text7,Ra,A,pk(A),{Rb,A,pk(A),Text3}sk(T),{Rb,Ra,B,A,Text6}sk(A) );
- claim(B,Running,A,Ra,Rb,Text8);
- send_5(B,A, Ra,Rb,Text9,{A,Ra,Rb,B,Text8}sk(B) );
-
- claim(B,Commit,A,Ra,Rb,Text6);
- claim(B,Alive);
- }
- role T
- {
- var Rpa,Rb: Nonce;
- var Text2: Ticket;
- fresh Text3,Text4,Text5: Ticket;
-
- recv_2(A,T, Rpa,Rb,A,Text2 );
- send_3(T,A, Text5, A,pk(A),B,pk(B),{Rpa,B,pk(B),Text4}sk(T),{Rb,A,pk(A),Text3}sk(T) );
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-3-7-2.cpp b/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-3-7-2.cpp
deleted file mode 100644
index 6ca070bdaa11d7185470697aef4c5a6cbc9a2f26..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-3-7-2.cpp
+++ /dev/null
@@ -1,12 +0,0 @@
-#define NAME isoiec-9798-3-7-2
-#define IA A
-#define IB B
-#define ResA A,pk(A)
-#define ResB B,pk(B)
-#define TokenAB Rpa,Text7,TokenTA,{Rb,Ra,B,A,Text6}sk(A)
-#define TokenBA Ra,Rb,Text9,{Ra,Rb,A,B,Text8}sk(B)
-#define TokenTA ResA,ResB,{Rpa,Rb,ResA,ResB,Text3}sk(T)
-
-#include "isoiec-9798-3-7.template"
-
-
diff --git a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-3-7-2.spdl b/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-3-7-2.spdl
deleted file mode 100644
index 98ce4247bb5c01287a5db9c7b7bf153bb7483552..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-3-7-2.spdl
+++ /dev/null
@@ -1,68 +0,0 @@
-
-
-/*
- * Modeled from ISO standard
- *
- * signature
- * ttp
- * five-pass
- * mutual
- *
- * B initiates and A communicates with T
- *
- * parameters:
- *
- * NAME
- * IA
- * IB
- * ResA
- * ResB
- * TokenAB
- * TokenBA (although identical in both cases)
- * TokenTA
- *
- */
-protocol isoiec-9798-3-7-2(A,B,T)
-{
- role A
- {
- fresh Ra,Rpa: Nonce;
- var Rb: Nonce;
- var Text1,Text3,Text4,Text5,Text8,Text9: Ticket;
- fresh Text2,Text6,Text7: Ticket;
-
- recv_1(B,A, Rb,B,Text1 );
- send_2(A,T, Rpa,Rb,A,Text2 );
- recv_3(T,A, Text5, A,pk(A),B,pk(B),{Rpa,Rb,A,pk(A),B,pk(B),Text3}sk(T) );
- claim(A,Running,B,Ra,Rb,Text6);
- send_4(A,B, A, Rpa,Text7,A,pk(A),B,pk(B),{Rpa,Rb,A,pk(A),B,pk(B),Text3}sk(T),{Rb,Ra,B,A,Text6}sk(A) );
- recv_5(B,A, Ra,Rb,Text9,{Ra,Rb,A,B,Text8}sk(B) );
-
- claim(A,Commit,B,Ra,Rb,Text8);
- claim(A,Alive);
- }
- role B
- {
- fresh Text1,Text8,Text9: Ticket;
- fresh Rb: Nonce;
- var Text3,Text4,Text6,Text7: Ticket;
- var Ra,Rpa: Nonce;
-
- send_1(B,A, Rb,B,Text1 );
- recv_4(A,B, A, Rpa,Text7,A,pk(A),B,pk(B),{Rpa,Rb,A,pk(A),B,pk(B),Text3}sk(T),{Rb,Ra,B,A,Text6}sk(A) );
- claim(B,Running,A,Ra,Rb,Text8);
- send_5(B,A, Ra,Rb,Text9,{Ra,Rb,A,B,Text8}sk(B) );
-
- claim(B,Commit,A,Ra,Rb,Text6);
- claim(B,Alive);
- }
- role T
- {
- var Rpa,Rb: Nonce;
- var Text2: Ticket;
- fresh Text3,Text4,Text5: Ticket;
-
- recv_2(A,T, Rpa,Rb,A,Text2 );
- send_3(T,A, Text5, A,pk(A),B,pk(B),{Rpa,Rb,A,pk(A),B,pk(B),Text3}sk(T) );
- }
-}
diff --git a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-3-7.template b/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-3-7.template
deleted file mode 100644
index 8d9491a381ec0922f6d3529623f344c73a931648..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-3-7.template
+++ /dev/null
@@ -1,67 +0,0 @@
-/*
- * Modeled from ISO standard
- *
- * signature
- * ttp
- * five-pass
- * mutual
- *
- * B initiates and A communicates with T
- *
- * parameters:
- *
- * NAME
- * IA
- * IB
- * ResA
- * ResB
- * TokenAB
- * TokenBA (although identical in both cases)
- * TokenTA
- *
- */
-protocol NAME(A,B,T)
-{
- role A
- {
- fresh Ra,Rpa: Nonce;
- var Rb: Nonce;
- var Text1,Text3,Text4,Text5,Text8,Text9: Ticket;
- fresh Text2,Text6,Text7: Ticket;
-
- recv_1(B,A, Rb,IB,Text1 );
- send_2(A,T, Rpa,Rb,IA,Text2 );
- recv_3(T,A, Text5, TokenTA );
- claim(A,Running,B,Ra,Rb,Text6);
- send_4(A,B, IA, TokenAB );
- recv_5(B,A, TokenBA );
-
- claim(A,Commit,B,Ra,Rb,Text8);
- claim(A,Alive);
- }
- role B
- {
- fresh Text1,Text8,Text9: Ticket;
- fresh Rb: Nonce;
- var Text3,Text4,Text6,Text7: Ticket;
- var Ra,Rpa: Nonce;
-
- send_1(B,A, Rb,IB,Text1 );
- recv_4(A,B, IA, TokenAB );
- claim(B,Running,A,Ra,Rb,Text8);
- send_5(B,A, TokenBA );
-
- claim(B,Commit,A,Ra,Rb,Text6);
- claim(B,Alive);
- }
- role T
- {
- var Rpa,Rb: Nonce;
- var Text2: Ticket;
- fresh Text3,Text4,Text5: Ticket;
-
- recv_2(A,T, Rpa,Rb,IA,Text2 );
- send_3(T,A, Text5, TokenTA );
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-4-1-udkey.spdl b/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-4-1-udkey.spdl
deleted file mode 100644
index 6a955d0d55fb3ca924c900b62931b9b71b2cda33..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-4-1-udkey.spdl
+++ /dev/null
@@ -1,39 +0,0 @@
-/*
- * Modeled from ISO/IEC 9798
- * Modeler: Cas Cremers, Dec. 2010
- *
- * ccf
- * one-pass
- * unilateral
- *
- * Unidirectional key version.
- *
- * Modeling notes:
- *
- * - The keyed CCF (f_kab(x)) is modeled as f(x,kab)
- */
-hashfunction f;
-
-protocol isoiec-9798-4-1-udkey(A,B)
-{
- role A
- {
- fresh Text1,Text2: Ticket;
- fresh TNA: Nonce;
-
- claim(A,Running,B,TNA,Text1);
- send_1(A,B, TNA, Text2, f( TNA, Text1 ,k(A,B) ) );
- }
- role B
- {
- var TNA: Nonce;
- var Text1,Text2: Ticket;
-
- recv_1(A,B, TNA, Text2, f( TNA, Text1 ,k(A,B) ) );
-
- claim(B,Commit,A,TNA,Text1);
- claim(B,Alive);
- claim(B,Weakagree);
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-4-1.spdl b/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-4-1.spdl
deleted file mode 100644
index f3a5b95b3e27334c1d4ffaf166d30bd56247ede0..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-4-1.spdl
+++ /dev/null
@@ -1,58 +0,0 @@
-/*
- * Modeled from ISO/IEC 9798
- * Modeler: Cas Cremers, Dec. 2010, Feb. 2011.
- *
- * History:
- *
- * - v2.0, Feb. 2011:
- * Added key symmetry emulation protocol.
- *
- * ccf
- * one-pass
- * unilateral
- *
- * The identifier B is optional and may be omitted if the key is unidirectional.
- *
- * Modeling notes:
- *
- * - The keyed CCF (f_kab(x)) is modeled as f(x,kab)
- */
-hashfunction f;
-
-protocol @keysymm-41(A,B)
-{
- role A
- {
- var X,Y,Z: Ticket;
-
- recv_!1(B,A, f(X,Y,Z, k(A,B) ) );
- send_!2(A,B, f(X,Y,Z, k(B,A) ) );
- }
- role B
- {
- }
-}
-
-protocol isoiec-9798-4-1(A,B)
-{
- role A
- {
- fresh Text1,Text2: Ticket;
- fresh TNA: Nonce;
-
- claim(A,Running,B,TNA,Text1);
- send_1(A,B, TNA, Text2, f( TNA, B, Text1 ,k(A,B) ) );
- }
- role B
- {
- var TNA: Nonce;
- var Text1,Text2: Ticket;
-
- recv_1(A,B, TNA, Text2, f( TNA, B, Text1 ,k(A,B) ) );
-
- claim(B,Commit,A,TNA,Text1);
- claim(B,Alive);
- claim(B,Weakagree);
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-4-2-udkey.spdl b/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-4-2-udkey.spdl
deleted file mode 100644
index c1e292f6eff5c704029199aba97a41f578b8fdfb..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-4-2-udkey.spdl
+++ /dev/null
@@ -1,43 +0,0 @@
-/*
- * Modeled from ISO/IEC 9798
- * Modeler: Cas Cremers, Dec. 2010
- *
- * ccf
- * unilateral
- * two-pass
- *
- * Unidirectional key version.
- *
- * Modeling notes:
- *
- * - The keyed CCF (f_kab(x)) is modeled as f(x,kab)
- */
-hashfunction f;
-
-protocol isoiec-9798-4-2-udkey(A,B)
-{
- role A
- {
- var Rb: Nonce;
- var Text1: Ticket;
- fresh Text2,Text3: Ticket;
-
- recv_1(B,A, Rb,Text1 );
- claim(A,Running,B,Rb,Text2);
- send_2(A,B, Text3, f( Rb, Text2, k(A,B)) );
- }
- role B
- {
- fresh Rb: Nonce;
- fresh Text1: Ticket;
- var Text2,Text3: Ticket;
-
- send_1(B,A, Rb,Text1 );
- recv_2(A,B, Text3, f( Rb, Text2, k(A,B)) );
-
- claim(B,Commit,A,Rb,Text2);
- claim(B,Alive);
- claim(B,Weakagree);
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-4-2.spdl b/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-4-2.spdl
deleted file mode 100644
index d2bd4a93c494e5ac4d36f93348563cefa17adf2e..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-4-2.spdl
+++ /dev/null
@@ -1,62 +0,0 @@
-/*
- * Modeled from ISO/IEC 9798
- * Modeler: Cas Cremers, Dec. 2010, Feb. 2011.
- *
- * History:
- *
- * - v2.0, Feb. 2011:
- * Added key symmetry emulation protocol.
- *
- * ccf
- * unilateral
- * two-pass
- *
- * The identifier B is optional and may be omitted if the key is unidirectional.
- *
- * Modeling notes:
- *
- * - The keyed CCF (f_kab(x)) is modeled as f(x,kab)
- */
-hashfunction f;
-
-protocol @keysymm-42(A,B)
-{
- role A
- {
- var X,Y,Z: Ticket;
-
- recv_!1(B,A, f(X,Y,Z, k(A,B) ) );
- send_!2(A,B, f(X,Y,Z, k(B,A) ) );
- }
- role B
- {
- }
-}
-
-protocol isoiec-9798-4-2(A,B)
-{
- role A
- {
- var Rb: Nonce;
- var Text1: Ticket;
- fresh Text2,Text3: Ticket;
-
- recv_1(B,A, Rb,Text1 );
- claim(A,Running,B,Rb,Text2);
- send_2(A,B, Text3, f( Rb, B, Text2, k(A,B)) );
- }
- role B
- {
- fresh Rb: Nonce;
- fresh Text1: Ticket;
- var Text2,Text3: Ticket;
-
- send_1(B,A, Rb,Text1 );
- recv_2(A,B, Text3, f( Rb, B, Text2, k(A,B)) );
-
- claim(B,Commit,A,Rb,Text2);
- claim(B,Alive);
- claim(B,Weakagree);
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-4-3-udkey.spdl b/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-4-3-udkey.spdl
deleted file mode 100644
index 4371591eefddf4852ce453e3f3d229728744baa9..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-4-3-udkey.spdl
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * Modeled from ISO/IEC 9798
- * Modeler: Cas Cremers, Dec. 2010
- *
- * ccf
- * two-pass
- * mutual
- *
- * Unidirectional key version.
- *
- * Modeling notes:
- *
- * - The keyed CCF (f_kab(x)) is modeled as f(x,kab)
- */
-hashfunction f;
-
-protocol isoiec-9798-4-3-udkey(A,B)
-{
- role A
- {
- fresh Text1,Text2: Ticket;
- var Text3,Text4: Ticket;
- fresh TNa: Nonce;
- var TNb: Nonce;
-
- claim(A,Running,B,TNa,Text1);
- send_1(A,B, TNa, Text2, f(TNa,Text1, k(A,B) ) );
- recv_2(B,A, TNb, Text4, f(TNb,Text3, k(B,A) ) );
-
- claim(A,Commit,B,TNb,Text3);
- claim(A,Alive);
- claim(A,Weakagree);
- }
- role B
- {
- var TNa: Nonce;
- fresh TNb: Nonce;
- var Text1,Text2: Ticket;
- fresh Text3,Text4: Ticket;
-
- recv_1(A,B, TNa, Text2, f(TNa,Text1, k(A,B) ) );
- claim(B,Running,A,TNb,Text3);
- send_2(B,A, TNb, Text4, f(TNb,Text3, k(B,A) ) );
-
- claim(B,Commit,A,TNa,Text1);
- claim(B,Alive);
- claim(B,Weakagree);
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-4-3.spdl b/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-4-3.spdl
deleted file mode 100644
index a5902e2a24b9f34bb18dcd5e316986d3bada1846..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-4-3.spdl
+++ /dev/null
@@ -1,69 +0,0 @@
-/*
- * Modeled from ISO/IEC 9798
- * Modeler: Cas Cremers, Dec. 2010, Feb. 2011.
- *
- * History:
- *
- * - v2.0, Feb. 2011:
- * Added key symmetry emulation protocol.
- *
- * ccf
- * two-pass
- * mutual
- *
- * The identifiers B,A are optional and may be (independently) be omitted if the key is unidirectional.
- *
- * Modeling notes:
- *
- * - The keyed CCF (f_kab(x)) is modeled as f(x,kab)
- */
-hashfunction f;
-
-protocol @keysymm-43(A,B)
-{
- role A
- {
- var X,Y,Z: Ticket;
-
- recv_!1(B,A, f(X,Y,Z, k(A,B) ) );
- send_!2(A,B, f(X,Y,Z, k(B,A) ) );
- }
- role B
- {
- }
-}
-
-protocol isoiec-9798-4-3(A,B)
-{
- role A
- {
- fresh Text1,Text2: Ticket;
- var Text3,Text4: Ticket;
- fresh TNa: Nonce;
- var TNb: Nonce;
-
- claim(A,Running,B,TNa,Text1);
- send_1(A,B, TNa, Text2, f(TNa,B,Text1, k(A,B) ) );
- recv_2(B,A, TNb, Text4, f(TNb,A,Text3, k(A,B) ) );
-
- claim(A,Commit,B,TNb,Text3);
- claim(A,Alive);
- claim(A,Weakagree);
- }
- role B
- {
- var TNa: Nonce;
- fresh TNb: Nonce;
- var Text1,Text2: Ticket;
- fresh Text3,Text4: Ticket;
-
- recv_1(A,B, TNa, Text2, f(TNa,B,Text1, k(A,B) ) );
- claim(B,Running,A,TNb,Text3);
- send_2(B,A, TNb, Text4, f(TNb,A,Text3, k(A,B) ) );
-
- claim(B,Commit,A,TNa,Text1);
- claim(B,Alive);
- claim(B,Weakagree);
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-4-4-udkey.spdl b/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-4-4-udkey.spdl
deleted file mode 100644
index 27e546651f7b519ecb60f7f0fdf514cc14a5071e..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-4-4-udkey.spdl
+++ /dev/null
@@ -1,52 +0,0 @@
-/*
- * Modeled from ISO/IEC 9798
- * Modeler: Cas Cremers, Dec. 2010
- *
- * ccf
- * mutual
- * three-pass
- *
- * Unidirectional key version.
- *
- * Modeling notes:
- *
- * - The keyed CCF (f_kab(x)) is modeled as f(x,kab)
- */
-hashfunction f;
-
-protocol isoiec-9798-4-4-udkey(A,B)
-{
- role A
- {
- fresh Ra: Nonce;
- var Rb: Nonce;
- var Text1,Text4,Text5: Ticket;
- fresh Text2,Text3: Ticket;
-
- recv_1(B,A, Rb, Text1 );
- claim(A,Running,B,Ra,Rb,Text2);
- send_2(A,B, Ra, Text3, f(Ra,Rb,Text2, k(A,B) ) );
- recv_3(B,A, Text5, f(Rb,Ra,Text4, k(B,A) ) );
-
- claim(A,Commit,B,Ra,Rb,Text2,Text4);
- claim(A,Alive);
- claim(A,Weakagree);
- }
- role B
- {
- var Ra: Nonce;
- fresh Rb: Nonce;
- fresh Text1,Text4,Text5: Ticket;
- var Text2,Text3: Ticket;
-
- send_1(B,A, Rb, Text1 );
- recv_2(A,B, Ra, Text3, f(Ra,Rb,Text2, k(A,B) ) );
- claim(B,Running,A,Ra,Rb,Text2,Text4);
- send_3(B,A, Text5, f(Rb,Ra,Text4, k(B,A) ) );
-
- claim(B,Commit,A,Ra,Rb,Text2);
- claim(B,Alive);
- claim(B,Weakagree);
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-4-4.spdl b/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-4-4.spdl
deleted file mode 100644
index f7963694798d8aef65d93b19ef92bdcb668231fe..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/ISO-9798/isoiec-9798-4-4.spdl
+++ /dev/null
@@ -1,75 +0,0 @@
-/*
- * Modeled from ISO/IEC 9798
- * Modeler: Cas Cremers, Dec. 2010, Feb. 2011.
- *
- * History:
- *
- * - v2.0, Feb. 2011:
- * Added key symmetry emulation protocol.
- *
- * ccf
- * mutual
- * three-pass
- *
- * The identifier B is optional and may be omitted if the key is unidirectional.
- *
- * Modeling notes:
- *
- * - The keyed CCF (f_kab(x)) is modeled as f(x,kab)
- */
-hashfunction f;
-
-protocol @keysymm-44(A,B)
-{
- role A
- {
- var X,Y,Z: Ticket;
-
- recv_!1(B,A, f(X,Y,Z, k(A,B) ) );
- send_!2(A,B, f(X,Y,Z, k(B,A) ) );
- }
- role B
- {
- var X,Y,Z,ZZ: Ticket;
-
- recv_!3(A,B, f(X,Y,Z,ZZ, k(A,B) ) );
- send_!4(B,A, f(X,Y,Z,ZZ, k(B,A) ) );
- }
-}
-
-protocol isoiec-9798-4-4(A,B)
-{
- role A
- {
- fresh Ra: Nonce;
- var Rb: Nonce;
- var Text1,Text4,Text5: Ticket;
- fresh Text2,Text3: Ticket;
-
- recv_1(B,A, Rb, Text1 );
- claim(A,Running,B,Ra,Rb,Text2);
- send_2(A,B, Ra, Text3, f(Ra,Rb,B,Text2, k(A,B) ) );
- recv_3(B,A, Text5, f(Rb,Ra,Text4, k(A,B) ) );
-
- claim(A,Commit,B,Ra,Rb,Text2,Text4);
- claim(A,Alive);
- claim(A,Weakagree);
- }
- role B
- {
- var Ra: Nonce;
- fresh Rb: Nonce;
- fresh Text1,Text4,Text5: Ticket;
- var Text2,Text3: Ticket;
-
- send_1(B,A, Rb, Text1 );
- recv_2(A,B, Ra, Text3, f(Ra,Rb,B,Text2, k(A,B) ) );
- claim(B,Running,A,Ra,Rb,Text2,Text4);
- send_3(B,A, Text5, f(Rb,Ra,Text4, k(A,B) ) );
-
- claim(B,Commit,A,Ra,Rb,Text2);
- claim(B,Alive);
- claim(B,Weakagree);
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/BKE.spdl b/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/BKE.spdl
deleted file mode 100644
index 8342bd6c709b316e2599862cea3b32925c7e7306..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/BKE.spdl
+++ /dev/null
@@ -1,40 +0,0 @@
-/*
- Bilateral Key Exchange with Public Key protocol (BKEPK)
-*/
-
-usertype SessionKey;
-
-hashfunction hash;
-
-protocol bke(I,R)
-{
- role I
- {
- fresh ni: Nonce;
- var nr: Nonce;
- var kir: SessionKey;
-
- send_1 (I,R, { ni,I }pk(R) );
- recv_2 (R,I, { hash(ni),nr,R,kir }pk(I) );
- send_3 (I,R, { hash(nr) }kir );
- claim_4 (I, Secret, kir );
- //claim_5 (I, Niagree );
- //claim_6 (I, Nisynch );
- }
-
- role R
- {
- var ni: Nonce;
- fresh nr: Nonce;
- fresh kir: SessionKey;
-
- recv_1 (I,R, { ni,I }pk(R) );
- send_2 (R,I, { hash(ni),nr,R,kir }pk(I) );
- recv_3 (I,R, { hash(nr) }kir );
- claim_7 (R, Secret, kir );
- //claim_8 (R, Niagree );
- //claim_9 (R, Nisynch );
- }
-}
-
-
diff --git a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/andrew-ban-concrete.spdl b/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/andrew-ban-concrete.spdl
deleted file mode 100644
index 48f52d8f450814a116b7291bdfea1475800f311f..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/andrew-ban-concrete.spdl
+++ /dev/null
@@ -1,67 +0,0 @@
-# BAN concrete Andrew Secure RPC
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/andrewBAN2.html
-#
-# Note:
-# The shared key between I and R is modelled as k(I,R) currently
-# there is no way to express that this key is equal to k(R,I)
-# In order to overcome this a 'dummy' role X has been hadded that recrypts
-# a given term crypted with k(I,R) with k(R,I)
-#
-# Note:
-# Recv 4 by the Initatior has been placed after the synchronisation claim
-# as it allows trivial synchronisation attacks otherwise (the message is
-# completely fresh and can therefore always be replaced by an arbitrary value
-# created by the intruder) which are not considered in SPORE
-#
-
-usertype SessionKey;
-const Fresh: Function;
-
-protocol @swapkey(X)
-{
- # Protocol added to work around the symmetry problems where k(I,R) != k(R,I)
- role X
- {
- var I,R: Agent;
- var T:Ticket;
- recv_!X1(X,X,I,R,{T}k(I,R));
- send_!X2(X,X,{T}k(R,I));
- }
-}
-
-protocol andrew-Concrete(I,R)
-{
-
- role I
- {
- fresh ni: Nonce;
- var nr: Nonce;
- var kir: SessionKey;
-
- send_1(I,R, I,ni );
- recv_2(R,I, {ni,kir}k(I,R) );
- send_3(I,R, {ni}kir);
- claim_I1(I,Secret,kir);
- claim_I2(I,Nisynch);
- claim_I3(I,Empty,(Fresh,kir));
- recv_6(R,I, nr);
- }
-
- role R
- {
- var ni: Nonce;
- fresh nr: Nonce;
- fresh kir: SessionKey;
-
- recv_1(I,R, I,ni );
- send_2(R,I, {ni,kir}k(I,R) );
- recv_3(I,R, {ni}kir);
- send_6(R,I, nr);
- claim_R1(R,Secret,kir);
- claim_R2(R,Nisynch);
- claim_R3(R,Empty,(Fresh,kir));
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/andrew-ban.spdl b/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/andrew-ban.spdl
deleted file mode 100644
index 5118604cdc06f34dd2d5f3b8b4ba1035c792ce53..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/andrew-ban.spdl
+++ /dev/null
@@ -1,52 +0,0 @@
-# BAN modified Andrew Secure RPC
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/andrewBAN.html
-#
-# Note:
-# The shared key between I and R is modelled as k(I,R) currently
-# there is no way to express that this key is equal to k(R,I)
-# So it is possile that certain attacks that use this property are not found
-#
-# Note:
-# According to SPORE there are no known attacks on this protocol
-#
-usertype SessionKey;
-const Fresh: Function;
-const Compromised: Function;
-
-protocol andrew-Ban(I,R)
-{
- role I
- {
- fresh ni: Nonce;
- var nr,nr2: Nonce;
- var kir: SessionKey;
-
- send_1(I,R, I,{ni}k(I,R) );
- recv_2(R,I, {ni,nr}k(I,R) );
- send_3(I,R, {nr}k(I,R) );
- recv_4(R,I, {kir,nr2,ni}k(I,R) );
- claim_I1(I,Nisynch);
- claim_I2(I,Niagree);
- claim_I3(I,Secret, kir);
- claim_I5(I,Empty, (Fresh,kir));
- }
-
- role R
- {
- var ni: Nonce;
- fresh nr,nr2: Nonce;
- fresh kir: SessionKey;
-
- recv_1(I,R, I,{ni}k(I,R) );
- send_2(R,I, {ni,nr}k(I,R) );
- recv_3(I,R, {nr}k(I,R) );
- send_4(R,I, {kir,nr2,ni}k(I,R) );
- claim_R1(R,Nisynch);
- claim_R2(R,Niagree);
- claim_R3(R,Secret, kir);
- claim_R5(R,Empty, (Fresh,kir));
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/andrew-lowe-ban.spdl b/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/andrew-lowe-ban.spdl
deleted file mode 100644
index 04e15f27a67bbe57cd026848e0b715e9602e407b..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/andrew-lowe-ban.spdl
+++ /dev/null
@@ -1,57 +0,0 @@
-# Lowe modified BAN concrete Andrew Secure RPC
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/andrewLowe.html
-#
-# Note:
-# The shared key between I and R is modelled as k(I,R) currently
-# there is no way to express that this key is equal to k(R,I)
-# So it is possile that certain attacks that use this property are not found
-#
-# Note:
-# Recv 4 by the Initatior has been placed after the synchronisation claim
-# as it allows trivial synchronisation attacks otherwise (the message is
-# completely fresh and can therefore always be replaced by an arbitrary value
-# created by the intruder) which are not considered in SPORE
-#
-# Note:
-# According to SPORE there are no known attacks on this protocol
-#
-
-usertype SessionKey;
-const Fresh: Function;
-const Compromised: Function;
-
-protocol andrew-LoweBan(I,R)
-{
- role I
- {
- fresh ni: Nonce;
- var nr: Nonce;
- var kir: SessionKey;
-
- send_1(I,R, I,ni );
- recv_2(R,I, {ni,kir,R}k(I,R) );
- send_3(I,R, {ni}kir );
- claim_I1(I,Nisynch);
- claim_I2(I,Secret, kir);
- claim_I3(I,Empty, (Fresh,kir));
- recv_4(R,I, nr );
- }
-
- role R
- {
- var ni: Nonce;
- fresh nr: Nonce;
- fresh kir: SessionKey;
-
- recv_1(I,R, I,ni );
- send_2(R,I, {ni,kir,R}k(I,R) );
- recv_3(I,R, {ni}kir );
- send_4(R,I, nr );
- claim_R1(R,Nisynch);
- claim_R2(R,Secret, kir);
- claim_R3(R,Empty, (Fresh,kir));
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/boyd.spdl b/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/boyd.spdl
deleted file mode 100644
index 0a9c755296ba85d44bbe48f5ca5ee393e16e72fb..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/boyd.spdl
+++ /dev/null
@@ -1,56 +0,0 @@
-usertype Sessionkey;
-usertype Macseed;
-const m: Function;
-secret unm: Function;
-const f: Function;
-
-inversekeys (m, unm);
-
-/*
- * Boyd key agreement
- *
- * Boyd & Mathuria: Protocols for authentication and key establishment
- * (2003) p. 101
- *
- * Note that MAC_ks(x) has been interpreted as MAC(x,ks); this
- * assumption causes some possible false attacks.
- */
-
-protocol boyd(I,R,S)
-{
- role I
- {
- fresh ni: Nonce;
- var nr: Nonce;
- var ks: Macseed;
-
- send_1 (I,S, I,R, ni );
- recv_3 (R,I, { I,R, ks }k(I,S), m(ni, m(ks,ni,nr)), nr );
- send_4 (I,R, m(nr, m(ks,ni,nr)) );
-
- claim_6 (I, Secret, m(ks,ni,nr) );
- }
-
- role R
- {
- var ni: Nonce;
- fresh nr: Nonce;
- var ks: Macseed;
-
- recv_2 (S,R, { I,R, ks }k(I,S), { I,R, ks }k(R,S), ni );
- send_3 (R,I, { I,R, ks }k(I,S), m(ni, m(ks,ni,nr)), nr );
- recv_4 (I,R, m(nr, m(ks,ni,nr)) );
-
- claim_10 (R, Secret, m(ks,ni,nr));
- }
-
- role S
- {
- var ni,nr: Nonce;
- fresh ks: Macseed;
-
- recv_1 (I,S, I,R, ni );
- send_2 (S,R, { I,R, ks }k(I,S), { I,R, ks }k(R,S), ni );
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/ccitt509-ban3.spdl b/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/ccitt509-ban3.spdl
deleted file mode 100644
index bdf146dd74c09e6b53acff463737d53a19ec83bb..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/ccitt509-ban3.spdl
+++ /dev/null
@@ -1,39 +0,0 @@
-# BAN modified version of CCITT X.509 (3)
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/ccittx509_3BAN.html
-#
-# Note:
-# The protocol description also states that Xa and Ya should be fresh
-# this can not be verified using scyther
-#
-# Note:
-# According to SPORE there are no known attacks on this protocol
-#
-
-protocol ccitt509-ban3(I,R)
-{
- role I
- {
- fresh Na,Xa,Ya: Nonce;
- var Xb,Nb,Yb: Nonce;
-
- send_1(I,R, I,{Na, R, Xa,{Ya}pk(R)}sk(I));
- recv_2(R,I, R,{Nb, I, Na, Xb,{Yb}pk(I)}sk(R));
- send_3(I,R, I,{R, Nb}sk(I));
- claim_4(I,Nisynch);
- }
-
- role R
- {
- var Na,Xa,Ya: Nonce;
- fresh Xb,Yb,Nb: Nonce;
-
- recv_1(I,R, I,{Na, R, Xa,{Ya}pk(R)}sk(I));
- send_2(R,I, R,{Nb, I, Na, Xb,{Yb}pk(I)}sk(R));
- recv_3(I,R, I,{R, Nb}sk(I));
- claim_5(R,Nisynch);
- # There should also be Fresh Xa and Fresh Ya claims here
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/denning-sacco-lowe.spdl b/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/denning-sacco-lowe.spdl
deleted file mode 100644
index d5c3182c14dddd44b359464b37d52e51719dafb0..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/denning-sacco-lowe.spdl
+++ /dev/null
@@ -1,66 +0,0 @@
-# Lowe modified Denning-Sacco shared key
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/denningSaccoLowe.html
-#
-# Note:
-# According to SPORE there are no attacks on this protocol, scyther
-# finds one however. This has to be investigated further.
-
-usertype Key;
-usertype SessionKey;
-usertype TimeStamp;
-usertype ExpiredTimeStamp;
-usertype PseudoFunction;
-const dec: PseudoFunction;
-const Fresh: Function;
-const Compromised: Function;
-
-protocol denningSacco-Lowe(I,R,S)
-{
- role I
- {
- var W: Ticket;
- var Kir: SessionKey;
- var T: TimeStamp;
- var Nr: Nonce;
-
- send_1(I,S, I,R );
- recv_2(S,I, {R, Kir, T, W}k(I,S) );
- send_3(I,R, W);
- recv_4(R,I, {Nr}Kir);
- send_5(I,R, {{Nr}dec}Kir);
- claim_I1(I,Niagree);
- claim_I2(I,Nisynch);
- claim_I3(I,Secret,Kir);
- claim_I4(I,Empty,(Fresh,Kir));
- }
-
- role R
- {
- var Kir: SessionKey;
- var T: TimeStamp;
- fresh Nr: Nonce;
-
- recv_3(I,R, {Kir,I,T}k(R,S));
- send_4(R,I, {Nr}Kir);
- recv_5(I,R, {{Nr}dec}Kir);
- claim_R1(R,Niagree);
- claim_R2(R,Nisynch);
- claim_R3(R,Secret,Kir);
- claim_R4(R,Empty,(Fresh,Kir));
- }
-
- role S
- {
- var W: Ticket;
- fresh Kir: SessionKey;
- fresh T: TimeStamp;
-
- recv_1(I,S, I,R );
- send_2(S,I, {R, Kir, T, {Kir, I,T}k(R,S)}k(I,S));
- claim_x(S, Secret, Kir);
- }
-}
-
-
diff --git a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/denning-sacco.spdl b/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/denning-sacco.spdl
deleted file mode 100644
index 00167e975c65cc94323c1fed8e2efeba3227bf69..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/denning-sacco.spdl
+++ /dev/null
@@ -1,55 +0,0 @@
-# Denning-Sacco shared key
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/denningSacco.html
-#
-
-usertype Key;
-usertype SessionKey;
-usertype TimeStamp;
-usertype ExpiredTimeStamp;
-const Fresh: Function;
-const Compromised: Function;
-
-protocol denningSacco(I,R,S)
-{
- role I
- {
- var W: Ticket;
- var Kir: SessionKey;
- var T: TimeStamp;
-
- send_1(I,S, I,R );
- recv_2(S,I, {R, Kir, T, W}k(I,S) );
- send_3(I,R, W);
- claim_I1(I,Niagree);
- claim_I2(I,Nisynch);
- claim_I3(I,Secret,Kir);
- claim_I4(I,Empty, (Fresh,Kir));
- }
-
- role R
- {
- var Kir: SessionKey;
- var T: TimeStamp;
-
- recv_3(I,R, {Kir,I,T}k(R,S));
- claim_R1(R,Niagree);
- claim_R2(R,Nisynch);
- claim_R3(R,Secret,Kir);
- claim_R4(R,Empty, (Fresh,Kir));
- }
-
- role S
- {
- var W: Ticket;
- fresh Kir: SessionKey;
- fresh T: TimeStamp;
-
- recv_1(I,S, I,R );
- send_2(S,I, {R, Kir, T, {Kir, I,T}k(R,S)}k(I,S));
- }
-}
-
-
-
diff --git a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/gong-nonce-b.spdl b/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/gong-nonce-b.spdl
deleted file mode 100644
index 09bde6d80fc530c90b1ce4ebb4c624bd2fd25024..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/gong-nonce-b.spdl
+++ /dev/null
@@ -1,60 +0,0 @@
-usertype Sessionkey;
-usertype Keypart;
-hashfunction f;
-
-/*
- * Gong nonce based alternative
- *
- * Boyd & Mathuria: Protocols for authentication and key establishment
- * (2003) p. 101
- */
-
-protocol gongnonceb(I,R,S)
-{
- role I
- {
- fresh ni: Nonce;
- var nr: Nonce;
- fresh ki: Keypart;
- var kr: Keypart;
-
- send_1 (I,S, I,R, { I,S,I, ki, R }k(I,S), ni );
- recv_4 (S,I, { S,I,R,kr,I }k(I,S), { R,I,ni }f(ki,kr), nr );
- send_5 (I,R, { I,R,nr }f(ki,kr) );
-
- claim_6 (I, Secret, ki);
- claim_7 (I, Secret, kr);
- claim_8 (I, Nisynch);
- claim_9 (I, Niagree);
- }
-
- role R
- {
- var ni: Nonce;
- fresh nr: Nonce;
- fresh kr: Keypart;
- var ki: Keypart;
-
- recv_2 (S,R, I,R, { S,R,I, ki, R }k(R,S), ni );
- send_3 (R,S, { R,S,R,kr,I }k(R,S), { R,I, ni }f(ki,kr), nr );
- recv_5 (I,R, { I,R,nr }f(ki,kr) );
-
- claim_10 (R, Secret, ki);
- claim_11 (R, Secret, kr);
- claim_12 (R, Nisynch);
- claim_13 (R, Niagree);
- }
-
- role S
- {
- var ni,nr: Nonce;
- var ki,kr: Keypart;
- var T;
-
- recv_1 (I,S, I,R, { I,S,I, ki, R }k(I,S), ni );
- send_2 (S,R, I,R, { S,R,I, ki, R }k(R,S), ni );
- recv_3 (R,S, { R,S,R,kr,I }k(R,S), T, nr );
- send_4 (S,I, { S,I,R,kr,I }k(I,S), T, nr );
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/gong-nonce.spdl b/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/gong-nonce.spdl
deleted file mode 100644
index 594e1b9753998059d509dfecc53af0e9b04ed579..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/gong-nonce.spdl
+++ /dev/null
@@ -1,57 +0,0 @@
-/*
- * From Boyd Mathuria
- *
- * To check: 3.38 or other?
- *
- */
-usertype Sessionkey;
-usertype Keypart;
-
-protocol gongnonce(I,R,S)
-{
- role I
- {
- fresh ni: Nonce;
- var nr: Nonce;
- fresh ki: Keypart;
- var kr: Keypart;
-
- send_1 (I,R, I,R,ni );
- recv_3 (S,I, { S,I,R, kr, I, ni }k(I,S), nr);
- send_4 (I,S, { I,S,I, ki, R, nr }k(I,S) );
-
- claim_6 (I, Secret, ki);
- claim_7 (I, Secret, kr);
- claim_8 (I, Nisynch);
- claim_9 (I, Niagree);
- }
-
- role R
- {
- var ni: Nonce;
- fresh nr: Nonce;
- fresh kr: Keypart;
- var ki: Keypart;
-
- recv_1 (I,R, I,R,ni );
- send_2 (R,S, I,R, nr, { R,S,R, kr, I,ni }k(R,S));
- recv_5 (S,R, { S,R,I, ki, R, nr }k(R,S) );
-
- claim_10 (R, Secret, ki);
- claim_11 (R, Secret, kr);
- claim_12 (R, Nisynch);
- claim_13 (R, Niagree);
- }
-
- role S
- {
- var ni,nr: Nonce;
- var ki,kr: Keypart;
-
- recv_2 (R,S, I,R, nr, { R,S,R, kr, I,ni }k(R,S));
- send_3 (S,I, { S,I,R, kr, I, ni }k(I,S), nr);
- recv_4 (I,S, { I,S,I, ki, R, nr }k(I,S) );
- send_5 (S,R, { S,R,I, ki, R, nr }k(R,S) );
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/isoiec11770-2-13.spdl b/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/isoiec11770-2-13.spdl
deleted file mode 100644
index 5db1533dbcd541c27156d917511c73d5933eae5d..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/isoiec11770-2-13.spdl
+++ /dev/null
@@ -1,42 +0,0 @@
-usertype Sessionkey;
-usertype Ticket;
-
-protocol isoiec11770213(I,R,S)
-{
- role I
- {
- fresh ni: Nonce;
- var nr: Nonce;
- var kir: Sessionkey;
-
- send_1 (I,R, ni);
- recv_4 (R,I, { ni,kir,R }k(I,S) );
-
- claim_5 (I, Secret, kir);
- }
-
- role R
- {
- var ni: Nonce;
- fresh nr: Nonce;
- fresh kir: Sessionkey;
- var T;
-
- recv_1 (I,R, ni);
- send_2 (R,S, { nr,ni,I,kir }k(R,S) );
- recv_3 (S,R, { nr, I }k(R,S), T );
- send_4 (R,I, T );
-
- claim_6 (R, Secret, kir);
- }
-
- role S
- {
- var ni,nr: Nonce;
- var kir: Sessionkey;
-
- recv_2 (R,S, { nr,ni,I,kir }k(R,S) );
- send_3 (S,R, { nr, I }k(R,S), { ni,kir,R }k(I,S) );
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/kaochow-v2.spdl b/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/kaochow-v2.spdl
deleted file mode 100644
index 638a54b7cdd3722fbac37a1b9241b855246d4ea7..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/kaochow-v2.spdl
+++ /dev/null
@@ -1,55 +0,0 @@
-# Kao Chow Authentication v.2
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/kaoChow2.html
-#
-
-usertype SessionKey;
-const Fresh: Function;
-const Compromised: Function;
-
-protocol kaochow-2(I,R,S)
-{
- role I
- {
- fresh ni: Nonce;
- var nr: Nonce;
- var kir,kt: SessionKey;
-
- send_1 (I,S, I,R,ni);
- recv_3 (R,I, R, {I,R,ni,kir,kt}k(I,S), {ni, kir}kt, nr );
- send_4 (I,R, {nr,kir}kt );
-
- claim_I1 (I, Nisynch);
- claim_I2 (I, Niagree);
- claim_I3 (I, Secret, kir);
- claim_I4 (I, Empty, (Fresh,kir));
- }
-
- role R
- {
- var ni: Nonce;
- fresh nr: Nonce;
- var kir,kt: SessionKey;
- var T: Ticket;
-
- recv_2 (S,R, T, { I,R,ni,kir,kt }k(R,S) );
- send_3 (R,I, R, T, {ni, kir}kt, nr );
- recv_4 (I,R, {nr,kir}kt );
-
- claim_R1 (R, Nisynch);
- claim_R2 (R, Niagree);
- claim_R3 (R, Secret, kir);
- claim_R4 (R, Empty, (Fresh,kir));
- }
-
- role S
- {
- var ni: Nonce;
- fresh kir, kt: SessionKey;
-
- recv_1 (I,S, I,R,ni);
- send_2 (S,R, {I,R,ni,kir,kt}k(I,S), { I,R,ni,kir,kt }k(R,S) );
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/kaochow-v3.spdl b/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/kaochow-v3.spdl
deleted file mode 100644
index 88cef24fd8e955769d166e75f879caed7f30f7fe..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/kaochow-v3.spdl
+++ /dev/null
@@ -1,59 +0,0 @@
-# Kao Chow Authentication v.3
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/kaoChow3.html
-#
-
-usertype SessionKey;
-usertype ExpiredTimeStamp;
-usertype TimeStamp;
-const Fresh: Function;
-const Compromised: Function;
-
-protocol kaochow-3(I,R,S)
-{
- role I
- {
- fresh ni: Nonce;
- var nr: Nonce;
- var kir,kt: SessionKey;
- var T2: Ticket;
-
- send_1 (I,S, I,R,ni);
- recv_3 (R,I, {I,R,ni,kir,kt}k(I,S), {ni, kir}kt, nr, T2 );
- send_4 (I,R, {nr,kir}kt, T2 );
-
- claim_I1 (I, Nisynch);
- claim_I2 (I, Niagree);
- claim_I3 (I, Secret, kir);
- claim_I4 (I, Empty, (Fresh,kir));
- }
-
- role R
- {
- var ni: Nonce;
- fresh nr: Nonce;
- var kir,kt: SessionKey;
- var T: Ticket;
- fresh tr: TimeStamp;
-
- recv_2 (S,R, T, { I,R,ni,kir,kt }k(R,S) );
- send_3 (R,I, T, {ni, kir}kt, nr, {I,R,tr,kir}k(R,S) );
- recv_4 (I,R, {nr,kir}kt, {I,R,tr,kir}k(R,S) );
-
- claim_R1 (R, Nisynch);
- claim_R2 (R, Niagree);
- claim_R3 (R, Secret, kir);
- claim_R4 (R, Empty, (Fresh,kir));
- }
-
- role S
- {
- var ni: Nonce;
- fresh kir, kt: SessionKey;
-
- recv_1 (I,S, I,R,ni);
- send_2 (S,R, {I,R,ni,kir,kt}k(I,S), { I,R,ni,kir,kt }k(R,S) );
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/kaochow.spdl b/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/kaochow.spdl
deleted file mode 100644
index 1c6c827982ce289073ffc12103fe5accd1b95462..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/kaochow.spdl
+++ /dev/null
@@ -1,55 +0,0 @@
-# Kao Chow Authentication v.1
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/kaoChow1.html
-#
-
-usertype SessionKey;
-const Fresh: Function;
-const Compromised: Function;
-
-protocol kaochow(I,R,S)
-{
- role I
- {
- fresh ni: Nonce;
- var nr: Nonce;
- var kir: SessionKey;
-
- send_1 (I,S, I,R,ni);
- recv_3 (R,I, {I,R,ni,kir}k(I,S), {ni}kir, nr );
- send_4 (I,R, {nr}kir );
-
- claim_I1 (I, Nisynch);
- claim_I2 (I, Niagree);
- claim_I3 (I, Secret, kir);
- claim_I4 (I, Empty, (Fresh,kir));
- }
-
- role R
- {
- var ni: Nonce;
- fresh nr: Nonce;
- var kir: SessionKey;
- var T;
-
- recv_2 (S,R, T, { I,R,ni,kir }k(R,S) );
- send_3 (R,I, T, {ni}kir, nr );
- recv_4 (I,R, {nr}kir );
-
- claim_R1 (R, Nisynch);
- claim_R2 (R, Niagree);
- claim_R3 (R, Secret, kir);
- claim_R4 (R, Empty, (Fresh,kir));
- }
-
- role S
- {
- var ni: Nonce;
- fresh kir: SessionKey;
-
- recv_1 (I,S, I,R,ni);
- send_2 (S,R, {I,R,ni,kir}k(I,S), { I,R,ni,kir }k(R,S) );
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/ksl.spdl b/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/ksl.spdl
deleted file mode 100644
index 3595cf2750bab2ba69cf5cd4c55e3349b2b78ca7..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/ksl.spdl
+++ /dev/null
@@ -1,75 +0,0 @@
-# KSL
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/ksl.html
-#
-#
-
-
-usertype Server, SessionKey, TimeStamp, TicketKey;
-usertype ExpiredTimeStamp;
-
-const Fresh: Function;
-const Compromised: Function;
-
-
-
-protocol ksl(I,R,S)
-{
- role I
- {
- fresh Ni, Mi: Nonce;
- var Nc, Mr: Nonce;
- var T: Ticket;
- var Kir: SessionKey;
-
- send_1(I,R, Ni, I);
- recv_4(R,I, { Ni,R,Kir }k(I,S), T, Nc, {Ni}Kir );
- send_5(I,R, { Nc }Kir );
-
- send_6(I,R, Mi,T );
- recv_7(R,I, Mr,{Mi}Kir );
- send_8(I,R, {Mr}Kir );
-
- claim_I1(I,Secret, Kir);
- claim_I2(I,Niagree);
- claim_I3(I,Nisynch);
- claim_I4(I,Empty, (Fresh, Kir));
- }
-
- role R
- {
- var Ni,Mi: Nonce;
- fresh Nr,Nc,Mr: Nonce;
- var Kir: SessionKey;
- fresh Kbb: TicketKey;
- fresh Tr: TimeStamp;
- var T: Ticket;
-
- recv_1(I,R, Ni, I);
- send_2(R,S, Ni, I, Nr, R );
- recv_3(S,R, { Nr, I, Kir }k(R,S), T );
- send_4(R,I, T, { Tr, I, Kir }Kbb, Nc, {Ni}Kir );
- recv_5(I,R, { Nc }Kir );
-
- recv_6(I,R, Mi,{ Tr, I, Kir }Kbb );
- send_7(R,I, Mr,{Mi}Kir );
- recv_8(I,R, {Mr}Kir );
-
- claim_R1(R,Secret, Kir);
- claim_R2(R,Niagree);
- claim_R3(R,Nisynch);
- claim_R4(R,Empty,(Fresh,Kir));
- }
-
- role S
- {
- var Ni, Nr: Nonce;
- fresh Kir: SessionKey;
-
- recv_2(R,S, Ni, I, Nr, R );
- send_3(S,R, { Nr, I, Kir }k(R,S), { Ni,R,Kir }k(I,S) );
- }
-}
-
-
diff --git a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/needham-schroeder-sk-amend.spdl b/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/needham-schroeder-sk-amend.spdl
deleted file mode 100644
index 189093d107295d32d8bc177f455d9246d0059bf0..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/needham-schroeder-sk-amend.spdl
+++ /dev/null
@@ -1,66 +0,0 @@
-# Amended Needham Schroeder Symmetric Key
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/nssk_amended.html
-#
-#
-# Note:
-# According to SPORE there are no attacks on this protocol, scyther
-# finds one however. This has to be investigated further.
-
-
-
-# Model dec that is invertible by inc
-const dec,inc: Function;
-inversekeys(dec,inc);
-usertype SessionKey;
-const Fresh: Function;
-const Compromised: Function;
-
-protocol needhamschroedersk-amend(I,R,S)
-{
- role I
- {
- fresh Ni: Nonce;
- var Nr: Nonce;
- var Kir: SessionKey;
- var T,T2: Ticket;
-
- send_1(I,R,I);
- recv_2(R,I,T);
- send_3(I,S,(I,R,Ni,T));
- recv_4(S,I, {Ni,R,Kir,T2}k(I,S));
- send_5(I,R,T2);
- recv_6(R,I,{Nr}Kir);
- send_7(I,R,{{Nr}dec}Kir);
-
- claim_I2(I,Secret,Kir);
- claim_I3(I,Nisynch);
- claim_I4(I,Empty,(Fresh,Kir));
- }
-
- role R
- {
- fresh Nr: Nonce;
- var Kir: SessionKey;
-
- recv_1(I,R,I);
- send_2(R,I,{I,Nr}k(R,S));
- recv_5(I,R,{Kir,Nr,I}k(R,S));
- send_6(R,I,{Nr}Kir);
- recv_7(I,R,{{Nr}dec}Kir);
- claim_R1(R,Secret,Nr);
- claim_R3(R,Nisynch);
- claim_R4(R,Empty,(Fresh,Kir));
- }
-
- role S
- {
- var Ni,Nr: Nonce;
- fresh Kir: SessionKey;
- recv_3(I,S,(I,R,Ni,{I,Nr}k(R,S)));
- send_4(S,I,{Ni,R,Kir,{Kir,Nr,I}k(R,S)}k(I,S));
- }
-
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/needham-schroeder-sk.spdl b/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/needham-schroeder-sk.spdl
deleted file mode 100644
index 71a7e6c3ca031a129edced11e2ed78a1e78ceb37..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/needham-schroeder-sk.spdl
+++ /dev/null
@@ -1,56 +0,0 @@
-# Needham Schroeder Symmetric Key
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/nssk.html
-#
-#
-
-
-# Model dec that is invertible by inc
-const dec,inc: Function;
-inversekeys(dec,inc);
-usertype SessionKey;
-const Fresh: Function;
-const Compromised: Function;
-
-protocol needhamschroedersk(I,R,S)
-{
- role I
- {
- fresh Ni: Nonce;
- var Nr: Nonce;
- var Kir: SessionKey;
- var T: Ticket;
-
- send_1(I,S,(I,R,Ni));
- recv_2(S,I, {Ni,R,Kir,T}k(I,S));
- send_3(I,R,T);
- recv_4(R,I,{Nr}Kir);
- send_5(I,R,{{Nr}dec}Kir);
- claim_I2(I,Secret,Kir);
- claim_I3(I,Nisynch);
- claim_I4(I,Empty,(Fresh,Kir));
- }
-
- role R
- {
- fresh Nr: Nonce;
- var Kir: SessionKey;
-
- recv_3(I,R,{Kir,I}k(R,S));
- send_4(R,I,{Nr}Kir);
- recv_5(I,R,{{Nr}dec}Kir);
- claim_R1(R,Secret,Kir);
- claim_R3(R,Nisynch);
- claim_R4(R,Empty,(Fresh,Kir));
- }
-
- role S
- {
- var Ni: Nonce;
- fresh Kir: SessionKey;
- recv_1(I,S,(I,R,Ni));
- send_2(S,I,{Ni,R,Kir,{Kir,I}k(R,S)}k(I,S));
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/new.txt b/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/new.txt
deleted file mode 100644
index dbba1982d9d5f1ac0b3570a6e1f32d6c93138f09..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/new.txt
+++ /dev/null
@@ -1,5 +0,0 @@
-denning-sacco-lowe.spdl
-wmf.spdl
-wmf-lowe.spdl
-andrew-ban-concrete.spdl
-yahalom-ban-paulson.spdl
diff --git a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/ns3.spdl b/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/ns3.spdl
deleted file mode 100644
index b83afa7f8f1668784cf4d216744a71dcb2a89bfe..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/ns3.spdl
+++ /dev/null
@@ -1,41 +0,0 @@
-/*
- * Needham-Schroeder protocol
- */
-
-// The protocol description
-
-protocol ns3(I,R)
-{
- role I
- {
- fresh ni: Nonce;
- var nr: Nonce;
-
- send_1(I,R, {ni,I}pk(R) );
- recv_2(R,I, {ni,nr}pk(I) );
- send_3(I,R, {nr}pk(R) );
-
- claim_i1(I,Secret,ni);
- claim_i2(I,Secret,nr);
- //claim_i3(I,Alive);
- claim_i4(I,Niagree);
- claim_i5(I,Nisynch);
- }
-
- role R
- {
- var ni: Nonce;
- fresh nr: Nonce;
-
- recv_1(I,R, {ni,I}pk(R) );
- send_2(R,I, {ni,nr}pk(I) );
- recv_3(I,R, {nr}pk(R) );
-
- claim_r1(R,Secret,ni);
- claim_r2(R,Secret,nr);
- //claim_r3(R,Alive);
- claim_r4(R,Niagree);
- claim_r5(R,Nisynch);
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/nsl3.spdl b/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/nsl3.spdl
deleted file mode 100644
index a4bfef59ba5460e46a4adf941a03c3375291305d..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/nsl3.spdl
+++ /dev/null
@@ -1,39 +0,0 @@
-/*
- * Needham-Schroeder-Lowe protocol
- */
-
-// The protocol description
-
-protocol nsl3(I,R)
-{
- role I
- {
- fresh ni: Nonce;
- var nr: Nonce;
-
- send_1(I,R, {ni,I}pk(R) );
- recv_2(R,I, {ni,nr,R}pk(I) );
- send_3(I,R, {nr}pk(R) );
-
- claim_i1(I,Secret,ni);
- claim_i2(I,Secret,nr);
- claim_i3(I,Niagree);
- claim_i4(I,Nisynch);
- }
-
- role R
- {
- var ni: Nonce;
- fresh nr: Nonce;
-
- recv_1(I,R, {ni,I}pk(R) );
- send_2(R,I, {ni,nr,R}pk(I) );
- recv_3(I,R, {nr}pk(R) );
-
- claim_r1(R,Secret,ni);
- claim_r2(R,Secret,nr);
- claim_r3(R,Niagree);
- claim_r4(R,Nisynch);
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/otwayrees.spdl b/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/otwayrees.spdl
deleted file mode 100644
index bed12addbb962630e674c20705162c706183767c..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/otwayrees.spdl
+++ /dev/null
@@ -1,56 +0,0 @@
-# Otway Rees
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/otwayRees.html
-#
-
-
-const Fresh: Function;
-const Compromised: Function;
-
-usertype String,SessionKey;
-
-protocol otwayrees(I,R,S)
-{
- role I
- {
- fresh Ni : Nonce;
- fresh M : String;
- var Kir : SessionKey;
-
- send_1(I,R, M,I,R,{Ni,M,I,R}k(I,S) );
- recv_4(R,I, M,{Ni,Kir}k(I,S) );
-
- claim_I1(I, Secret,Kir);
- claim_I2(I, Nisynch);
- claim_I3(I, Empty, (Fresh,Kir));
- }
-
- role R
- {
- var M : String;
- fresh Nr : Nonce;
- var Kir : SessionKey;
- var T1,T2: Ticket;
-
- recv_1(I,R, M,I,R, T1 );
- send_2(R,S, M,I,R, T1, { Nr,M,I,R }k(R,S) );
- recv_3(S,R, M, T2, { Nr,Kir }k(R,S) );
- send_4(R,I, M, T2 );
-
- claim_R1(R, Secret,Kir);
- claim_R2(R, Nisynch);
- claim_R3(R, Empty, (Fresh,Kir));
- }
-
- role S
- {
- var Ni,Nr : Nonce;
- var M : String;
- fresh Kir : SessionKey;
-
- recv_2(R,S, M,I,R, { Ni,M,I,R}k(I,S), { Nr,M,I,R }k(R,S) );
- send_3(S,R, M, { Ni,Kir }k(I,S) , { Nr,Kir }k(R,S) );
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/soph.spdl b/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/soph.spdl
deleted file mode 100644
index 3b108514f40d9182acbfbe3746f4a5ec76947b16..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/soph.spdl
+++ /dev/null
@@ -1,21 +0,0 @@
-
-protocol soph(I,R)
-{
- role I
- {
- fresh ni: Nonce;
-
- send_1(I,R, {I,ni}pk(R) );
- recv_2(R,I, ni );
- claim_3(I,Niagree);
- }
-
- role R
- {
- var ni: Nonce;
-
- recv_1(I,R, {I,ni}pk(R) );
- send_2(R,I, ni );
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/splice-as-cj.spdl b/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/splice-as-cj.spdl
deleted file mode 100644
index b393294a0e2524970c0bd0be27db7a38404ce592..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/splice-as-cj.spdl
+++ /dev/null
@@ -1,66 +0,0 @@
-# Clark and Jacob modified Hwang and Chen modified SPLICE/AS
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/spliceas3.html
-#
-# Note:
-# The assumptions made here do not comply with those in SPORE
-# SPORE assumes that the agents do not know the pk function, but only
-# their own public key values.
-# This can currently not be modelled.
-
-
-usertype TimeStamp, LifeTime;
-
-const inc,dec: Function;
-inversekeys (inc,dec);
-
-protocol spliceAS-CJ(I,R,S)
-{
- role I
- {
- fresh N1,N2: Nonce;
- fresh T: TimeStamp;
- fresh L: LifeTime;
-
- send_1(I,S, I, R, N1 );
- recv_2(S,I, S, {S, I, N1, R, pk(R)}sk(S) );
- send_3(I,R, I, R, {T, L, {I, N2}pk(R)}sk(I) );
- recv_6(R,I, R, I, {{N2}inc}pk(I) );
-
- claim_7(I, Secret, N2);
- claim_9(I, Niagree);
- claim_10(I, Nisynch);
- }
-
- role S
- {
- var N1,N3: Nonce;
-
- recv_1(I,S, I, R, N1 );
- send_2(S,I, S, {S, I, N1, R, pk(R)}sk(S) );
- recv_4(R,S, R, I, N3 );
- send_5(S,R, S, {S, R, N3, pk(I)}sk(S) );
- }
-
- role R
- {
- fresh N3: Nonce;
- var N2: Nonce;
- var T: TimeStamp;
- var L: LifeTime;
-
- var ni: Nonce;
- fresh nr: Nonce;
-
- recv_3(I,R, I, R, {T, L, {I, N2}pk(R)}sk(I) );
- send_4(R,S, R, I, N3 );
- recv_5(S,R, S, {S, R, N3, pk(I)}sk(S) );
- send_6(R,I, R, I, {{N2}inc}pk(I) );
-
- claim_8(R, Secret, N2);
- claim_11(R, Niagree);
- claim_12(R, Nisynch);
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/splice-as-hc.spdl b/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/splice-as-hc.spdl
deleted file mode 100644
index 2f975ad29dad1faaa6150ad4e56dfc83b9c20fb5..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/splice-as-hc.spdl
+++ /dev/null
@@ -1,61 +0,0 @@
-# Hwang and Chen Modified SPLICE/AS
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/spliceas2.html
-#
-
-
-usertype TimeStamp, LifeTime;
-
-const inc,dec: Function;
-inversekeys (inc,dec);
-
-protocol spliceAS-HC(I,R,S)
-{
- role I
- {
- fresh N1,N2: Nonce;
- fresh T: TimeStamp;
- fresh L: LifeTime;
-
- send_1(I,S, I, R, N1 );
- recv_2(S,I, S, {S, I, N1, R, pk(R)}sk(S) );
- send_3(I,R, I, R, {I, T, L, {N2}pk(R)}sk(I) );
- recv_6(R,I, R, I, {R, {N2}inc}pk(I) );
-
- claim_7(I, Secret, N2);
- claim_9(I, Niagree);
- claim_10(I, Nisynch);
- }
-
- role S
- {
- var N1,N3: Nonce;
-
- recv_1(I,S, I, R, N1 );
- send_2(S,I, S, {S, I, N1, R, pk(R)}sk(S) );
- recv_4(R,S, R, I, N3 );
- send_5(S,R, S, {S, R, N3, I, pk(I)}sk(S) );
- }
-
- role R
- {
- fresh N3: Nonce;
- var N2: Nonce;
- var T: TimeStamp;
- var L: LifeTime;
-
- var ni: Nonce;
- fresh nr: Nonce;
-
- recv_3(I,R, I, R, {I, T, L, {N2}pk(R)}sk(I) );
- send_4(R,S, R, I, N3 );
- recv_5(S,R, S, {S, R, N3, I, pk(I)}sk(S) );
- send_6(R,I, R, I, {R, {N2}inc}pk(I) );
-
- claim_8(R, Secret, N2);
- claim_11(R, Niagree);
- claim_12(R, Nisynch);
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/splice-as.spdl b/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/splice-as.spdl
deleted file mode 100644
index b1d8e181dee03a611e57770eae47e84b0d9238f3..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/splice-as.spdl
+++ /dev/null
@@ -1,66 +0,0 @@
-# SPLICE/AS
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/spliceas.html
-#
-# Note:
-# The assumptions made here do not comply with those in SPORE
-# SPORE assumes that the agents do not know the pk function, but only
-# their own public key values.
-# This can currently not be modelled.
-
-
-usertype TimeStamp, LifeTime;
-
-const inc,dec: Function;
-inversekeys (inc,dec);
-
-protocol spliceAS(I,R,S)
-{
- role I
- {
- fresh N1,N2: Nonce;
- fresh T: TimeStamp;
- fresh L: LifeTime;
-
- send_1(I,S, I, R, N1 );
- recv_2(S,I, S, {S, I, N1, pk(R)}sk(S) );
- send_3(I,R, I, R, {I, T, L, {N2}pk(R)}sk(I) );
- recv_6(R,I, R, I, {R, {N2}inc}pk(I) );
-
- claim_7(I, Secret, N2);
- claim_9(I, Niagree);
- claim_10(I, Nisynch);
- }
-
- role S
- {
- var N1,N3: Nonce;
-
- recv_1(I,S, I, R, N1 );
- send_2(S,I, S, {S, I, N1, pk(R)}sk(S) );
- recv_4(R,S, R, I, N3 );
- send_5(S,R, S, {S, R, N3, pk(I)}sk(S) );
- }
-
- role R
- {
- fresh N3: Nonce;
- var N2: Nonce;
- var T: TimeStamp;
- var L: LifeTime;
-
- var ni: Nonce;
- fresh nr: Nonce;
-
- recv_3(I,R, I, R, {I, T, L, {N2}pk(R)}sk(I) );
- send_4(R,S, R, I, N3 );
- recv_5(S,R, S, {S, R, N3, pk(I)}sk(S) );
- send_6(R,I, R, I, {R, {N2}inc}pk(I) );
-
- claim_8(R, Secret, N2);
- claim_11(R, Niagree);
- claim_12(R, Nisynch);
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/tmn.spdl b/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/tmn.spdl
deleted file mode 100644
index c6fb55fecbe88e8ce642f86260ee5bceca08b443..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/tmn.spdl
+++ /dev/null
@@ -1,51 +0,0 @@
-# TMN
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/tmn.html
-#
-# Note:
-# According to Boyd and Mathuria Kb is the session key this is not clear
-# from the description in SPORE
-usertype SessionKey;
-
-const Fresh: Function;
-const Compromised: Function;
-
-protocol tmn(I,R,S)
-{
- role I
- {
- fresh Ki: SessionKey;
- var Kr: SessionKey;
-
- send_1(I,S, R,{Ki}pk(S) );
- recv_4(S,I, R,{Kr}Ki );
-
- claim_I1(I,Secret,Kr);
- claim_I2(I,Nisynch);
- claim_I3(I,Empty,(Fresh,Kr));
- }
-
- role R
- {
- fresh Kr: SessionKey;
-
- recv_2(S,R, I );
- send_3(R,S, I, { Kr }pk(S) );
-
- claim_R1(R,Secret,Kr);
- claim_R2(R,Nisynch);
- claim_R3(R,Empty,(Fresh,Kr));
- }
-
- role S
- {
- var Ki,Kr: SessionKey;
-
- recv_1(I,S, R,{Ki}pk(S) );
- send_2(S,R, I );
- recv_3(R,S, I, { Kr }pk(S) );
- send_4(S,I, R,{Kr}Ki );
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/wmf-brutus.spdl b/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/wmf-brutus.spdl
deleted file mode 100644
index c22bdcc233cb9ebd3b702a54e42905c1ad862e5e..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/wmf-brutus.spdl
+++ /dev/null
@@ -1,32 +0,0 @@
-usertype SesKey, Server;
-
-/* Version from the Brutus reports
-*/
-
-protocol wmfbrutus(A,B,S)
-{
- role A
- {
- fresh kab : SesKey;
-
- send_1(A,S, A, { B,kab }k(A,S) );
- }
-
- role B
- {
- var kab : SesKey;
-
- recv_2(S,B, { A, kab }k(B,S) );
-
- claim_3(B, Secret,kab);
- }
-
- role S
- {
- var kab : SesKey;
-
- recv_1(A,S, A, { B,kab }k(A,S) );
- send_2(S,B, { A, kab }k(B,S) );
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/wmf-lowe.spdl b/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/wmf-lowe.spdl
deleted file mode 100644
index 0e0de87f2d852889cf5eb101c7c9a0074e26c60c..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/wmf-lowe.spdl
+++ /dev/null
@@ -1,63 +0,0 @@
-# Lowe modified Wide Mouthed Frog
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/wideMouthedFrogLowe.html
-#
-# Note:
-# According to SPORE there are no known attacks on this protocol, scyther
-# finds one however this has to do with the unusual assumption that every
-# agent can recognise and will reject to recv messages that it has created
-# itself.
-
-usertype SessionKey;
-usertype TimeStamp;
-usertype ExpiredTimeStamp;
-const succ,pred: Function;
-inversekeys (succ,pred);
-const Fresh: Function;
-const Compromised: Function;
-
-protocol wmf-Lowe(I,R,S)
-{
- role I
- {
- fresh Kir: SessionKey;
- fresh Ti: TimeStamp;
- var Kr: SessionKey;
- var Nr: Nonce;
-
- send_1(I,S, I, {Ti, R, Kir}k(I,S));
- recv_3(R,I,{Nr}Kir);
- send_4(I,R,{{Nr}succ}Kir);
-
- claim_I1(I,Secret,Kir);
- claim_I2(I,Nisynch);
- claim_I3(I,Empty,(Fresh,Kir));
- }
-
- role R
- {
- var Ts: TimeStamp;
- var Kir: SessionKey;
- fresh Nr: Nonce;
-
- recv_2(S,R, {Ts, I, Kir}k(R,S) );
- send_3(R,I, {Nr}Kir);
- recv_4(I,R, {{Nr}succ}Kir);
-
- claim_R1(R,Secret,Kir);
- claim_R2(R,Nisynch);
- claim_R3(R,Empty,(Fresh,Kir));
- }
-
- role S
- {
- var Kir: SessionKey;
- fresh Ts: TimeStamp;
- var Ti: TimeStamp;
-
- recv_1(I,S, I,{Ti, R, Kir}k(I,S) );
- send_2(S,R, {Ts, I, Kir}k(R,S));
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/wmf.spdl b/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/wmf.spdl
deleted file mode 100644
index 758843ad8db42af3b4250060d47b14d88444938f..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/wmf.spdl
+++ /dev/null
@@ -1,54 +0,0 @@
-# Wide Mouthed Frog
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/wideMouthedFrog.html
-#
-# Note
-# The name of the party that has generated a message was added in order
-# to model the property described in SPORE that an agent can identify
-# its own messages and will reject them.
-
-usertype SessionKey;
-usertype TimeStamp;
-usertype ExpiredTimeStamp;
-
-const Fresh: Function;
-const Compromised: Function;
-
-protocol wmf(I,R,S)
-{
- role I
- {
- fresh Kir: SessionKey;
- fresh Ti: TimeStamp;
- var Kr: SessionKey;
-
- send_1(I,S, I, {I, Ti, R, Kir}k(I,S));
-
- claim_I1(I,Secret,Kir);
- claim_I2(I,Empty,(Fresh,Kir));
- }
-
- role R
- {
- var Ts: TimeStamp;
- var Kir: SessionKey;
-
- recv_2(S,R, {S, Ts, I, Kir}k(R,S) );
-
- claim_R1(R,Secret,Kir);
- claim_R2(R,Nisynch);
- claim_R3(R,Empty,(Fresh,Kir));
- }
-
- role S
- {
- var Kir: SessionKey;
- fresh Ts: TimeStamp;
- var Ti: TimeStamp;
-
- recv_1(I,S, I,{I, Ti, R, Kir}k(I,S) );
- send_2(S,R, {S, Ts, I, Kir}k(R,S));
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/woo-lam-pi-1.spdl b/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/woo-lam-pi-1.spdl
deleted file mode 100644
index 7e4e09dc56a0317935e27247354bacd062a41d78..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/woo-lam-pi-1.spdl
+++ /dev/null
@@ -1,41 +0,0 @@
-# Woo and Lam Pi 1
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/wooLamPi1.html
-#
-
-protocol woolamPi-1(I,R,S)
-{
- role I
- {
- var Nr: Nonce;
-
- send_1(I,R, I);
- recv_2(R,I, Nr);
- send_3(I,R, {I,R,Nr}k(I,S));
-
- }
-
- role R
- {
- fresh Nr: Nonce;
- var T: Ticket;
-
- recv_1(I,R, I);
- send_2(R,I, Nr);
- recv_3(I,R, T);
- send_4(R,S, {I,R, T}k(R,S));
- recv_5(S,R, {I,R, Nr}k(R,S));
-
- claim_R1(R,Nisynch);
- }
-
- role S
- {
- var Nr: Nonce;
-
- recv_4(R,S, {I,R, {I,R,Nr}k(I,S)}k(R,S));
- send_5(S,R, {I,R,Nr}k(R,S));
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/woo-lam-pi-2.spdl b/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/woo-lam-pi-2.spdl
deleted file mode 100644
index 5d767d614d01b5755e0b81f4d2eade5f6cb3e776..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/woo-lam-pi-2.spdl
+++ /dev/null
@@ -1,41 +0,0 @@
-# Woo and Lam Pi 2
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/wooLamPi2.html
-#
-
-protocol woolamPi-2(I,R,S)
-{
- role I
- {
- var Nr: Nonce;
-
- send_1(I,R, I);
- recv_2(R,I, Nr);
- send_3(I,R, {I,Nr}k(I,S));
-
- }
-
- role R
- {
- fresh Nr: Nonce;
- var T: Ticket;
-
- recv_1(I,R, I);
- send_2(R,I, Nr);
- recv_3(I,R, T);
- send_4(R,S, {I, T}k(R,S));
- recv_5(S,R, {I, Nr}k(R,S));
-
- claim_R1(R,Nisynch);
- }
-
- role S
- {
- var Nr: Nonce;
-
- recv_4(R,S, {I, {I,Nr}k(I,S)}k(R,S));
- send_5(S,R, {I,Nr}k(R,S));
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/woo-lam-pi-3.spdl b/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/woo-lam-pi-3.spdl
deleted file mode 100644
index 1db544e1b58b303e4c51014525bef6096465416a..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/woo-lam-pi-3.spdl
+++ /dev/null
@@ -1,41 +0,0 @@
-# Woo and Lam Pi 2
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/wooLamPi3.html
-#
-
-protocol woolamPi-3(I,R,S)
-{
- role I
- {
- var Nr: Nonce;
-
- send_1(I,R, I);
- recv_2(R,I, Nr);
- send_3(I,R, {Nr}k(I,S));
-
- }
-
- role R
- {
- fresh Nr: Nonce;
- var T: Ticket;
-
- recv_1(I,R, I);
- send_2(R,I, Nr);
- recv_3(I,R, T);
- send_4(R,S, {I, T}k(R,S));
- recv_5(S,R, {I, Nr}k(R,S));
-
- claim_R1(R,Nisynch);
- }
-
- role S
- {
- var Nr: Nonce;
-
- recv_4(R,S, {I, {Nr}k(I,S)}k(R,S));
- send_5(S,R, {I,Nr}k(R,S));
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/woo-lam-pi-f.spdl b/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/woo-lam-pi-f.spdl
deleted file mode 100644
index 22f028c0e8edc3654b2f162471de803271f53228..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/woo-lam-pi-f.spdl
+++ /dev/null
@@ -1,41 +0,0 @@
-# Woo and Lam Pi f
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/wooLamPif.html
-#
-
-protocol woolamPi-f(I,R,S)
-{
- role I
- {
- var Nr: Nonce;
-
- send_1(I,R, I);
- recv_2(R,I, Nr);
- send_3(I,R, {I,R,Nr}k(I,S));
-
- }
-
- role R
- {
- fresh Nr: Nonce;
- var T: Ticket;
-
- recv_1(I,R, I);
- send_2(R,I, Nr);
- recv_3(I,R, T);
- send_4(R,S, {I, R, Nr, T}k(R,S));
- recv_5(S,R, {I, R, Nr}k(R,S));
-
- claim_R1(R,Nisynch);
- }
-
- role S
- {
- var Nr: Nonce;
-
- recv_4(R,S, {I, R, Nr,{I,R,Nr}k(I,S)}k(R,S));
- send_5(S,R, {I, R, Nr}k(R,S));
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/woo-lam.spdl b/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/woo-lam.spdl
deleted file mode 100644
index 7e28057801d960a6e5dee165249df7a1b2320362..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/woo-lam.spdl
+++ /dev/null
@@ -1,64 +0,0 @@
-# Woo and Lam Mutual Authentication
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/wooLamMutual.html
-#
-
-
-usertype SessionKey;
-
-const Fresh: Function;
-const Compromised: Function;
-
-protocol woolam(I,R,S)
-{
- role I
- {
- fresh N1: Nonce;
- var Kir: SessionKey;
- var N2: Nonce;
-
- send_1(I,R, I, N1);
- recv_2(R,I, R, N2);
- send_3(I,R, {I, R, N1, N2}k(I,S));
- recv_6(R,I, {R, N1, N2, Kir}k(I,S), {N1,N2}Kir);
- send_7(I,R, {N2}Kir);
-
-
- claim_I1(I,Secret,Kir);
- claim_I2(I,Nisynch);
- claim_I3(I,Empty,(Fresh,Kir));
- }
-
- role R
- {
- fresh N2: Nonce;
- var N1: Nonce;
- var Kir: SessionKey;
- var T1,T2: Ticket;
-
- recv_1(I,R, I, N1);
- send_2(R,I, R, N2);
- recv_3(I,R, T1);
- send_4(R,S, T1, {I, R, N1, N2}k(R,S));
- recv_5(S,R, T2, {I, N1, N2, Kir}k(R,S));
- send_6(R,I, T2, {N1,N2}Kir);
- recv_7(I,R, {N2}Kir);
-
- claim_R1(R,Secret,Kir);
- claim_R2(R,Nisynch);
- claim_R3(R,Empty,(Fresh,Kir));
- }
-
- role S
- {
- fresh Kir: SessionKey;
- var N1,N2: Nonce;
-
- recv_4(R,S, {I, R, N1, N2}k(I,S), {I, R, N1, N2}k(R,S));
- send_5(S,R, {R, N1, N2, Kir}k(I,S), {I, N1, N2, Kir}k(R,S));
- }
-}
-
-
-
diff --git a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/yahalom-ban-paulson-modified.spdl b/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/yahalom-ban-paulson-modified.spdl
deleted file mode 100644
index 13d62a6240e0c03d85dbda88565864d510f405bd..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/yahalom-ban-paulson-modified.spdl
+++ /dev/null
@@ -1,49 +0,0 @@
-// BAN modified version of the yahalom protocol
-//
-// Modeled as version in Paulson's paper:
-// "Relations Between Secrets: Two Formal Analyses of the Yahalom
-// Protocol"
-//
-// Modified (improved) version from page 16.
-
-usertype Server;
-usertype SessionKey;
-
-protocol yahalom-BAN-Paulson-modified(A,B,S)
-{
- role A
- {
- fresh na: Nonce;
- var nb: Nonce;
- var ticket: Ticket;
- var kab: SessionKey;
-
- send_1(A,B, A,na);
- recv_3(S,A, nb, {B,kab,na}k(A,S), ticket );
- send_4(A,B, ticket, {nb}kab );
- claim_5(A, Secret,kab);
- }
-
- role B
- {
- fresh nb: Nonce;
- var na: Nonce;
- var ticket: Ticket;
- var kab: SessionKey;
-
- recv_1(A,B, A,na);
- send_2(B,S, B, nb, {A,na}k(B,S) );
- recv_4(A,B, {A,B,kab,nb}k(B,S) , {nb}kab );
- claim_6(B, Secret,kab);
- }
-
- role S
- {
- fresh kab: SessionKey;
- var na,nb: Nonce;
-
- recv_2(B,S, B, nb, {A,na}k(B,S) );
- send_3(S,A, nb, {B,kab,na}k(A,S), {A,B,kab,nb}k(B,S) );
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/yahalom-ban-paulson.spdl b/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/yahalom-ban-paulson.spdl
deleted file mode 100644
index 7d312ec5019ab680f1e6e1be5462f6b61ec29186..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/yahalom-ban-paulson.spdl
+++ /dev/null
@@ -1,47 +0,0 @@
-// BAN modified version of the yahalom protocol
-//
-// Modeled as version in Paulson's paper:
-// "Relations Between Secrets: Two Formal Analyses of the Yahalom
-// Protocol"
-
-usertype Server;
-usertype SessionKey;
-
-protocol yahalom-BAN-Paulson(A,B,S)
-{
- role A
- {
- fresh na: Nonce;
- var nb: Nonce;
- var ticket: Ticket;
- var kab: SessionKey;
-
- send_1(A,B, A,na);
- recv_3(S,A, {B,kab,na,nb}k(A,S), ticket );
- send_4(A,B, ticket, {nb}kab );
- claim_5(A, Secret,kab);
- }
-
- role B
- {
- fresh nb: Nonce;
- var na: Nonce;
- var ticket: Ticket;
- var kab: SessionKey;
-
- recv_1(A,B, A,na);
- send_2(B,S, B, {A,na,nb}k(B,S) );
- recv_4(A,B, {A,kab}k(B,S) , {nb}kab );
- claim_6(B, Secret,kab);
- }
-
- role S
- {
- fresh kab: SessionKey;
- var na,nb: Nonce;
-
- recv_2(B,S, B, {A,na,nb}k(B,S) );
- send_3(S,A, {B,kab,na,nb}k(A,S), {A,kab}k(B,S) );
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/yahalom-ban.spdl b/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/yahalom-ban.spdl
deleted file mode 100644
index 3fa5f84aa0e6160fc0ceddaa175d54ab7f77336f..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/yahalom-ban.spdl
+++ /dev/null
@@ -1,55 +0,0 @@
-# BAN simplified version of Yahalom
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/yahalomBAN.html
-#
-
-usertype SessionKey;
-const Fresh: Function;
-const Compromised: Function;
-
-protocol yahalom-BAN(I,R,S)
-{
- role I
- {
- fresh Ni: Nonce;
- var Nr: Nonce;
- var T: Ticket;
- var Kir: SessionKey;
-
- send_1(I,R, I,Ni);
- recv_3(S,I, Nr, {R,Kir,Ni}k(I,S), T );
- send_4(I,R, T, {Nr}Kir );
-
- claim_I1(I, Secret,Kir);
- claim_I2(I, Nisynch);
- claim_I3(I, Empty, (Fresh,Kir));
- }
-
- role R
- {
- fresh Nr: Nonce;
- var Ni: Nonce;
- var T: Ticket;
- var Kir: SessionKey;
-
- recv_1(I,R, I,Ni);
- send_2(R,S, R, Nr, {I,Ni}k(R,S) );
- recv_4(I,R, {I,Kir,Nr}k(R,S) , {Nr}Kir );
-
- claim_R1(R, Secret,Kir);
- claim_R2(R, Nisynch);
- claim_R3(R, Empty, (Fresh,Kir));
- }
-
- role S
- {
- fresh Kir: SessionKey;
- var Ni,Nr: Nonce;
-
- recv_2(R,S, R, Nr, {I,Ni}k(R,S) );
- send_3(S,I, Nr, {R,Kir,Ni}k(I,S), {I,Kir,Nr}k(R,S) );
- }
-}
-
-
diff --git a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/yahalom-lowe.spdl b/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/yahalom-lowe.spdl
deleted file mode 100644
index 651389d35695a15963733db796cf9ab3445e97ab..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/yahalom-lowe.spdl
+++ /dev/null
@@ -1,53 +0,0 @@
-# Lowe's modified version of Yahalom
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/yahalomLowe.html
-#
-#
-
-usertype SessionKey;
-
-
-protocol yahalom-Lowe(I,R,S)
-{
- role I
- {
- fresh Ni: Nonce;
- var Nr: Nonce;
- var Kir: SessionKey;
-
- send_1(I,R, I,Ni);
- recv_3(S,I, {R,Kir,Ni,Nr}k(I,S) );
- send_5(I,R, {I, R, S, Nr}Kir );
-
- claim_I1(I, Secret,Kir);
- claim_I2(I, Nisynch);
- }
-
- role R
- {
- fresh Nr: Nonce;
- var Ni: Nonce;
- var Kir: SessionKey;
-
- recv_1(I,R, I,Ni);
- send_2(R,S, {I,Ni,Nr}k(R,S) );
- recv_4(S,R, {I,Kir}k(R,S));
- recv_5(I,R, {I, R, S, Nr}Kir);
-
- claim_R1(R, Secret,Kir);
- claim_R2(R, Nisynch);
- }
-
- role S
- {
- fresh Kir: SessionKey;
- var Ni,Nr: Nonce;
-
- recv_2(R,S, {I,Ni,Nr}k(R,S) );
- send_3(S,I, {R,Kir,Ni,Nr}k(I,S));
- send_4(S,R, {I,Kir}k(R,S));
- }
-}
-
-
diff --git a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/yahalom.spdl b/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/yahalom.spdl
deleted file mode 100644
index 063817fd13578148dc149004508f58ff1208364d..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/MultiProtocolAttacks/yahalom.spdl
+++ /dev/null
@@ -1,52 +0,0 @@
-# Yahalom
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/yahalom.html
-#
-#
-
-usertype SessionKey;
-
-protocol yahalom(I,R,S)
-{
- role I
- {
- fresh Ni: Nonce;
- var Nr: Nonce;
- var T: Ticket;
- var Kir: SessionKey;
-
- send_1(I,R, I,Ni);
- recv_3(S,I, {R,Kir,Ni,Nr}k(I,S), T );
- send_4(I,R, T, {Nr}Kir );
-
- claim_I1(I, Secret,Kir);
- }
-
- role R
- {
- fresh Nr: Nonce;
- var Ni: Nonce;
- var T: Ticket;
- var Kir: SessionKey;
-
- recv_1(I,R, I,Ni);
- send_2(R,S, R, {I,Ni,Nr}k(R,S) );
- recv_4(I,R, {I,Kir}k(R,S) , {Nr}Kir );
-
- claim_R1(R, Secret,Kir);
- }
-
- role S
- {
- fresh Kir: SessionKey;
- var Ni,Nr: Nonce;
-
- recv_2(R,S, R, {I,Ni,Nr}k(R,S) );
- send_3(S,I, {R,Kir,Ni,Nr}k(I,S), {I,Kir}k(R,S) );
-
- claim(S, Secret, Ni);
- claim(S, Secret, Nr);
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/NotModelled.txt b/Vagrant Files/shared/scyther/Protocols/NotModelled.txt
deleted file mode 100644
index 120e55f9df7edbaa6885fe8a2cc0082a10372df7..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/NotModelled.txt
+++ /dev/null
@@ -1,23 +0,0 @@
-The following protocols have not been modelled for use in Scyther:
-
-- CAM http://www.lsv.ens-cachan.fr/spore/cam.html
-This protocol only consists of one message and corresponding database actions.
-The description given in SPORE is unsuitable for formalisation.
-
-- Diffie Helman http://www.lsv.ens-cachan.fr/spore/diffieHelman.html
-This protocol relies on algebraic properties that can not be modelled in
-scyther.
-
-- GJM http://www.lsv.ens-cachan.fr/spore/gjm.html
-This protocol contains complicated if-then-else constructions that can
-not be modelled in scyther.
-
-- Gong http://www.lsv.ens-cachan.fr/spore/gong.html
-This protocol relies on algebraic properties that can not be modelled in
-scyther.
-
-- SK3
-This protocol relies on algebraic properties that can not be modelled in
-scyther. It also has the notion of channels that can not be attacked,
-which can not be modelled in scyther either.
-
diff --git a/Vagrant Files/shared/scyther/Protocols/andrew-ban-concrete.spdl b/Vagrant Files/shared/scyther/Protocols/andrew-ban-concrete.spdl
deleted file mode 100644
index 48f52d8f450814a116b7291bdfea1475800f311f..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/andrew-ban-concrete.spdl
+++ /dev/null
@@ -1,67 +0,0 @@
-# BAN concrete Andrew Secure RPC
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/andrewBAN2.html
-#
-# Note:
-# The shared key between I and R is modelled as k(I,R) currently
-# there is no way to express that this key is equal to k(R,I)
-# In order to overcome this a 'dummy' role X has been hadded that recrypts
-# a given term crypted with k(I,R) with k(R,I)
-#
-# Note:
-# Recv 4 by the Initatior has been placed after the synchronisation claim
-# as it allows trivial synchronisation attacks otherwise (the message is
-# completely fresh and can therefore always be replaced by an arbitrary value
-# created by the intruder) which are not considered in SPORE
-#
-
-usertype SessionKey;
-const Fresh: Function;
-
-protocol @swapkey(X)
-{
- # Protocol added to work around the symmetry problems where k(I,R) != k(R,I)
- role X
- {
- var I,R: Agent;
- var T:Ticket;
- recv_!X1(X,X,I,R,{T}k(I,R));
- send_!X2(X,X,{T}k(R,I));
- }
-}
-
-protocol andrew-Concrete(I,R)
-{
-
- role I
- {
- fresh ni: Nonce;
- var nr: Nonce;
- var kir: SessionKey;
-
- send_1(I,R, I,ni );
- recv_2(R,I, {ni,kir}k(I,R) );
- send_3(I,R, {ni}kir);
- claim_I1(I,Secret,kir);
- claim_I2(I,Nisynch);
- claim_I3(I,Empty,(Fresh,kir));
- recv_6(R,I, nr);
- }
-
- role R
- {
- var ni: Nonce;
- fresh nr: Nonce;
- fresh kir: SessionKey;
-
- recv_1(I,R, I,ni );
- send_2(R,I, {ni,kir}k(I,R) );
- recv_3(I,R, {ni}kir);
- send_6(R,I, nr);
- claim_R1(R,Secret,kir);
- claim_R2(R,Nisynch);
- claim_R3(R,Empty,(Fresh,kir));
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/andrew-ban.spdl b/Vagrant Files/shared/scyther/Protocols/andrew-ban.spdl
deleted file mode 100644
index 9ebd566ef451da3ab554d9d1369707272197ff14..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/andrew-ban.spdl
+++ /dev/null
@@ -1,54 +0,0 @@
-# BAN modified Andrew Secure RPC
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/andrewBAN.html
-#
-# Note:
-# The shared key between I and R is modelled as k(I,R) currently
-# there is no way to express that this key is equal to k(R,I)
-# So it is possile that certain attacks that use this property are not found
-#
-# Note:
-# According to SPORE there are no known attacks on this protocol
-#
-usertype SessionKey;
-const Fresh: Function;
-const Compromised: Function;
-
-protocol andrew-Ban(I,R)
-{
- role I
- {
- fresh ni: Nonce;
- var nr,nr2: Nonce;
- var kir: SessionKey;
-
- send_1(I,R, I,{ni}k(I,R) );
- recv_2(R,I, {ni,nr}k(I,R) );
- send_3(I,R, {nr}k(I,R) );
- recv_4(R,I, {kir,nr2,ni}k(I,R) );
- claim_I1(I,Nisynch);
- claim_I2(I,Niagree);
- claim_I3(I,Secret, kir);
- claim_I4(I,Secret, k(I,R));
- claim_I5(I,Empty, (Fresh,kir));
- }
-
- role R
- {
- var ni: Nonce;
- fresh nr,nr2: Nonce;
- fresh kir: SessionKey;
-
- recv_1(I,R, I,{ni}k(I,R) );
- send_2(R,I, {ni,nr}k(I,R) );
- recv_3(I,R, {nr}k(I,R) );
- send_4(R,I, {kir,nr2,ni}k(I,R) );
- claim_R1(R,Nisynch);
- claim_R2(R,Niagree);
- claim_R3(R,Secret, kir);
- claim_R4(R,Secret, k(I,R));
- claim_R5(R,Empty, (Fresh,kir));
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/andrew-lowe-ban.spdl b/Vagrant Files/shared/scyther/Protocols/andrew-lowe-ban.spdl
deleted file mode 100644
index 04e15f27a67bbe57cd026848e0b715e9602e407b..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/andrew-lowe-ban.spdl
+++ /dev/null
@@ -1,57 +0,0 @@
-# Lowe modified BAN concrete Andrew Secure RPC
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/andrewLowe.html
-#
-# Note:
-# The shared key between I and R is modelled as k(I,R) currently
-# there is no way to express that this key is equal to k(R,I)
-# So it is possile that certain attacks that use this property are not found
-#
-# Note:
-# Recv 4 by the Initatior has been placed after the synchronisation claim
-# as it allows trivial synchronisation attacks otherwise (the message is
-# completely fresh and can therefore always be replaced by an arbitrary value
-# created by the intruder) which are not considered in SPORE
-#
-# Note:
-# According to SPORE there are no known attacks on this protocol
-#
-
-usertype SessionKey;
-const Fresh: Function;
-const Compromised: Function;
-
-protocol andrew-LoweBan(I,R)
-{
- role I
- {
- fresh ni: Nonce;
- var nr: Nonce;
- var kir: SessionKey;
-
- send_1(I,R, I,ni );
- recv_2(R,I, {ni,kir,R}k(I,R) );
- send_3(I,R, {ni}kir );
- claim_I1(I,Nisynch);
- claim_I2(I,Secret, kir);
- claim_I3(I,Empty, (Fresh,kir));
- recv_4(R,I, nr );
- }
-
- role R
- {
- var ni: Nonce;
- fresh nr: Nonce;
- fresh kir: SessionKey;
-
- recv_1(I,R, I,ni );
- send_2(R,I, {ni,kir,R}k(I,R) );
- recv_3(I,R, {ni}kir );
- send_4(R,I, nr );
- claim_R1(R,Nisynch);
- claim_R2(R,Secret, kir);
- claim_R3(R,Empty, (Fresh,kir));
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/andrew.spdl b/Vagrant Files/shared/scyther/Protocols/andrew.spdl
deleted file mode 100644
index b2e663c9ed696af76879b5b0a7c8d474d35e8e96..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/andrew.spdl
+++ /dev/null
@@ -1,50 +0,0 @@
-# Andrew Secure RPC
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/andrew.html
-#
-# Note:
-# The shared key between I and R is modelled as k(I,R) currently
-# there is no way to express that this key is equal to k(R,I)
-# So it is possile that certain attacks that use this property are not found
-#
-
-usertype SessionKey;
-const succ: Function;
-const Fresh: Function;
-
-protocol andrew(I,R)
-{
- role I
- {
- fresh ni: Nonce;
- var nr,nr2: Nonce;
- var kir: SessionKey;
-
- send_1(I,R, I,{ni}k(I,R) );
- recv_2(R,I, {succ(ni),nr}k(I,R) );
- send_3(I,R, {succ(nr)}k(I,R) );
- recv_4(R,I, {kir,nr2}k(I,R) );
- claim_I1(I,Secret,kir);
- claim_I2(I,Nisynch);
- claim_I3(I,Niagree);
- claim_I4(I,Empty,(Fresh,kir));
- }
-
- role R
- {
- var ni: Nonce;
- fresh nr,nr2: Nonce;
- fresh kir: SessionKey;
-
- recv_1(I,R, I,{ni}k(I,R) );
- send_2(R,I, {succ(ni),nr}k(I,R) );
- recv_3(I,R, {succ(nr)}k(I,R) );
- send_4(R,I, {kir,nr2}k(I,R) );
- claim_R1(R,Secret,kir);
- claim_R2(R,Nisynch);
- claim_R3(R,Niagree);
- claim_R4(R,Empty,(Fresh,kir));
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/ccitt509-1.spdl b/Vagrant Files/shared/scyther/Protocols/ccitt509-1.spdl
deleted file mode 100644
index 29c665ad94b915cc64744e658de3554e987842b8..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/ccitt509-1.spdl
+++ /dev/null
@@ -1,35 +0,0 @@
-# CCITT X.509 (1)
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/ccittx509_1.html
-#
-# Note:
-# The attack in SPORE is not found as this is not an attack against
-# synchronisation, but an attack against the freshness of Xa and Ya
-# which can currently not be modelled in scyther
-#
-
-usertype Timestamp;
-
-protocol ccitt509-1(I,R)
-{
- role I
- {
- fresh Ta: Timestamp;
- fresh Na,Xa,Ya: Nonce;
- send_1(I,R, I,{Ta, Na, R, Xa,{Ya}pk(R)}sk(I));
- # claim_2(I,Nisynch);
- # This claim is useless as there are no preceding recv events
- }
-
- role R
- {
- var Ta: Timestamp;
- var Na,Xa,Ya: Nonce;
-
- recv_1(I,R, I,{Ta, Na, R, Xa,{Ya}pk(R)}sk(I));
- claim_3(R,Nisynch);
- # There should also be Fresh Xa and Fresh Ya claims here
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/ccitt509-1c.spdl b/Vagrant Files/shared/scyther/Protocols/ccitt509-1c.spdl
deleted file mode 100644
index b75e069dfdf0989720f0e0cb52139cd0d78a3e71..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/ccitt509-1c.spdl
+++ /dev/null
@@ -1,34 +0,0 @@
-# CCITT X.509 (1c)
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/ccittx509_1c.html
-#
-# Note:
-# According to SPORE there are no known attacks on this protocol
-#
-
-hashfunction hash;
-usertype Timestamp;
-
-protocol ccitt509-1c(I,R)
-{
- role I
- {
- fresh Ta: Timestamp;
- fresh Na,Xa,Ya: Nonce;
- send_1(I,R, I,{Ta, Na, R, Xa,{Ya,{hash(Ya)}sk(I)}pk(R)}sk(I));
- # claim_2(I,Nisynch);
- # This claim is useless as there are no preceding receive events
- }
-
- role R
- {
- var Ta: Timestamp;
- var Na,Xa,Ya: Nonce;
-
- recv_1(I,R, I,{Ta, Na, R, Xa,{Ya,{hash(Ya)}sk(I)}pk(R)}sk(I));
- claim_3(R,Nisynch);
- # There should also be Fresh Xa and Fresh Ya claims here
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/ccitt509-3.spdl b/Vagrant Files/shared/scyther/Protocols/ccitt509-3.spdl
deleted file mode 100644
index 9ad1d3f4361e9f657b1ed06e2b6a252f569fc78f..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/ccitt509-3.spdl
+++ /dev/null
@@ -1,45 +0,0 @@
-# CCITT X.509 (3)
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/ccittx509_3.html
-#
-# Note:
-# The protocol description also states that Xa and Ya should be fresh
-# this can not be verified using scyther
-#
-
-usertype Timestamp;
-
-protocol ccitt509-3(I,R)
-{
- role I
- {
- fresh Ta: Timestamp;
- var Tb: Timestamp;
- fresh Na,Xa,Ya: Nonce;
- var Xb,Nb,Yb: Nonce;
- send_1(I,R, I,{Ta, Na, R, Xa,{Ya}pk(R)}sk(I));
- recv_2(R,I, R,{Tb, Nb, I, Na, Xb,{Yb}pk(I)}sk(R));
- send_3(I,R, I, {Nb}sk(I));
- claim_I1(I,Nisynch);
- claim_I2(I,Secret,Ya);
- claim_I3(I,Secret,Yb);
- }
-
- role R
- {
- var Ta: Timestamp;
- fresh Tb: Timestamp;
- var Na,Xa,Ya: Nonce;
- fresh Xb,Yb,Nb: Nonce;
-
- recv_1(I,R, I,{Ta, Na, R, Xa,{Ya}pk(R)}sk(I));
- send_2(R,I, R,{Tb, Nb, I, Na, Xb,{Yb}pk(I)}sk(R));
- recv_3(I,R, I, {Nb}sk(I));
- claim_R1(R,Nisynch);
- claim_R2(R,Secret,Ya);
- claim_R3(R,Secret,Yb);
- # There should also be Fresh Xa and Fresh Ya claims here
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/ccitt509-ban3.spdl b/Vagrant Files/shared/scyther/Protocols/ccitt509-ban3.spdl
deleted file mode 100644
index bdf146dd74c09e6b53acff463737d53a19ec83bb..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/ccitt509-ban3.spdl
+++ /dev/null
@@ -1,39 +0,0 @@
-# BAN modified version of CCITT X.509 (3)
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/ccittx509_3BAN.html
-#
-# Note:
-# The protocol description also states that Xa and Ya should be fresh
-# this can not be verified using scyther
-#
-# Note:
-# According to SPORE there are no known attacks on this protocol
-#
-
-protocol ccitt509-ban3(I,R)
-{
- role I
- {
- fresh Na,Xa,Ya: Nonce;
- var Xb,Nb,Yb: Nonce;
-
- send_1(I,R, I,{Na, R, Xa,{Ya}pk(R)}sk(I));
- recv_2(R,I, R,{Nb, I, Na, Xb,{Yb}pk(I)}sk(R));
- send_3(I,R, I,{R, Nb}sk(I));
- claim_4(I,Nisynch);
- }
-
- role R
- {
- var Na,Xa,Ya: Nonce;
- fresh Xb,Yb,Nb: Nonce;
-
- recv_1(I,R, I,{Na, R, Xa,{Ya}pk(R)}sk(I));
- send_2(R,I, R,{Nb, I, Na, Xb,{Yb}pk(I)}sk(R));
- recv_3(I,R, I,{R, Nb}sk(I));
- claim_5(R,Nisynch);
- # There should also be Fresh Xa and Fresh Ya claims here
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/denning-sacco-lowe.spdl b/Vagrant Files/shared/scyther/Protocols/denning-sacco-lowe.spdl
deleted file mode 100644
index 761c22be95b6521645e97635df3c95bab5ba150a..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/denning-sacco-lowe.spdl
+++ /dev/null
@@ -1,67 +0,0 @@
-# Lowe modified Denning-Sacco shared key
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/denningSaccoLowe.html
-#
-# Note:
-# According to SPORE there are no attacks on this protocol. Scyther
-# finds a straightforward pre-play attack on the first message, which
-# violates synchronisation. However, this does not seem to be a
-# practical attack unless consistency is required, e.g., for logging or
-# auditing.
-
-usertype Key;
-usertype SessionKey;
-usertype TimeStamp;
-usertype ExpiredTimeStamp;
-usertype PseudoFunction;
-const dec: PseudoFunction;
-const Fresh: Function;
-const Compromised: Function;
-
-protocol denningSacco-Lowe(I,R,S)
-{
- role I
- {
- var W: Ticket;
- var Kir: SessionKey;
- var T: TimeStamp;
- var Nr: Nonce;
-
- send_1(I,S, I,R );
- recv_2(S,I, {R, Kir, T, W}k(I,S) );
- send_3(I,R, W);
- recv_4(R,I, {Nr}Kir);
- send_5(I,R, {{Nr}dec}Kir);
- claim_I1(I,Niagree);
- claim_I2(I,Nisynch);
- claim_I3(I,SKR,Kir);
- claim_I4(I,Empty,(Fresh,Kir));
- }
-
- role R
- {
- var Kir: SessionKey;
- var T: TimeStamp;
- fresh Nr: Nonce;
-
- recv_3(I,R, {Kir,I,T}k(R,S));
- send_4(R,I, {Nr}Kir);
- recv_5(I,R, {{Nr}dec}Kir);
- claim_R1(R,Niagree);
- claim_R2(R,Nisynch);
- claim_R3(R,Secret,Kir);
- claim_R4(R,Empty,(Fresh,Kir));
- }
-
- role S
- {
- var W: Ticket;
- fresh Kir: SessionKey;
- fresh T: TimeStamp;
-
- recv_1(I,S, I,R );
- send_2(S,I, {R, Kir, T, {Kir, I,T}k(R,S)}k(I,S));
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/denning-sacco.spdl b/Vagrant Files/shared/scyther/Protocols/denning-sacco.spdl
deleted file mode 100644
index d77402f93a5f42e016850cd0d73876effacc7286..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/denning-sacco.spdl
+++ /dev/null
@@ -1,53 +0,0 @@
-# Denning-Sacco shared key
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/denningSacco.html
-#
-
-usertype Key;
-usertype SessionKey;
-usertype TimeStamp;
-usertype ExpiredTimeStamp;
-const Fresh: Function;
-const Compromised: Function;
-
-protocol denningSacco(I,R,S)
-{
- role I
- {
- var W: Ticket;
- var Kir: SessionKey;
- var T: TimeStamp;
-
- send_1(I,S, I,R );
- recv_2(S,I, {R, Kir, T, W}k(I,S) );
- send_3(I,R, W);
- claim_I1(I,Niagree);
- claim_I2(I,Nisynch);
- claim_I3(I,Secret,Kir);
- claim_I4(I,Empty, (Fresh,Kir));
- }
-
- role R
- {
- var Kir: SessionKey;
- var T: TimeStamp;
-
- recv_3(I,R, {Kir,I,T}k(R,S));
- claim_R1(R,Niagree);
- claim_R2(R,Nisynch);
- claim_R3(R,Secret,Kir);
- claim_R4(R,Empty, (Fresh,Kir));
- }
-
- role S
- {
- var W: Ticket;
- fresh Kir: SessionKey;
- fresh T: TimeStamp;
-
- recv_1(I,S, I,R );
- send_2(S,I, {R, Kir, T, {Kir, I,T}k(R,S)}k(I,S));
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/kaochow-v2.spdl b/Vagrant Files/shared/scyther/Protocols/kaochow-v2.spdl
deleted file mode 100644
index 638a54b7cdd3722fbac37a1b9241b855246d4ea7..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/kaochow-v2.spdl
+++ /dev/null
@@ -1,55 +0,0 @@
-# Kao Chow Authentication v.2
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/kaoChow2.html
-#
-
-usertype SessionKey;
-const Fresh: Function;
-const Compromised: Function;
-
-protocol kaochow-2(I,R,S)
-{
- role I
- {
- fresh ni: Nonce;
- var nr: Nonce;
- var kir,kt: SessionKey;
-
- send_1 (I,S, I,R,ni);
- recv_3 (R,I, R, {I,R,ni,kir,kt}k(I,S), {ni, kir}kt, nr );
- send_4 (I,R, {nr,kir}kt );
-
- claim_I1 (I, Nisynch);
- claim_I2 (I, Niagree);
- claim_I3 (I, Secret, kir);
- claim_I4 (I, Empty, (Fresh,kir));
- }
-
- role R
- {
- var ni: Nonce;
- fresh nr: Nonce;
- var kir,kt: SessionKey;
- var T: Ticket;
-
- recv_2 (S,R, T, { I,R,ni,kir,kt }k(R,S) );
- send_3 (R,I, R, T, {ni, kir}kt, nr );
- recv_4 (I,R, {nr,kir}kt );
-
- claim_R1 (R, Nisynch);
- claim_R2 (R, Niagree);
- claim_R3 (R, Secret, kir);
- claim_R4 (R, Empty, (Fresh,kir));
- }
-
- role S
- {
- var ni: Nonce;
- fresh kir, kt: SessionKey;
-
- recv_1 (I,S, I,R,ni);
- send_2 (S,R, {I,R,ni,kir,kt}k(I,S), { I,R,ni,kir,kt }k(R,S) );
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/kaochow-v3.spdl b/Vagrant Files/shared/scyther/Protocols/kaochow-v3.spdl
deleted file mode 100644
index 88cef24fd8e955769d166e75f879caed7f30f7fe..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/kaochow-v3.spdl
+++ /dev/null
@@ -1,59 +0,0 @@
-# Kao Chow Authentication v.3
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/kaoChow3.html
-#
-
-usertype SessionKey;
-usertype ExpiredTimeStamp;
-usertype TimeStamp;
-const Fresh: Function;
-const Compromised: Function;
-
-protocol kaochow-3(I,R,S)
-{
- role I
- {
- fresh ni: Nonce;
- var nr: Nonce;
- var kir,kt: SessionKey;
- var T2: Ticket;
-
- send_1 (I,S, I,R,ni);
- recv_3 (R,I, {I,R,ni,kir,kt}k(I,S), {ni, kir}kt, nr, T2 );
- send_4 (I,R, {nr,kir}kt, T2 );
-
- claim_I1 (I, Nisynch);
- claim_I2 (I, Niagree);
- claim_I3 (I, Secret, kir);
- claim_I4 (I, Empty, (Fresh,kir));
- }
-
- role R
- {
- var ni: Nonce;
- fresh nr: Nonce;
- var kir,kt: SessionKey;
- var T: Ticket;
- fresh tr: TimeStamp;
-
- recv_2 (S,R, T, { I,R,ni,kir,kt }k(R,S) );
- send_3 (R,I, T, {ni, kir}kt, nr, {I,R,tr,kir}k(R,S) );
- recv_4 (I,R, {nr,kir}kt, {I,R,tr,kir}k(R,S) );
-
- claim_R1 (R, Nisynch);
- claim_R2 (R, Niagree);
- claim_R3 (R, Secret, kir);
- claim_R4 (R, Empty, (Fresh,kir));
- }
-
- role S
- {
- var ni: Nonce;
- fresh kir, kt: SessionKey;
-
- recv_1 (I,S, I,R,ni);
- send_2 (S,R, {I,R,ni,kir,kt}k(I,S), { I,R,ni,kir,kt }k(R,S) );
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/kaochow.spdl b/Vagrant Files/shared/scyther/Protocols/kaochow.spdl
deleted file mode 100644
index 1c6c827982ce289073ffc12103fe5accd1b95462..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/kaochow.spdl
+++ /dev/null
@@ -1,55 +0,0 @@
-# Kao Chow Authentication v.1
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/kaoChow1.html
-#
-
-usertype SessionKey;
-const Fresh: Function;
-const Compromised: Function;
-
-protocol kaochow(I,R,S)
-{
- role I
- {
- fresh ni: Nonce;
- var nr: Nonce;
- var kir: SessionKey;
-
- send_1 (I,S, I,R,ni);
- recv_3 (R,I, {I,R,ni,kir}k(I,S), {ni}kir, nr );
- send_4 (I,R, {nr}kir );
-
- claim_I1 (I, Nisynch);
- claim_I2 (I, Niagree);
- claim_I3 (I, Secret, kir);
- claim_I4 (I, Empty, (Fresh,kir));
- }
-
- role R
- {
- var ni: Nonce;
- fresh nr: Nonce;
- var kir: SessionKey;
- var T;
-
- recv_2 (S,R, T, { I,R,ni,kir }k(R,S) );
- send_3 (R,I, T, {ni}kir, nr );
- recv_4 (I,R, {nr}kir );
-
- claim_R1 (R, Nisynch);
- claim_R2 (R, Niagree);
- claim_R3 (R, Secret, kir);
- claim_R4 (R, Empty, (Fresh,kir));
- }
-
- role S
- {
- var ni: Nonce;
- fresh kir: SessionKey;
-
- recv_1 (I,S, I,R,ni);
- send_2 (S,R, {I,R,ni,kir}k(I,S), { I,R,ni,kir }k(R,S) );
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/ksl-lowe.spdl b/Vagrant Files/shared/scyther/Protocols/ksl-lowe.spdl
deleted file mode 100644
index 29996d84cf4ef0760dcd4b3fd43d76ad09014867..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/ksl-lowe.spdl
+++ /dev/null
@@ -1,73 +0,0 @@
-# Lowe modified KSL
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/kslLowe.html
-#
-# Note:
-# According to SPORE there are no attacks on this protocol, scyther
-# finds one however. This has to be investigated further.
-
-usertype Server, SessionKey, TimeStamp, TicketKey;
-usertype ExpiredTimeStamp;
-
-const Fresh: Function;
-const Compromised: Function;
-
-protocol ksl-Lowe(I,R,S)
-{
- role I
- {
- fresh Ni, Mi: Nonce;
- var Nc, Mr: Nonce;
- var T: Ticket;
- var Kir: SessionKey;
-
- send_1(I,R, Ni, I);
- recv_4(R,I, { Ni,R,Kir }k(I,S), T, Nc, {R,Ni}Kir );
- send_5(I,R, { Nc }Kir );
-
- send_6(I,R, Mi,T );
- recv_7(R,I, Mr,{Mi, R}Kir );
- send_8(I,R, {I,Mr}Kir );
-
- claim_I1(I,Secret, Kir);
- claim_I2(I,Niagree);
- claim_I3(I,Nisynch);
- claim_I4(I,Empty, (Fresh,Kir));
- }
-
- role R
- {
- var Ni,Mi: Nonce;
- fresh Nr,Nc,Mr: Nonce;
- var Kir: SessionKey;
- fresh Kbb: TicketKey;
- fresh Tr: TimeStamp;
- var T: Ticket;
-
- recv_1(I,R, Ni, I);
- send_2(R,S, Ni, I, Nr, R );
- recv_3(S,R, { I, Nr, Kir }k(R,S), T );
- send_4(R,I, T, { Tr, I, Kir }Kbb, Nc, {R, Ni}Kir );
- recv_5(I,R, { Nc }Kir );
-
- recv_6(I,R, Mi,{ Tr, I, Kir }Kbb );
- send_7(R,I, Mr,{Mi,R}Kir );
- recv_8(I,R, {I,Mr}Kir );
-
- claim_R1(R,Secret, Kir);
- claim_R2(R,Niagree);
- claim_R3(R,Nisynch);
- claim_R4(R,Empty, (Fresh,Kir));
- }
-
- role S
- {
- var Ni, Nr: Nonce;
- fresh Kir: SessionKey;
-
- recv_2(R,S, Ni, I, Nr, R );
- send_3(S,R, { I, Nr, Kir }k(R,S), { Ni,R,Kir }k(I,S) );
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/ksl.spdl b/Vagrant Files/shared/scyther/Protocols/ksl.spdl
deleted file mode 100644
index 7cfca44d4280a938a3d1be97003088bfdf924796..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/ksl.spdl
+++ /dev/null
@@ -1,72 +0,0 @@
-# KSL
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/ksl.html
-#
-#
-
-
-usertype Server, SessionKey, TimeStamp, TicketKey;
-usertype ExpiredTimeStamp;
-
-const Fresh: Function;
-const Compromised: Function;
-
-protocol ksl(I,R,S)
-{
- role I
- {
- fresh Ni, Mi: Nonce;
- var Nc, Mr: Nonce;
- var T: Ticket;
- var Kir: SessionKey;
-
- send_1(I,R, Ni, I);
- recv_4(R,I, { Ni,R,Kir }k(I,S), T, Nc, {Ni}Kir );
- send_5(I,R, { Nc }Kir );
-
- send_6(I,R, Mi,T );
- recv_7(R,I, Mr,{Mi}Kir );
- send_8(I,R, {Mr}Kir );
-
- claim_I1(I,Secret, Kir);
- claim_I2(I,Niagree);
- claim_I3(I,Nisynch);
- claim_I4(I,Empty, (Fresh, Kir));
- }
-
- role R
- {
- var Ni,Mi: Nonce;
- fresh Nr,Nc,Mr: Nonce;
- var Kir: SessionKey;
- fresh Kbb: TicketKey;
- fresh Tr: TimeStamp;
- var T: Ticket;
-
- recv_1(I,R, Ni, I);
- send_2(R,S, Ni, I, Nr, R );
- recv_3(S,R, { Nr, I, Kir }k(R,S), T );
- send_4(R,I, T, { Tr, I, Kir }Kbb, Nc, {Ni}Kir );
- recv_5(I,R, { Nc }Kir );
-
- recv_6(I,R, Mi,{ Tr, I, Kir }Kbb );
- send_7(R,I, Mr,{Mi}Kir );
- recv_8(I,R, {Mr}Kir );
-
- claim_R1(R,Secret, Kir);
- claim_R2(R,Niagree);
- claim_R3(R,Nisynch);
- claim_R4(R,Empty,(Fresh,Kir));
- }
-
- role S
- {
- var Ni, Nr: Nonce;
- fresh Kir: SessionKey;
-
- recv_2(R,S, Ni, I, Nr, R );
- send_3(S,R, { Nr, I, Kir }k(R,S), { Ni,R,Kir }k(I,S) );
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/multi-NSL/heuristics-results.txt b/Vagrant Files/shared/scyther/Protocols/multi-NSL/heuristics-results.txt
deleted file mode 100644
index cc55c31afa6b5e067be78a61d642e5dd623b1a3a..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/multi-NSL/heuristics-results.txt
+++ /dev/null
@@ -1,776 +0,0 @@
-Slave1:multiparty% ./test-heuristics.py
-Starting with [11, 15]
-Testing using P 3 and 5 runs.
-Testing protocol 11.
-Heuristic 0:
-./multinsl-generator.py 3 11 | scyther -a -r5 -m2 --summary --goal-select=0 --timer=20
-states 7488
-attack NoClaim
-time 2.007e+01
-st/sec 3.731e+02
-claim mnsl3v11 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v11 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v11 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v11 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 1:
-./multinsl-generator.py 3 11 | scyther -a -r5 -m2 --summary --goal-select=1 --timer=20
-states 3869
-attack NoClaim
-time 2.004e+01
-st/sec 1.931e+02
-claim mnsl3v11 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v11 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v11 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v11 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 2:
-./multinsl-generator.py 3 11 | scyther -a -r5 -m2 --summary --goal-select=2 --timer=20
-states 6543
-attack NoClaim
-time 2.006e+01
-st/sec 3.262e+02
-claim mnsl3v11 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v11 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v11 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v11 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 3:
-./multinsl-generator.py 3 11 | scyther -a -r5 -m2 --summary --goal-select=3 --timer=20
-states 9003
-attack NoClaim
-time 2.005e+01
-st/sec 4.490e+02
-claim mnsl3v11 R2V Nisynch_R2b found: 1 correct: bounded_proof
-claim mnsl3v11 R2V Secret_R2a found: 1 correct: bounded_proof
-claim mnsl3v11 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v11 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v11 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 4:
-./multinsl-generator.py 3 11 | scyther -a -r5 -m2 --summary --goal-select=4 --timer=20
-states 6375
-attack NoClaim
-time 2.008e+01
-st/sec 3.175e+02
-claim mnsl3v11 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v11 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v11 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v11 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 5:
-./multinsl-generator.py 3 11 | scyther -a -r5 -m2 --summary --goal-select=5 --timer=20
-states 4282
-attack NoClaim
-time 2.007e+01
-st/sec 2.134e+02
-claim mnsl3v11 R2V Nisynch_R2b found: 4 correct: bounded_proof time=20
-claim mnsl3v11 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v11 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v11 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 6:
-./multinsl-generator.py 3 11 | scyther -a -r5 -m2 --summary --goal-select=6 --timer=20
-states 6791
-attack NoClaim
-time 2.002e+01
-st/sec 3.392e+02
-claim mnsl3v11 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v11 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v11 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v11 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 7:
-./multinsl-generator.py 3 11 | scyther -a -r5 -m2 --summary --goal-select=7 --timer=20
-states 8115
-attack NoClaim
-time 2.004e+01
-st/sec 4.049e+02
-claim mnsl3v11 R2V Nisynch_R2b found: 14 correct: bounded_proof time=20
-claim mnsl3v11 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v11 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v11 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 8:
-./multinsl-generator.py 3 11 | scyther -a -r5 -m2 --summary --goal-select=8 --timer=20
-states 9649
-attack NoClaim
-time 2.003e+01
-st/sec 4.817e+02
-claim mnsl3v11 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v11 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v11 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v11 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 9:
-./multinsl-generator.py 3 11 | scyther -a -r5 -m2 --summary --goal-select=9 --timer=20
-states 3873
-attack NoClaim
-time 2.005e+01
-st/sec 1.932e+02
-claim mnsl3v11 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v11 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v11 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v11 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 10:
-./multinsl-generator.py 3 11 | scyther -a -r5 -m2 --summary --goal-select=10 --timer=20
-states 11954
-attack NoClaim
-time 2.007e+01
-st/sec 5.956e+02
-claim mnsl3v11 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v11 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v11 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v11 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 11:
-./multinsl-generator.py 3 11 | scyther -a -r5 -m2 --summary --goal-select=11 --timer=20
-states 7367
-attack NoClaim
-time 2.003e+01
-st/sec 3.678e+02
-claim mnsl3v11 R2V Nisynch_R2b found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v11 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v11 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 12:
-./multinsl-generator.py 3 11 | scyther -a -r5 -m2 --summary --goal-select=12 --timer=20
-states 6271
-attack NoClaim
-time 2.005e+01
-st/sec 3.128e+02
-claim mnsl3v11 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v11 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v11 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v11 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 13:
-./multinsl-generator.py 3 11 | scyther -a -r5 -m2 --summary --goal-select=13 --timer=20
-states 4729
-attack NoClaim
-time 2.006e+01
-st/sec 2.357e+02
-claim mnsl3v11 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v11 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v11 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v11 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 14:
-./multinsl-generator.py 3 11 | scyther -a -r5 -m2 --summary --goal-select=14 --timer=20
-states 7566
-attack NoClaim
-time 2.002e+01
-st/sec 3.779e+02
-claim mnsl3v11 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v11 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v11 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v11 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 15:
-./multinsl-generator.py 3 11 | scyther -a -r5 -m2 --summary --goal-select=15 --timer=20
-states 8496
-attack NoClaim
-time 2.005e+01
-st/sec 4.237e+02
-claim mnsl3v11 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v11 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v11 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v11 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 16:
-./multinsl-generator.py 3 11 | scyther -a -r5 -m2 --summary --goal-select=16 --timer=20
-states 7453
-attack NoClaim
-time 2.003e+01
-st/sec 3.721e+02
-claim mnsl3v11 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v11 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v11 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v11 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 17:
-./multinsl-generator.py 3 11 | scyther -a -r5 -m2 --summary --goal-select=17 --timer=20
-states 3888
-attack NoClaim
-time 2.004e+01
-st/sec 1.940e+02
-claim mnsl3v11 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v11 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v11 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v11 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 18:
-./multinsl-generator.py 3 11 | scyther -a -r5 -m2 --summary --goal-select=18 --timer=20
-states 6582
-attack NoClaim
-time 2.003e+01
-st/sec 3.286e+02
-claim mnsl3v11 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v11 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v11 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v11 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 19:
-./multinsl-generator.py 3 11 | scyther -a -r5 -m2 --summary --goal-select=19 --timer=20
-states 9022
-attack NoClaim
-time 2.001e+01
-st/sec 4.509e+02
-claim mnsl3v11 R2V Nisynch_R2b found: 1 correct: bounded_proof
-claim mnsl3v11 R2V Secret_R2a found: 1 correct: bounded_proof
-claim mnsl3v11 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v11 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v11 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 20:
-./multinsl-generator.py 3 11 | scyther -a -r5 -m2 --summary --goal-select=20 --timer=20
-states 6393
-attack NoClaim
-time 2.003e+01
-st/sec 3.192e+02
-claim mnsl3v11 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v11 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v11 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v11 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 21:
-./multinsl-generator.py 3 11 | scyther -a -r5 -m2 --summary --goal-select=21 --timer=20
-states 4284
-attack NoClaim
-time 2.002e+01
-st/sec 2.140e+02
-claim mnsl3v11 R2V Nisynch_R2b found: 4 correct: bounded_proof time=20
-claim mnsl3v11 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v11 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v11 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 22:
-./multinsl-generator.py 3 11 | scyther -a -r5 -m2 --summary --goal-select=22 --timer=20
-states 6769
-attack NoClaim
-time 2.001e+01
-st/sec 3.383e+02
-claim mnsl3v11 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v11 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v11 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v11 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 23:
-./multinsl-generator.py 3 11 | scyther -a -r5 -m2 --summary --goal-select=23 --timer=20
-states 8175
-attack NoClaim
-time 2.002e+01
-st/sec 4.083e+02
-claim mnsl3v11 R2V Nisynch_R2b found: 14 correct: bounded_proof time=20
-claim mnsl3v11 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v11 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v11 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 24:
-./multinsl-generator.py 3 11 | scyther -a -r5 -m2 --summary --goal-select=24 --timer=20
-states 9625
-attack NoClaim
-time 2.003e+01
-st/sec 4.805e+02
-claim mnsl3v11 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v11 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v11 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v11 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 25:
-./multinsl-generator.py 3 11 | scyther -a -r5 -m2 --summary --goal-select=25 --timer=20
-states 3883
-attack NoClaim
-time 2.002e+01
-st/sec 1.940e+02
-claim mnsl3v11 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v11 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v11 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v11 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 26:
-./multinsl-generator.py 3 11 | scyther -a -r5 -m2 --summary --goal-select=26 --timer=20
-states 11992
-attack NoClaim
-time 2.004e+01
-st/sec 5.984e+02
-claim mnsl3v11 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v11 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v11 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v11 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 27:
-./multinsl-generator.py 3 11 | scyther -a -r5 -m2 --summary --goal-select=27 --timer=20
-states 7361
-attack NoClaim
-time 2.004e+01
-st/sec 3.673e+02
-claim mnsl3v11 R2V Nisynch_R2b found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v11 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v11 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 28:
-./multinsl-generator.py 3 11 | scyther -a -r5 -m2 --summary --goal-select=28 --timer=20
-states 6277
-attack NoClaim
-time 2.004e+01
-st/sec 3.132e+02
-claim mnsl3v11 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v11 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v11 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v11 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 29:
-./multinsl-generator.py 3 11 | scyther -a -r5 -m2 --summary --goal-select=29 --timer=20
-states 4728
-attack NoClaim
-time 2.005e+01
-st/sec 2.358e+02
-claim mnsl3v11 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v11 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v11 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v11 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 30:
-./multinsl-generator.py 3 11 | scyther -a -r5 -m2 --summary --goal-select=30 --timer=20
-states 7610
-attack NoClaim
-time 2.004e+01
-st/sec 3.797e+02
-claim mnsl3v11 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v11 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v11 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v11 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 31:
-./multinsl-generator.py 3 11 | scyther -a -r5 -m2 --summary --goal-select=31 --timer=20
-states 8506
-attack NoClaim
-time 2.003e+01
-st/sec 4.247e+02
-claim mnsl3v11 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v11 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v11 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v11 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v11 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Testing protocol 15.
-Heuristic 0:
-./multinsl-generator.py 3 15 | scyther -a -r5 -m2 --summary --goal-select=0 --timer=20
-states 7499
-attack NoClaim
-time 2.003e+01
-st/sec 3.744e+02
-claim mnsl3v15 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v15 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v15 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v15 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 1:
-./multinsl-generator.py 3 15 | scyther -a -r5 -m2 --summary --goal-select=1 --timer=20
-states 3866
-attack NoClaim
-time 2.004e+01
-st/sec 1.929e+02
-claim mnsl3v15 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v15 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v15 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v15 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 2:
-./multinsl-generator.py 3 15 | scyther -a -r5 -m2 --summary --goal-select=2 --timer=20
-states 6558
-attack NoClaim
-time 2.003e+01
-st/sec 3.274e+02
-claim mnsl3v15 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v15 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v15 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v15 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 3:
-./multinsl-generator.py 3 15 | scyther -a -r5 -m2 --summary --goal-select=3 --timer=20
-states 8933
-attack NoClaim
-time 2.002e+01
-st/sec 4.462e+02
-claim mnsl3v15 R2V Nisynch_R2b found: 1 correct: bounded_proof
-claim mnsl3v15 R2V Secret_R2a found: 1 correct: bounded_proof
-claim mnsl3v15 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v15 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v15 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 4:
-./multinsl-generator.py 3 15 | scyther -a -r5 -m2 --summary --goal-select=4 --timer=20
-states 6354
-attack NoClaim
-time 2.002e+01
-st/sec 3.174e+02
-claim mnsl3v15 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v15 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v15 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v15 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 5:
-./multinsl-generator.py 3 15 | scyther -a -r5 -m2 --summary --goal-select=5 --timer=20
-states 4278
-attack NoClaim
-time 2.004e+01
-st/sec 2.135e+02
-claim mnsl3v15 R2V Nisynch_R2b found: 4 correct: bounded_proof time=20
-claim mnsl3v15 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v15 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v15 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 6:
-./multinsl-generator.py 3 15 | scyther -a -r5 -m2 --summary --goal-select=6 --timer=20
-states 6749
-attack NoClaim
-time 2.002e+01
-st/sec 3.371e+02
-claim mnsl3v15 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v15 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v15 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v15 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 7:
-./multinsl-generator.py 3 15 | scyther -a -r5 -m2 --summary --goal-select=7 --timer=20
-states 8166
-attack NoClaim
-time 2.003e+01
-st/sec 4.077e+02
-claim mnsl3v15 R2V Nisynch_R2b found: 14 correct: bounded_proof time=20
-claim mnsl3v15 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v15 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v15 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 8:
-./multinsl-generator.py 3 15 | scyther -a -r5 -m2 --summary --goal-select=8 --timer=20
-states 9805
-attack NoClaim
-time 2.006e+01
-st/sec 4.888e+02
-claim mnsl3v15 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v15 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v15 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v15 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 9:
-./multinsl-generator.py 3 15 | scyther -a -r5 -m2 --summary --goal-select=9 --timer=20
-states 3873
-attack NoClaim
-time 2.004e+01
-st/sec 1.933e+02
-claim mnsl3v15 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v15 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v15 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v15 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 10:
-./multinsl-generator.py 3 15 | scyther -a -r5 -m2 --summary --goal-select=10 --timer=20
-states 10729
-attack NoClaim
-time 2.006e+01
-st/sec 5.348e+02
-claim mnsl3v15 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v15 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v15 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v15 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 11:
-./multinsl-generator.py 3 15 | scyther -a -r5 -m2 --summary --goal-select=11 --timer=20
-states 6679
-attack NoClaim
-time 2.005e+01
-st/sec 3.331e+02
-claim mnsl3v15 R2V Nisynch_R2b found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v15 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v15 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 12:
-./multinsl-generator.py 3 15 | scyther -a -r5 -m2 --summary --goal-select=12 --timer=20
-states 6119
-attack NoClaim
-time 2.005e+01
-st/sec 3.052e+02
-claim mnsl3v15 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v15 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v15 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v15 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 13:
-./multinsl-generator.py 3 15 | scyther -a -r5 -m2 --summary --goal-select=13 --timer=20
-states 3513
-attack NoClaim
-time 2.009e+01
-st/sec 1.749e+02
-claim mnsl3v15 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v15 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v15 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v15 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 14:
-./multinsl-generator.py 3 15 | scyther -a -r5 -m2 --summary --goal-select=14 --timer=20
-states 7548
-attack NoClaim
-time 2.004e+01
-st/sec 3.766e+02
-claim mnsl3v15 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v15 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v15 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v15 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 15:
-./multinsl-generator.py 3 15 | scyther -a -r5 -m2 --summary --goal-select=15 --timer=20
-states 8461
-attack NoClaim
-time 2.002e+01
-st/sec 4.226e+02
-claim mnsl3v15 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v15 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v15 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v15 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 16:
-./multinsl-generator.py 3 15 | scyther -a -r5 -m2 --summary --goal-select=16 --timer=20
-states 7503
-attack NoClaim
-time 2.003e+01
-st/sec 3.746e+02
-claim mnsl3v15 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v15 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v15 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v15 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 17:
-./multinsl-generator.py 3 15 | scyther -a -r5 -m2 --summary --goal-select=17 --timer=20
-states 3837
-attack NoClaim
-time 2.003e+01
-st/sec 1.916e+02
-claim mnsl3v15 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v15 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v15 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v15 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 18:
-./multinsl-generator.py 3 15 | scyther -a -r5 -m2 --summary --goal-select=18 --timer=20
-states 6537
-attack NoClaim
-time 2.005e+01
-st/sec 3.260e+02
-claim mnsl3v15 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v15 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v15 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v15 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 19:
-./multinsl-generator.py 3 15 | scyther -a -r5 -m2 --summary --goal-select=19 --timer=20
-states 8893
-attack NoClaim
-time 2.004e+01
-st/sec 4.438e+02
-claim mnsl3v15 R2V Nisynch_R2b found: 1 correct: bounded_proof
-claim mnsl3v15 R2V Secret_R2a found: 1 correct: bounded_proof
-claim mnsl3v15 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v15 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v15 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 20:
-./multinsl-generator.py 3 15 | scyther -a -r5 -m2 --summary --goal-select=20 --timer=20
-states 6325
-attack NoClaim
-time 2.003e+01
-st/sec 3.158e+02
-claim mnsl3v15 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v15 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v15 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v15 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 21:
-./multinsl-generator.py 3 15 | scyther -a -r5 -m2 --summary --goal-select=21 --timer=20
-states 4253
-attack NoClaim
-time 2.005e+01
-st/sec 2.121e+02
-claim mnsl3v15 R2V Nisynch_R2b found: 4 correct: bounded_proof time=20
-claim mnsl3v15 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v15 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v15 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 22:
-./multinsl-generator.py 3 15 | scyther -a -r5 -m2 --summary --goal-select=22 --timer=20
-states 6756
-attack NoClaim
-time 2.004e+01
-st/sec 3.371e+02
-claim mnsl3v15 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v15 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v15 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v15 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 23:
-./multinsl-generator.py 3 15 | scyther -a -r5 -m2 --summary --goal-select=23 --timer=20
-states 8149
-attack NoClaim
-time 2.003e+01
-st/sec 4.068e+02
-claim mnsl3v15 R2V Nisynch_R2b found: 14 correct: bounded_proof time=20
-claim mnsl3v15 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v15 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v15 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 24:
-./multinsl-generator.py 3 15 | scyther -a -r5 -m2 --summary --goal-select=24 --timer=20
-states 9785
-attack NoClaim
-time 2.004e+01
-st/sec 4.883e+02
-claim mnsl3v15 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v15 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v15 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v15 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 25:
-./multinsl-generator.py 3 15 | scyther -a -r5 -m2 --summary --goal-select=25 --timer=20
-states 3832
-attack NoClaim
-time 2.006e+01
-st/sec 1.910e+02
-claim mnsl3v15 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v15 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v15 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v15 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 26:
-./multinsl-generator.py 3 15 | scyther -a -r5 -m2 --summary --goal-select=26 --timer=20
-states 10699
-attack NoClaim
-time 2.009e+01
-st/sec 5.326e+02
-claim mnsl3v15 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v15 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v15 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v15 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 27:
-./multinsl-generator.py 3 15 | scyther -a -r5 -m2 --summary --goal-select=27 --timer=20
-states 6672
-attack NoClaim
-time 2.006e+01
-st/sec 3.326e+02
-claim mnsl3v15 R2V Nisynch_R2b found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v15 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v15 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 28:
-./multinsl-generator.py 3 15 | scyther -a -r5 -m2 --summary --goal-select=28 --timer=20
-states 6136
-attack NoClaim
-time 2.010e+01
-st/sec 3.053e+02
-claim mnsl3v15 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v15 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v15 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v15 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 29:
-./multinsl-generator.py 3 15 | scyther -a -r5 -m2 --summary --goal-select=29 --timer=20
-states 3521
-attack NoClaim
-time 2.009e+01
-st/sec 1.753e+02
-claim mnsl3v15 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v15 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v15 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v15 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 30:
-./multinsl-generator.py 3 15 | scyther -a -r5 -m2 --summary --goal-select=30 --timer=20
-states 7584
-attack NoClaim
-time 2.006e+01
-st/sec 3.781e+02
-claim mnsl3v15 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v15 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v15 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v15 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-Heuristic 31:
-./multinsl-generator.py 3 15 | scyther -a -r5 -m2 --summary --goal-select=31 --timer=20
-states 8369
-attack NoClaim
-time 2.004e+01
-st/sec 4.176e+02
-claim mnsl3v15 R2V Nisynch_R2b found: 0 correct: does_not_occur
-claim mnsl3v15 R2V Secret_R2a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R1V Nisynch_R1b found: 0 correct: does_not_occur
-claim mnsl3v15 R1V Secret_R1a found: 1 correct: bounded_proof time=20
-claim mnsl3v15 R0V Nisynch_R0b found: 0 correct: does_not_occur
-claim mnsl3v15 R0V Secret_R0a found: 1 correct: bounded_proof time=20
-
-
-13,25 work well.
diff --git a/Vagrant Files/shared/scyther/Protocols/multi-NSL/mnsl-results.txt b/Vagrant Files/shared/scyther/Protocols/multi-NSL/mnsl-results.txt
deleted file mode 100644
index a04a56f8cf33f9caafa445e7b4f55613f19ac337..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/multi-NSL/mnsl-results.txt
+++ /dev/null
@@ -1,33 +0,0 @@
-Report:
--------
-
-Using P 3 and 2 runs, we find attacks on [1, 5, 9, 13, 18, 22, 26, 30]
-Using P 3 and 3 runs, we find attacks on [0, 3, 4, 7, 16, 19, 20, 23]
-Using P 3 and 4 runs, we find attacks on [2, 6, 10, 14, 17, 21, 27, 31]
-Using P 3 and 5 runs, we find attacks on [25, 29]
-Using P 4 and 3 runs, we find attacks on [8, 24]
-Using P 4 and 5 runs, we find attacks on [12, 28]
-
-Log:
-----
-Slave1:multiparty% ./test-variants.py
-Testing using P 3 and 2 runs.
-Using P 3 and 2 runs, we find attacks on [1, 5, 9, 13, 18, 22, 26, 30]
-Therefore, we are left with 24 candidates: [0, 2, 3, 4, 6, 7, 8, 10, 11, 12, 14, 15, 16, 17, 19, 20, 21, 23, 24, 25, 27, 28, 29, 31]
-Testing using P 3 and 3 runs.
-Using P 3 and 3 runs, we find attacks on [0, 3, 4, 7, 16, 19, 20, 23]
-Therefore, we are left with 16 candidates: [2, 6, 8, 10, 11, 12, 14, 15, 17, 21, 24, 25, 27, 28, 29, 31]
-Testing using P 3 and 4 runs.
-Using P 3 and 4 runs, we find attacks on [2, 6, 10, 14, 17, 21, 27, 31]
-Therefore, we are left with 8 candidates: [8, 11, 12, 15, 24, 25, 28, 29]
-Testing using P 3 and 5 runs.
-Using P 3 and 5 runs, we find attacks on [25, 29]
-Therefore, we are left with 6 candidates: [8, 11, 12, 15, 24, 28]
-Testing using P 4 and 3 runs.
-Using P 4 and 3 runs, we find attacks on [8, 24]
-Therefore, we are left with 4 candidates: [11, 12, 15, 28]
-Testing using P 4 and 4 runs.
-Testing using P 4 and 5 runs.
-Using P 4 and 5 runs, we find attacks on [12, 28]
-Therefore, we are left with 2 candidates: [11, 15]
-Testing using P 4 and 6 runs.
diff --git a/Vagrant Files/shared/scyther/Protocols/multi-NSL/multinsl-generator.py b/Vagrant Files/shared/scyther/Protocols/multi-NSL/multinsl-generator.py
deleted file mode 100644
index ad44870559288c663b6e450cd3beeba9dc2b401d..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/multi-NSL/multinsl-generator.py
+++ /dev/null
@@ -1,345 +0,0 @@
-#!/usr/bin/python
-#
-# Generate Multi-party NSL protocol description for n parties
-#
-# Input: P variant
-#
-# variant uses some bits:
-# bit mask meaning if set to '1'
-# (message type 1)
-# 0 1 nonces in reverse
-# 1 2 nonces after agents
-# 2 4 agents in reverse
-# 3 8 interleaved variant
-# (message type 2)
-# 4 16 nonces in reverse in message 2
-#
-# Convention similar to e.g. Prolog: capitals indicate open variables;
-# in particular, they can be bound by _any_ value during the run,
-# assuming full type flaws.
-#
-import sys
-from optparse import OptionParser
-
-def parseArgs():
- usage = "usage: %s [opts] Parties Variant" % sys.argv[0]
- parser = OptionParser(usage=usage)
- parser.add_option('-p','--protocol', dest='protocol',
- help='Generate another protocol [nsl,bke]', default="nsl",
- action='store')
- (opts, args) = parser.parse_args()
- if len(args) != 2:
- parser.print_help()
- sys.exit(0)
- if opts.protocol not in ["nsl","bke","nsl-priv-noprop","nsl-pub-nap","bke-nap"]:
- print "I don't know the %s protocol." % (opts.protocol)
- sys.exit(0)
- return (opts,args)
-
-
-def variablerole (r, inrole):
- if r == inrole or inrole == 0:
- return False
- else:
- return True
-
-def role (r,inrole):
- global P
-
- return "r%i" % (r % P)
-
-def zeroconst ():
-
- """ This is 0 or some other stupid constant """
-
- return "zeroconst"
-
-def nonce (r,inrole):
- global P
-
- if r == inrole:
- # nonce of our own
- return "n%i" % (r % P)
- else:
- # a variable: we want to see this in the notation
- return "N%i" % (r % P)
-
-def extend (s1, s2):
- if s1 == "":
- return s2
- else:
- return s1 + "," + s2
-
-def weavel (l1,l2,reverse1,swap,reverse2,interleave):
- """ l1 is typically a list of nonces, l2 might be empty (names) """
- global variant
-
- if reverse1:
- l1.reverse()
- if l2 == []:
- return l1
- else:
- if reverse2:
- l2.reverse()
- if swap:
- # swap
- l3 = l1
- l1 = l2
- l2 = l3
- if interleave:
- rl = []
- largest = max(len(l1),len(l2))
- for i in range (0,largest):
- if i < len(l1):
- rl.append(l1[i])
- if i < len(l2):
- rl.append(l2[i])
- return rl
- else:
- return l1 + l2
-
-def message1 (label,inrole):
- global P,variant,opts
-
- if opts.protocol in ['bke','nsl']:
- noncelist = []
- for i in range(0,label+1):
- noncelist.append(nonce(i,inrole))
- rolelist = []
- for i in range(0,P):
- if i != (label+1) % P:
- rolelist.append(role(i,inrole))
-
- return ",".join(weavel(noncelist,rolelist,
- (variant & 1 != 0),
- (variant & 2 != 0),
- (variant & 4 != 0),
- (variant & 8 != 0)
- ))
- elif opts.protocol == 'nsl-priv-noprop':
-
- list = []
- for i in range(0,P):
- list.append(role(i,inrole))
- list.append(nonce(0,inrole))
- msg = ",".join(list)
-
- for i in range(1,label+1):
- msg = "{ %s,%s }sk(%s)" % (msg,nonce(i,inrole),role(i,inrole))
-
- return msg
-
- elif opts.protocol == 'nsl-pub-nap':
-
- list = []
- for i in range(0,P):
- list.append(role(i,inrole))
- list.append(nonce(0,inrole))
- msg = ",".join(list)
-
- for i in range(1,label+1):
- msg = "{ %s }sk(%s), %s" % (msg,role(i,inrole),nonce(i,inrole))
-
- msg = "{ %s }pk(%s)" % (msg,role(label+1,inrole))
-
- return msg
- elif opts.protocol == 'bke-nap':
-
- list = []
- for i in range(0,P):
- list.append(role(i,inrole))
- list.append(nonce(0,inrole))
- msg = ",".join(list)
-
- for i in range(1,label+1):
- msg = "{ %s }sk(%s), %s" % (msg,role(i,inrole),nonce(i,inrole))
-
- msg = "{ %s }pk(%s)" % (msg,role(label+1,inrole))
-
- return msg
- else:
- print "Hmm, I don't know how to create the first message for protocol %s" % (opts.protocol)
-
-def message2 (label,inrole):
- global P,variant,opts
-
- if opts.protocol == "nsl":
- noncelist = []
- for i in range (((label + 1) % P),P):
- noncelist.append(nonce(i,inrole))
-
- return ",".join(weavel(noncelist,[],
- (variant & 16 != 0),
- False,
- False,
- False
- ))
- elif opts.protocol == "bke":
- noncelist = []
- for i in range (((label + 1) % P) + 1,P):
- noncelist.append(nonce(i,inrole))
- if len(noncelist) == 0:
- noncelist.append(zeroconst())
-
- return ",".join(weavel(noncelist,[],
- (variant & 16 != 0),
- False,
- False,
- False
- ))
- elif opts.protocol in ['nsl-priv-noprop','nsl-pub-nap']:
- msg = message1(P-1,inrole)
- for i in range(0,label-P+1):
- msg = "{ %s }sk(%s)" % (msg,role(i,inrole))
-
- if opts.protocol == 'nsl-pub-nap':
- msg = "{ %s }pk(%s)" % (msg,role(label+1,inrole))
-
- return msg
- elif opts.protocol == 'bke-nap':
- msg = message1(P-1,inrole)
- for i in range(0,label-P+1):
- msg = "{ %s }sk(%s)" % (msg,role(i,inrole))
-
- msg = "{ %s }%s" % (msg,nonce((label+1) % P,inrole))
-
- return msg
- else:
- print "Hmm, I don't know how to create the final message for protocol %s" % (opts.protocol)
-
-def message (label,inrole):
- global P,opts
-
- if opts.protocol in ['bke','nsl']:
- s = "{ "
- if label < P:
- s = s + message1 (label,inrole)
- else:
- s = s + message2 (label,inrole)
-
- if opts.protocol == "bke" and not (label < P):
- s = s + " }" + nonce((label+1) % P, inrole)
- else:
- s = s + " }pk(%s)" % role(label+1,inrole)
- return s
- else:
- if label < P:
- return message1 (label,inrole)
- else:
- return message2 (label,inrole)
-
-
-def action (event,label,inrole):
- s = "\t\t%s_%i(%s,%s, " % (event,label, role(label,inrole),
- role(label+1,inrole))
- s += message (label,inrole)
- s += " );\n"
- return s
-
-def recv (label,inrole):
- return action ("recv", label,inrole)
-
-
-def send (label,inrole):
- return action ("send", label,inrole)
-
-def roledef (r):
- global P,opts
-
- s = ""
- s += "\trole " + role(r,r) + "\n\t{\n"
-
- # constants for this role
-
- s += "\t\tconst " + nonce (r,r) + ": Nonce;\n"
-
- # variables
-
- s += "\t\tvar "
- nr = 0
- for i in range (0,P):
- if r != i:
- if nr > 0:
- s += ","
- s += nonce(i,r)
- nr += 1
-
- s += ": Nonce;\n"
-
- # implicit role variables
-
- rolevars = []
- for i in range (0,P):
- if variablerole(i,r):
- rolevars.append(role(i,r))
-
- if rolevars != []:
- s += "\t\t// Implicit role variables: "
- s += ",".join(rolevars)
- s += ": Role;\n"
-
- # actions
-
- s += "\n"
- if r > 0:
- # Initial recv
- s += recv(r-1,r)
- s += send(r,r)
- s += recv(P+r-1,r)
- if r < (P-1):
- # Final send
- s += send(P+r,r)
-
- # claims
-
- if opts.protocol in ['bke','nsl','nsl-pub-nap','bke-nap']:
- s += "\t\tclaim_%sa( %s, Secret, %s );\n" % (role(r,r), role(r,r),
- nonce(r,r))
- s += "\t\tclaim_%sb( %s, Nisynch );\n" % (role(r,r), role(r,r))
-
- # close
- s += "\t}\n\n"
- return s
-
-
-def protocol (args):
- global P,variant,opts
-
- P = int(args[0])
- variant = int(args[1])
-
- s = ""
- s += "// Generalized %s protocol for %i parties\n\n" % (opts.protocol,P)
- s += "// " + str(opts) + "\n\n"
- s += "// Variant %i\n" % variant
-
- if opts.protocol == "bke":
- s += "usertype Globalconstant;\n"
- s += "const %s: Globalconstant;\n" % (zeroconst())
-
- s += "\n"
-
- s += "protocol mnsl%iv%i(" % (P,variant)
- for i in range (0,P):
- if i > 0:
- s += ","
- s += role(i,i)
- s += ")\n{\n"
-
- for i in range (0,P):
- s += roledef(i)
-
- s += "}\n\n"
-
- s += "\n"
- return s
-
-def main():
- global opts
-
- (opts,args) = parseArgs()
- print protocol(args)
-
-# Only if main stuff
-if __name__ == '__main__':
- main()
diff --git a/Vagrant Files/shared/scyther/Protocols/multi-NSL/test-heuristics.py b/Vagrant Files/shared/scyther/Protocols/multi-NSL/test-heuristics.py
deleted file mode 100644
index 34c03fc5abe89998e790981f56c3fc78ba7233bf..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/multi-NSL/test-heuristics.py
+++ /dev/null
@@ -1,69 +0,0 @@
-#!/usr/bin/python
-#
-#
-# Idea:
-#
-# We test all options for the heuristics [0..31] to compare,
-# and sincerely hope on gives a complete proof.
-# we slowly refine the tests.
-#
-import commands
-
-def startset():
- mainlist = [11, 15]
- print "Starting with", mainlist
- return mainlist
-
-def tuplingchoice(heur,variant,P,runs,latupling):
- # variant is in range [0..64>,
- # where we use the highest bid to signify the
- # associativity of the tupling.
-
- extraflags = ""
- if latupling:
- extraflags += " --la-tupling"
-
- # Choose heuristics
- extraflags += " --goal-select=%i" % (heur)
-
- # Time limit
- extraflags += " --timer=20"
-
- s = "./multinsl-generator.py"
- s += " %i %i" % (P,variant)
- s += " | scyther -a -r%i -m2 --summary %s" % (runs, extraflags)
-
- ## Old stuff
- #s += " | scyther -a -r%i --summary" % runs
-
- # Show what we're doing
- print s
-
- #s += " | grep \"complete\""
- out = commands.getoutput(s)
- if out == "":
- #print "Okay"
- return False
- else:
- print out
- return True
-
-def testvariant(h,v,p,r):
- if tuplingchoice (h,v,p,r, False):
- return True
- else:
- return tuplingchoice (h,v,p,r, True)
-
-def scan(testlist, P, runs):
- print "Testing using P %i and %i runs." % (P,runs)
- for i in testlist:
- print "Testing protocol %i." % (i)
- for h in range (0,32):
- print "Heuristic %i:" % (h)
- testvariant (h,i,P,runs)
-
-def main():
- candidates = startset()
- scan(candidates,3,5)
-
-main()
diff --git a/Vagrant Files/shared/scyther/Protocols/multi-NSL/test-variants.py b/Vagrant Files/shared/scyther/Protocols/multi-NSL/test-variants.py
deleted file mode 100644
index ae00ce71877c9fc71c11fc4fa5ed89756082e99f..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/multi-NSL/test-variants.py
+++ /dev/null
@@ -1,79 +0,0 @@
-#!/usr/bin/python
-#
-#
-# Idea:
-#
-# We test all variants [0..31] until we are sure they work. Thus,
-# we slowly refine the tests.
-#
-import commands
-
-def startset():
- return range(0,32)
-
- mainlist = [11, 15]
- print "Starting with", mainlist
- return mainlist
-
-def tuplingchoice(variant,P,runs,latupling):
- # variant is in range [0..64>,
- # where we use the highest bid to signify the
- # associativity of the tupling.
-
- extraflags = ""
- if latupling:
- extraflags += " --la-tupling"
-
- s = "./multinsl-generator.py"
- s += " %i %s" % (P,variant)
- s += " | scyther -r%i --untyped %s" % (runs, extraflags)
- #s += " | scyther -a -r%i --summary" % runs
- #print s
- s += " | grep \"Fail\""
- out = commands.getoutput(s)
- if out == "":
- #print "Okay"
- return True
- else:
- #print out
- # Thus, MultiNSL P variant has the first attack for n runs
- return False
-
-def testvariant(v,p,r):
- if not tuplingchoice (v,p,r, False):
- return False
- else:
- return tuplingchoice (v,p,r, True)
-
-def removeattacks (testlist, P, runs):
- okaylist = []
- for v in testlist:
- if testvariant (v, P, runs):
- okaylist.append(v)
- return okaylist
-
-def scan(testlist, P, runs):
- print "Testing using P %i and %i runs." % (P,runs)
- results = removeattacks (testlist, P, runs)
- if len(results) < len(testlist):
- attacked = []
- for i in range(0,len(testlist)):
- if testlist[i] not in results:
- attacked.append(testlist[i])
- print "Using P %i and %i runs, we find attacks on %s" % (P,runs, str(attacked))
- print "Therefore, we are left with %i candidates: " % (len(results)), results
-
- return results
-
-def main():
- candidates = startset()
- for P in range(3,7):
- for rundiff in range(0,5):
- candidates = scan(candidates,P,P+rundiff)
-
- print
- print "Good variants:"
- print candidates
-
-
-main()
diff --git a/Vagrant Files/shared/scyther/Protocols/needham-schroeder-lowe.spdl b/Vagrant Files/shared/scyther/Protocols/needham-schroeder-lowe.spdl
deleted file mode 100644
index fabb522b2a82b61d38acbaba18caef4df68494b2..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/needham-schroeder-lowe.spdl
+++ /dev/null
@@ -1,53 +0,0 @@
-# Lowe's fixed version of Needham Schroeder Public Key
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/nspkLowe.html
-#
-#
-# Note:
-# The modelling in SPORE includes a server to distribute the public keys
-# of the agents, this is not necessary and it allows for attacks against
-# synchronisation and agreement, because the keys that the server sends
-# out can be replayed.
-
-protocol needhamschroederpk-Lowe(I,R,S)
-{
- role I
- {
- fresh Ni: Nonce;
- var Nr: Nonce;
-
- send_1(I,S, (I,R));
- recv_2(S,I, {pk(R), R}sk(S));
- send_3(I,R,{Ni,I}pk(R));
- recv_6(R,I, {Ni,Nr,R}pk(I));
- send_7(I,R, {Nr}pk(R));
- claim_I1(I,Secret,Ni);
- claim_I2(I,Secret,Nr);
- claim_I3(I,Nisynch);
- }
-
- role R
- {
- fresh Nr: Nonce;
- var Ni: Nonce;
-
- recv_3(I,R,{Ni,I}pk(R));
- send_4(R,S,(R,I));
- recv_5(S,R,{pk(I),I}sk(S));
- send_6(R,I,{Ni,Nr,R}pk(I));
- recv_7(I,R,{Nr}pk(R));
- claim_R1(R,Secret,Nr);
- claim_R2(R,Secret,Ni);
- claim_R3(R,Nisynch);
- }
-
- role S
- {
- recv_1(I,S,(I,R));
- send_2(S,I,{pk(R),R}sk(S));
- recv_4(R,S,(R,I));
- send_5(S,R,{pk(I),I}sk(S));
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/needham-schroeder-sk-amend.spdl b/Vagrant Files/shared/scyther/Protocols/needham-schroeder-sk-amend.spdl
deleted file mode 100644
index 189093d107295d32d8bc177f455d9246d0059bf0..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/needham-schroeder-sk-amend.spdl
+++ /dev/null
@@ -1,66 +0,0 @@
-# Amended Needham Schroeder Symmetric Key
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/nssk_amended.html
-#
-#
-# Note:
-# According to SPORE there are no attacks on this protocol, scyther
-# finds one however. This has to be investigated further.
-
-
-
-# Model dec that is invertible by inc
-const dec,inc: Function;
-inversekeys(dec,inc);
-usertype SessionKey;
-const Fresh: Function;
-const Compromised: Function;
-
-protocol needhamschroedersk-amend(I,R,S)
-{
- role I
- {
- fresh Ni: Nonce;
- var Nr: Nonce;
- var Kir: SessionKey;
- var T,T2: Ticket;
-
- send_1(I,R,I);
- recv_2(R,I,T);
- send_3(I,S,(I,R,Ni,T));
- recv_4(S,I, {Ni,R,Kir,T2}k(I,S));
- send_5(I,R,T2);
- recv_6(R,I,{Nr}Kir);
- send_7(I,R,{{Nr}dec}Kir);
-
- claim_I2(I,Secret,Kir);
- claim_I3(I,Nisynch);
- claim_I4(I,Empty,(Fresh,Kir));
- }
-
- role R
- {
- fresh Nr: Nonce;
- var Kir: SessionKey;
-
- recv_1(I,R,I);
- send_2(R,I,{I,Nr}k(R,S));
- recv_5(I,R,{Kir,Nr,I}k(R,S));
- send_6(R,I,{Nr}Kir);
- recv_7(I,R,{{Nr}dec}Kir);
- claim_R1(R,Secret,Nr);
- claim_R3(R,Nisynch);
- claim_R4(R,Empty,(Fresh,Kir));
- }
-
- role S
- {
- var Ni,Nr: Nonce;
- fresh Kir: SessionKey;
- recv_3(I,S,(I,R,Ni,{I,Nr}k(R,S)));
- send_4(S,I,{Ni,R,Kir,{Kir,Nr,I}k(R,S)}k(I,S));
- }
-
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/needham-schroeder-sk.spdl b/Vagrant Files/shared/scyther/Protocols/needham-schroeder-sk.spdl
deleted file mode 100644
index 71a7e6c3ca031a129edced11e2ed78a1e78ceb37..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/needham-schroeder-sk.spdl
+++ /dev/null
@@ -1,56 +0,0 @@
-# Needham Schroeder Symmetric Key
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/nssk.html
-#
-#
-
-
-# Model dec that is invertible by inc
-const dec,inc: Function;
-inversekeys(dec,inc);
-usertype SessionKey;
-const Fresh: Function;
-const Compromised: Function;
-
-protocol needhamschroedersk(I,R,S)
-{
- role I
- {
- fresh Ni: Nonce;
- var Nr: Nonce;
- var Kir: SessionKey;
- var T: Ticket;
-
- send_1(I,S,(I,R,Ni));
- recv_2(S,I, {Ni,R,Kir,T}k(I,S));
- send_3(I,R,T);
- recv_4(R,I,{Nr}Kir);
- send_5(I,R,{{Nr}dec}Kir);
- claim_I2(I,Secret,Kir);
- claim_I3(I,Nisynch);
- claim_I4(I,Empty,(Fresh,Kir));
- }
-
- role R
- {
- fresh Nr: Nonce;
- var Kir: SessionKey;
-
- recv_3(I,R,{Kir,I}k(R,S));
- send_4(R,I,{Nr}Kir);
- recv_5(I,R,{{Nr}dec}Kir);
- claim_R1(R,Secret,Kir);
- claim_R3(R,Nisynch);
- claim_R4(R,Empty,(Fresh,Kir));
- }
-
- role S
- {
- var Ni: Nonce;
- fresh Kir: SessionKey;
- recv_1(I,S,(I,R,Ni));
- send_2(S,I,{Ni,R,Kir,{Kir,I}k(R,S)}k(I,S));
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/needham-schroeder.spdl b/Vagrant Files/shared/scyther/Protocols/needham-schroeder.spdl
deleted file mode 100644
index ea148542a688157e282405a8266e42226da8bf95..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/needham-schroeder.spdl
+++ /dev/null
@@ -1,53 +0,0 @@
-# Needham Schroeder Public Key
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/nspk.html
-#
-#
-# Note:
-# The modelling in SPORE includes a server to distribute the public keys
-# of the agents, this is not necessary and it allows for attacks against
-# synchronisation and agreement, because the keys that the server sends
-# out can be replayed.
-
-protocol needhamschroederpk(I,R,S)
-{
- role I
- {
- fresh Ni: Nonce;
- var Nr: Nonce;
-
- send_1(I,S,(I,R));
- recv_2(S,I, {pk(R), R}sk(S));
- send_3(I,R,{Ni,I}pk(R));
- recv_6(R,I, {Ni, Nr}pk(I));
- send_7(I,R, {Nr}pk(R));
- claim_I1(I,Secret,Ni);
- claim_I2(I,Secret,Nr);
- claim_I3(I,Nisynch);
- }
-
- role R
- {
- fresh Nr: Nonce;
- var Ni: Nonce;
-
- recv_3(I,R,{Ni,I}pk(R));
- send_4(R,S,(R,I));
- recv_5(S,R,{pk(I),I}sk(S));
- send_6(R,I,{Ni,Nr}pk(I));
- recv_7(I,R,{Nr}pk(R));
- claim_R1(R,Secret,Nr);
- claim_R2(R,Secret,Ni);
- claim_R3(R,Nisynch);
- }
-
- role S
- {
- recv_1(I,S,(I,R));
- send_2(S,I,{pk(R),R}sk(S));
- recv_4(R,S,(R,I));
- send_5(S,R,{pk(I),I}sk(S));
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/neumannstub-guttman-hwang.spdl b/Vagrant Files/shared/scyther/Protocols/neumannstub-guttman-hwang.spdl
deleted file mode 100644
index bcb48d286b9dd3b8b78a05fb886ab55fdb58e822..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/neumannstub-guttman-hwang.spdl
+++ /dev/null
@@ -1,105 +0,0 @@
-# Neumann Stubblebine
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/neumannStubblebine.html
-#
-# Note:
-# In SPORE this protocol is not described correctly, there are in fact 2
-# different protocols (the key establishment protocol and the repeated
-# authentication protocol)
-
-usertype Server, SessionKey, TimeStamp, TicketKey;
-usertype ExpiredTimeStamp;
-
-const Fresh: Function;
-const Compromised: Function;
-
-protocol neustub-GuttmanHwang^Repeat(I,R,S)
-{
- fresh Kir: SessionKey;
-
- role I
- {
- fresh Mi: Nonce;
- var Mr: Nonce;
- fresh Kir: SessionKey;
- fresh Tr: TimeStamp;
-
- send_5(I,R,Mi,{I,Kir,Tr}k(R,S));
- recv_6(R,I,{Mi,Mr}Kir);
- send_7(I,R,{I,Mr}Kir);
- claim_I1(I,Secret, Kir);
- claim_I2(I,Niagree);
- claim_I3(I,Nisynch);
- claim_I4(I,Empty,(Fresh,Kir));
- }
-
- role R
- {
- fresh Mr: Nonce;
- var Tr: TimeStamp;
- var Kir: SessionKey;
- var Mi: Nonce;
-
- recv_5(I,R,Mi,{I,Kir,Tr}k(R,S));
- send_6(R,I,{Mi,Mr}Kir);
- recv_7(I,R,{I,Mr}Kir);
- claim_R1(R,Secret, Kir);
- claim_R2(R,Niagree);
- claim_R3(R,Nisynch);
- claim_R4(R,Empty,(Fresh,Kir));
- }
-
- role S
- {
- }
-}
-protocol neustub-GuttmanHwang(I,R,S)
-{
- role I
- {
- fresh Ni: Nonce;
- var Nr: Nonce;
- var T: Ticket;
- var Tb: TimeStamp;
- var Kir: SessionKey;
-
- send_1(I,R, I, Ni);
- recv_!3(S,I, { R,Ni,Kir,Tb}k(I,S), T, Nr);
- send_!4(I,R,T,{Nr}Kir);
-
- claim_I1(I,Secret, Kir);
- claim_I2(I,Niagree);
- claim_I3(I,Nisynch);
- claim_I4(I,Empty,(Fresh,Kir));
- }
-
- role R
- {
- var Ni,Mi: Nonce;
- fresh Nr,Mr: Nonce;
- var Kir: SessionKey;
- fresh Tb: TimeStamp;
- var T: Ticket;
-
- recv_1(I,R, I, Ni);
- send_!2(R,S, R, {I, Ni, Tb ,Nr}k(R,S));
- recv_!4(I,R,{I,Kir,Tb}k(R,S),{Nr}Kir);
-
- claim_R1(R,Secret, Kir);
- claim_R2(R,Niagree);
- claim_R3(R,Nisynch);
- claim_R4(R,Empty,(Fresh,Kir));
- }
-
- role S
- {
- var Ni, Nr: Nonce;
- fresh Kir: SessionKey;
- var Tb: TimeStamp;
-
- recv_!2(R,S, R, {I,Ni,Tb,Nr}k(R,S));
- send_!3(S,I, { R, Ni, Kir, Tb}k(I,S), { I,Kir,Tb}k(R,S),Nr );
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/neumannstub-guttman.spdl b/Vagrant Files/shared/scyther/Protocols/neumannstub-guttman.spdl
deleted file mode 100644
index 09e7f6ee57f096735383dfb9247b210d68cb444c..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/neumannstub-guttman.spdl
+++ /dev/null
@@ -1,105 +0,0 @@
-# Neumann Stubblebine
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/neumannStubblebine.html
-#
-# Note:
-# In SPORE this protocol is not described correctly, there are in fact 2
-# different protocols (the key establishment protocol and the repeated
-# authentication protocol)
-
-usertype Server, SessionKey, TimeStamp, TicketKey;
-usertype ExpiredTimeStamp;
-
-const Fresh: Function;
-const Compromised: Function;
-
-protocol neustub^Repeat(I,R,S)
-{
- fresh Kir: SessionKey;
-
- role I
- {
- fresh Mi: Nonce;
- var Mr: Nonce;
- fresh Kir: SessionKey;
- fresh Tr: TimeStamp;
-
- send_5(I,R,Mi,{I,Kir,Tr}k(R,S));
- recv_6(R,I,{Mi,Mr}Kir);
- send_7(I,R,{I,Mr}Kir);
- claim_I1(I,Secret, Kir);
- claim_I2(I,Niagree);
- claim_I3(I,Nisynch);
- claim_I4(I,Empty,(Fresh,Kir));
- }
-
- role R
- {
- fresh Mr: Nonce;
- var Tr: TimeStamp;
- var Kir: SessionKey;
- var Mi: Nonce;
-
- recv_5(I,R,Mi,{I,Kir,Tr}k(R,S));
- send_6(R,I,{Mi,Mr}Kir);
- recv_7(I,R,{I,Mr}Kir);
- claim_R1(R,Secret, Kir);
- claim_R2(R,Niagree);
- claim_R3(R,Nisynch);
- claim_R4(R,Empty,(Fresh,Kir));
- }
-
- role S
- {
- }
-}
-protocol neustub(I,R,S)
-{
- role I
- {
- fresh Ni: Nonce;
- var Nr: Nonce;
- var T: Ticket;
- var Tb: TimeStamp;
- var Kir: SessionKey;
-
- send_1(I,R, I, Ni);
- recv_!3(S,I, { R,Ni,Kir,Tb}k(I,S), T, Nr);
- send_4(I,R,T,{Nr}Kir);
-
- claim_I1(I,Secret, Kir);
- claim_I2(I,Niagree);
- claim_I3(I,Nisynch);
- claim_I4(I,Empty,(Fresh,Kir));
- }
-
- role R
- {
- var Ni,Mi: Nonce;
- fresh Nr,Mr: Nonce;
- var Kir: SessionKey;
- fresh Tb: TimeStamp;
- var T: Ticket;
-
- recv_1(I,R, I, Ni);
- send_!2(R,S, R, {I, Ni, Tb}k(R,S),Nr);
- recv_4(I,R,{I,Kir,Tb}k(R,S),{Nr}Kir);
-
- claim_R1(R,Secret, Kir);
- claim_R2(R,Niagree);
- claim_R3(R,Nisynch);
- claim_R4(R,Empty,(Fresh,Kir));
- }
-
- role S
- {
- var Ni, Nr: Nonce;
- fresh Kir: SessionKey;
- var Tb: TimeStamp;
-
- recv_!2(R,S, R, {I,Ni,Tb}k(R,S), Nr);
- send_!3(S,I, { R, Ni, Kir, Tb}k(I,S), { I,Kir,Tb}k(R,S),Nr );
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/neumannstub-hwang.spdl b/Vagrant Files/shared/scyther/Protocols/neumannstub-hwang.spdl
deleted file mode 100644
index 1546b405b39ecc2a147cdca5563c9eb30faeb945..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/neumannstub-hwang.spdl
+++ /dev/null
@@ -1,71 +0,0 @@
-# Hwang modified Neumann Stubblebine
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/neumannStubblebineHwang.html
-#
-# Note:
-# According to SPORE there are no attacks on this protocol, scyther
-# finds one however. This has to be investigated further.
-
-
-usertype Server, SessionKey, TimeStamp, TicketKey;
-usertype ExpiredTimeStamp;
-
-const Fresh: Function;
-const Compromised: Function;
-
-protocol neustub-Hwang(I,R,S)
-{
- role I
- {
- fresh Ni,Mi: Nonce;
- var Nr,Mr: Nonce;
- var T: Ticket;
- var Tb: TimeStamp;
- var Kir: SessionKey;
-
- send_1(I,R, I, Ni);
- recv_!3(S,I, { R,Ni,Kir,Tb}k(I,S), T, Nr);
- send_4(I,R,T,{Nr}Kir);
- send_5(I,R,Mi,T);
- recv_6(R,I,Mr,{Mi}Kir);
- send_7(I,R,{Mr}Kir);
-
- claim_I1(I,Secret, Kir);
- claim_I2(I,Niagree);
- claim_I3(I,Nisynch);
- claim_I4(I,Empty,(Fresh,Kir));
- }
-
- role R
- {
- var Ni,Mi: Nonce;
- fresh Nr,Mr: Nonce;
- var Kir: SessionKey;
- fresh Tb: TimeStamp;
- var T: Ticket;
-
- recv_1(I,R, I, Ni);
- send_!2(R,S, R, {I, Ni, Tb, Nr}k(R,S));
- recv_4(I,R,{I,Kir,Tb}k(R,S),{Nr}Kir);
- recv_5(I,R,Mi,T);
- send_6(R,I,Mr,{Mi}Kir);
- recv_7(I,R,{Mr}Kir);
-
- claim_R1(R,Secret, Kir);
- claim_R2(R,Niagree);
- claim_R3(R,Nisynch);
- claim_R4(R,Empty,(Fresh,Kir));
- }
-
- role S
- {
- var Ni, Nr: Nonce;
- fresh Kir: SessionKey;
- var Tb: TimeStamp;
-
- recv_!2(R,S, R, {I,Ni,Tb,Nr}k(R,S));
- send_!3(S,I, { R, Ni, Kir, Tb}k(I,S), { I,Kir,Tb}k(R,S),Nr );
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/neumannstub-keycompromise.spdl b/Vagrant Files/shared/scyther/Protocols/neumannstub-keycompromise.spdl
deleted file mode 100644
index d8031504dcd56311f1dd9e10ecce824fd0a3b41f..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/neumannstub-keycompromise.spdl
+++ /dev/null
@@ -1,105 +0,0 @@
-# Neumann Stubblebine
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/neumannStubblebine.html
-#
-# Note:
-# In SPORE this protocol is not described correctly, there are in fact 2
-# different protocols (the key establishment protocol and the repeated
-# authentication protocol)
-
-usertype Server, SessionKey, TimeStamp, TicketKey;
-usertype ExpiredTimeStamp;
-
-const Fresh: Function;
-const Compromised: Function;
-
-protocol neustub^Repeat(I,R,S)
-{
- fresh Kir: SessionKey;
-
- role I
- {
- fresh Mi: Nonce;
- var Mr: Nonce;
- fresh Kir: SessionKey;
- fresh Tr: TimeStamp;
-
- send_5(I,R,Mi,{I,Kir,Tr}k(R,S));
- recv_6(R,I,Mr,{Mi}Kir);
- send_7(I,R,{Mr}Kir);
- claim_I1(I,Secret, Kir);
- claim_I2(I,Niagree);
- claim_I3(I,Nisynch);
- claim_I4(I,Empty,(Fresh,Kir));
- }
-
- role R
- {
- fresh Mr: Nonce;
- var Tr: TimeStamp;
- var Kir: SessionKey;
- var Mi: Nonce;
-
- recv_5(I,R,Mi,{I,Kir,Tr}k(R,S));
- send_6(R,I,Mr,{Mi}Kir);
- recv_7(I,R,{Mr}Kir);
- claim_R1(R,Secret, Kir);
- claim_R2(R,Niagree);
- claim_R3(R,Nisynch);
- claim_R4(R,Empty,(Fresh,Kir));
- }
-
- role S
- {
- }
-}
-protocol neustub(I,R,S)
-{
- role I
- {
- fresh Ni: Nonce;
- var Nr: Nonce;
- var T: Ticket;
- var Tb: TimeStamp;
- var Kir: SessionKey;
-
- send_1(I,R, I, Ni);
- recv_3(S,I, { R,Ni,Kir,Tb}k(I,S), T, Nr);
- send_4(I,R,T,{Nr}Kir);
-
- claim_I1(I,Secret, Kir);
- claim_I2(I,Niagree);
- claim_I3(I,Nisynch);
- claim_I4(I,Empty,(Fresh,Kir));
- }
-
- role R
- {
- var Ni,Mi: Nonce;
- fresh Nr,Mr: Nonce;
- var Kir: SessionKey;
- fresh Tb: TimeStamp;
- var T: Ticket;
-
- recv_1(I,R, I, Ni);
- send_2(R,S, R, {I, Ni, Tb}k(R,S),Nr);
- recv_4(I,R,{I,Kir,Tb}k(R,S),{Nr}Kir);
-
- claim_R1(R,Secret, Kir);
- claim_R2(R,Niagree);
- claim_R3(R,Nisynch);
- claim_R4(R,Empty,(Fresh,Kir));
- }
-
- role S
- {
- var Ni, Nr: Nonce;
- fresh Kir: SessionKey;
- var Tb: TimeStamp;
-
- recv_2(R,S, R, {I,Ni,Tb}k(R,S), Nr);
- send_3(S,I, { R, Ni, Kir, Tb}k(I,S), { I,Kir,Tb}k(R,S),Nr );
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/neumannstub.spdl b/Vagrant Files/shared/scyther/Protocols/neumannstub.spdl
deleted file mode 100644
index d1d0ee1fd2b52cf8a9ff91365aa54ea747b8d98e..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/neumannstub.spdl
+++ /dev/null
@@ -1,98 +0,0 @@
-# Neumann Stubblebine
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/neumannStubblebine.html
-#
-# Note:
-# In SPORE this protocol is not described correctly, there are in fact 2
-# different protocols (the key establishment protocol and the repeated
-# authentication protocol)
-
-usertype Server, SessionKey, TimeStamp, TicketKey;
-usertype ExpiredTimeStamp;
-
-protocol neustub^Repeat(I,R,S)
-{
- fresh Kir: SessionKey;
-
- role I
- {
- fresh Mi: Nonce;
- var Mr: Nonce;
- fresh Kir: SessionKey;
- fresh Tr: TimeStamp;
-
- send_5(I,R,Mi,{I,Kir,Tr}k(R,S));
- recv_6(R,I,Mr,{Mi}Kir);
- send_7(I,R,{Mr}Kir);
- claim_I1(I,Secret, Kir);
- claim_I2(I,Niagree);
- claim_I3(I,Nisynch);
- }
-
- role R
- {
- fresh Mr: Nonce;
- var Tr: TimeStamp;
- var Kir: SessionKey;
- var Mi: Nonce;
-
- recv_5(I,R,Mi,{I,Kir,Tr}k(R,S));
- send_6(R,I,Mr,{Mi}Kir);
- recv_7(I,R,{Mr}Kir);
- claim_R1(R,Secret, Kir);
- claim_R2(R,Niagree);
- claim_R3(R,Nisynch);
- }
-
- role S
- {
- }
-}
-protocol neustub(I,R,S)
-{
- role I
- {
- fresh Ni: Nonce;
- var Nr: Nonce;
- var T: Ticket;
- var Tb: TimeStamp;
- var Kir: SessionKey;
-
- send_1(I,R, I, Ni);
- recv_!3(S,I, { R,Ni,Kir,Tb}k(I,S), T, Nr);
- send_4(I,R,T,{Nr}Kir);
-
- claim_I1(I,Secret, Kir);
- claim_I2(I,Niagree);
- claim_I3(I,Nisynch);
- }
-
- role R
- {
- var Ni,Mi: Nonce;
- fresh Nr,Mr: Nonce;
- var Kir: SessionKey;
- fresh Tb: TimeStamp;
- var T: Ticket;
-
- recv_1(I,R, I, Ni);
- send_!2(R,S, R, {I, Ni, Tb}k(R,S),Nr);
- recv_4(I,R,{I,Kir,Tb}k(R,S),{Nr}Kir);
-
- claim_R1(R,Secret, Kir);
- claim_R2(R,Niagree);
- claim_R3(R,Nisynch);
- }
-
- role S
- {
- var Ni, Nr: Nonce;
- fresh Kir: SessionKey;
- var Tb: TimeStamp;
-
- recv_!2(R,S, R, {I,Ni,Tb}k(R,S), Nr);
- send_!3(S,I, { R, Ni, Kir, Tb}k(I,S), { I,Kir,Tb}k(R,S),Nr );
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/otwayrees.spdl b/Vagrant Files/shared/scyther/Protocols/otwayrees.spdl
deleted file mode 100644
index bed12addbb962630e674c20705162c706183767c..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/otwayrees.spdl
+++ /dev/null
@@ -1,56 +0,0 @@
-# Otway Rees
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/otwayRees.html
-#
-
-
-const Fresh: Function;
-const Compromised: Function;
-
-usertype String,SessionKey;
-
-protocol otwayrees(I,R,S)
-{
- role I
- {
- fresh Ni : Nonce;
- fresh M : String;
- var Kir : SessionKey;
-
- send_1(I,R, M,I,R,{Ni,M,I,R}k(I,S) );
- recv_4(R,I, M,{Ni,Kir}k(I,S) );
-
- claim_I1(I, Secret,Kir);
- claim_I2(I, Nisynch);
- claim_I3(I, Empty, (Fresh,Kir));
- }
-
- role R
- {
- var M : String;
- fresh Nr : Nonce;
- var Kir : SessionKey;
- var T1,T2: Ticket;
-
- recv_1(I,R, M,I,R, T1 );
- send_2(R,S, M,I,R, T1, { Nr,M,I,R }k(R,S) );
- recv_3(S,R, M, T2, { Nr,Kir }k(R,S) );
- send_4(R,I, M, T2 );
-
- claim_R1(R, Secret,Kir);
- claim_R2(R, Nisynch);
- claim_R3(R, Empty, (Fresh,Kir));
- }
-
- role S
- {
- var Ni,Nr : Nonce;
- var M : String;
- fresh Kir : SessionKey;
-
- recv_2(R,S, M,I,R, { Ni,M,I,R}k(I,S), { Nr,M,I,R }k(R,S) );
- send_3(S,R, M, { Ni,Kir }k(I,S) , { Nr,Kir }k(R,S) );
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/smartright.spdl b/Vagrant Files/shared/scyther/Protocols/smartright.spdl
deleted file mode 100644
index e3a97192f22f84e745ec1f9c3106e47f591a3244..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/smartright.spdl
+++ /dev/null
@@ -1,46 +0,0 @@
-# SmartRight view-only
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/smartright_viewonly.html
-#
-# Note:
-# According to SPORE there are no known attacks on this protocol
-#
-# Note:
-# Scyther finds an attack because the value of VoR in te last message can
-# be replaced with an arbitrary value
-
-hashfunction hash;
-usertype SessionKey;
-usertype XorKey;
-const Vor: XorKey;
-
-protocol smartright(I,R)
-{
- role I
- {
- fresh VoKey: SessionKey;
- fresh VoR: XorKey;
- fresh CW;
- var VoRi: Nonce;
-
- send_1(I,R, {VoKey,{CW}VoR}k(I,R));
- recv_2(R,I, VoRi);
- send_3(I,R, VoR, {{VoRi}hash}VoKey);
- }
-
- role R
- {
- var T: Ticket;
- var VoR: XorKey;
- var VoKey: SessionKey;
- fresh VoRi: Nonce;
-
- recv_1(I,R, {VoKey,T}k(I,R));
- send_2(R,I, VoRi);
- recv_3(I,R, VoR,{{VoRi}hash}VoKey);
-
- claim_R1(R,Nisynch);
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/splice-as-cj.spdl b/Vagrant Files/shared/scyther/Protocols/splice-as-cj.spdl
deleted file mode 100644
index b393294a0e2524970c0bd0be27db7a38404ce592..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/splice-as-cj.spdl
+++ /dev/null
@@ -1,66 +0,0 @@
-# Clark and Jacob modified Hwang and Chen modified SPLICE/AS
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/spliceas3.html
-#
-# Note:
-# The assumptions made here do not comply with those in SPORE
-# SPORE assumes that the agents do not know the pk function, but only
-# their own public key values.
-# This can currently not be modelled.
-
-
-usertype TimeStamp, LifeTime;
-
-const inc,dec: Function;
-inversekeys (inc,dec);
-
-protocol spliceAS-CJ(I,R,S)
-{
- role I
- {
- fresh N1,N2: Nonce;
- fresh T: TimeStamp;
- fresh L: LifeTime;
-
- send_1(I,S, I, R, N1 );
- recv_2(S,I, S, {S, I, N1, R, pk(R)}sk(S) );
- send_3(I,R, I, R, {T, L, {I, N2}pk(R)}sk(I) );
- recv_6(R,I, R, I, {{N2}inc}pk(I) );
-
- claim_7(I, Secret, N2);
- claim_9(I, Niagree);
- claim_10(I, Nisynch);
- }
-
- role S
- {
- var N1,N3: Nonce;
-
- recv_1(I,S, I, R, N1 );
- send_2(S,I, S, {S, I, N1, R, pk(R)}sk(S) );
- recv_4(R,S, R, I, N3 );
- send_5(S,R, S, {S, R, N3, pk(I)}sk(S) );
- }
-
- role R
- {
- fresh N3: Nonce;
- var N2: Nonce;
- var T: TimeStamp;
- var L: LifeTime;
-
- var ni: Nonce;
- fresh nr: Nonce;
-
- recv_3(I,R, I, R, {T, L, {I, N2}pk(R)}sk(I) );
- send_4(R,S, R, I, N3 );
- recv_5(S,R, S, {S, R, N3, pk(I)}sk(S) );
- send_6(R,I, R, I, {{N2}inc}pk(I) );
-
- claim_8(R, Secret, N2);
- claim_11(R, Niagree);
- claim_12(R, Nisynch);
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/splice-as-hc.spdl b/Vagrant Files/shared/scyther/Protocols/splice-as-hc.spdl
deleted file mode 100644
index 2f975ad29dad1faaa6150ad4e56dfc83b9c20fb5..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/splice-as-hc.spdl
+++ /dev/null
@@ -1,61 +0,0 @@
-# Hwang and Chen Modified SPLICE/AS
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/spliceas2.html
-#
-
-
-usertype TimeStamp, LifeTime;
-
-const inc,dec: Function;
-inversekeys (inc,dec);
-
-protocol spliceAS-HC(I,R,S)
-{
- role I
- {
- fresh N1,N2: Nonce;
- fresh T: TimeStamp;
- fresh L: LifeTime;
-
- send_1(I,S, I, R, N1 );
- recv_2(S,I, S, {S, I, N1, R, pk(R)}sk(S) );
- send_3(I,R, I, R, {I, T, L, {N2}pk(R)}sk(I) );
- recv_6(R,I, R, I, {R, {N2}inc}pk(I) );
-
- claim_7(I, Secret, N2);
- claim_9(I, Niagree);
- claim_10(I, Nisynch);
- }
-
- role S
- {
- var N1,N3: Nonce;
-
- recv_1(I,S, I, R, N1 );
- send_2(S,I, S, {S, I, N1, R, pk(R)}sk(S) );
- recv_4(R,S, R, I, N3 );
- send_5(S,R, S, {S, R, N3, I, pk(I)}sk(S) );
- }
-
- role R
- {
- fresh N3: Nonce;
- var N2: Nonce;
- var T: TimeStamp;
- var L: LifeTime;
-
- var ni: Nonce;
- fresh nr: Nonce;
-
- recv_3(I,R, I, R, {I, T, L, {N2}pk(R)}sk(I) );
- send_4(R,S, R, I, N3 );
- recv_5(S,R, S, {S, R, N3, I, pk(I)}sk(S) );
- send_6(R,I, R, I, {R, {N2}inc}pk(I) );
-
- claim_8(R, Secret, N2);
- claim_11(R, Niagree);
- claim_12(R, Nisynch);
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/splice-as.spdl b/Vagrant Files/shared/scyther/Protocols/splice-as.spdl
deleted file mode 100644
index b1d8e181dee03a611e57770eae47e84b0d9238f3..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/splice-as.spdl
+++ /dev/null
@@ -1,66 +0,0 @@
-# SPLICE/AS
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/spliceas.html
-#
-# Note:
-# The assumptions made here do not comply with those in SPORE
-# SPORE assumes that the agents do not know the pk function, but only
-# their own public key values.
-# This can currently not be modelled.
-
-
-usertype TimeStamp, LifeTime;
-
-const inc,dec: Function;
-inversekeys (inc,dec);
-
-protocol spliceAS(I,R,S)
-{
- role I
- {
- fresh N1,N2: Nonce;
- fresh T: TimeStamp;
- fresh L: LifeTime;
-
- send_1(I,S, I, R, N1 );
- recv_2(S,I, S, {S, I, N1, pk(R)}sk(S) );
- send_3(I,R, I, R, {I, T, L, {N2}pk(R)}sk(I) );
- recv_6(R,I, R, I, {R, {N2}inc}pk(I) );
-
- claim_7(I, Secret, N2);
- claim_9(I, Niagree);
- claim_10(I, Nisynch);
- }
-
- role S
- {
- var N1,N3: Nonce;
-
- recv_1(I,S, I, R, N1 );
- send_2(S,I, S, {S, I, N1, pk(R)}sk(S) );
- recv_4(R,S, R, I, N3 );
- send_5(S,R, S, {S, R, N3, pk(I)}sk(S) );
- }
-
- role R
- {
- fresh N3: Nonce;
- var N2: Nonce;
- var T: TimeStamp;
- var L: LifeTime;
-
- var ni: Nonce;
- fresh nr: Nonce;
-
- recv_3(I,R, I, R, {I, T, L, {N2}pk(R)}sk(I) );
- send_4(R,S, R, I, N3 );
- recv_5(S,R, S, {S, R, N3, pk(I)}sk(S) );
- send_6(R,I, R, I, {R, {N2}inc}pk(I) );
-
- claim_8(R, Secret, N2);
- claim_11(R, Niagree);
- claim_12(R, Nisynch);
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/tmn.spdl b/Vagrant Files/shared/scyther/Protocols/tmn.spdl
deleted file mode 100644
index c6fb55fecbe88e8ce642f86260ee5bceca08b443..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/tmn.spdl
+++ /dev/null
@@ -1,51 +0,0 @@
-# TMN
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/tmn.html
-#
-# Note:
-# According to Boyd and Mathuria Kb is the session key this is not clear
-# from the description in SPORE
-usertype SessionKey;
-
-const Fresh: Function;
-const Compromised: Function;
-
-protocol tmn(I,R,S)
-{
- role I
- {
- fresh Ki: SessionKey;
- var Kr: SessionKey;
-
- send_1(I,S, R,{Ki}pk(S) );
- recv_4(S,I, R,{Kr}Ki );
-
- claim_I1(I,Secret,Kr);
- claim_I2(I,Nisynch);
- claim_I3(I,Empty,(Fresh,Kr));
- }
-
- role R
- {
- fresh Kr: SessionKey;
-
- recv_2(S,R, I );
- send_3(R,S, I, { Kr }pk(S) );
-
- claim_R1(R,Secret,Kr);
- claim_R2(R,Nisynch);
- claim_R3(R,Empty,(Fresh,Kr));
- }
-
- role S
- {
- var Ki,Kr: SessionKey;
-
- recv_1(I,S, R,{Ki}pk(S) );
- send_2(S,R, I );
- recv_3(R,S, I, { Kr }pk(S) );
- send_4(S,I, R,{Kr}Ki );
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/wmf-lowe.spdl b/Vagrant Files/shared/scyther/Protocols/wmf-lowe.spdl
deleted file mode 100644
index 86b34e314d8042531df77a01926f8a38f3739d31..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/wmf-lowe.spdl
+++ /dev/null
@@ -1,63 +0,0 @@
-# Lowe modified Wide Mouthed Frog
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/wideMouthedFrogLowe.html
-#
-# Note:
-# According to SPORE there are no known attacks on this protocol, scyther
-# finds one however this has to do with the unusual assumption that every
-# agent can recognise and will reject to messages that it has created
-# itself.
-
-usertype SessionKey;
-usertype TimeStamp;
-usertype ExpiredTimeStamp;
-const succ,pred: Function;
-inversekeys (succ,pred);
-const Fresh: Function;
-const Compromised: Function;
-
-protocol wmf-Lowe(I,R,S)
-{
- role I
- {
- fresh Kir: SessionKey;
- fresh Ti: TimeStamp;
- var Kr: SessionKey;
- var Nr: Nonce;
-
- send_1(I,S, I, {Ti, R, Kir}k(I,S));
- recv_3(R,I,{Nr}Kir);
- send_4(I,R,{{Nr}succ}Kir);
-
- claim_I1(I,Secret,Kir);
- claim_I2(I,Nisynch);
- claim_I3(I,Empty,(Fresh,Kir));
- }
-
- role R
- {
- var Ts: TimeStamp;
- var Kir: SessionKey;
- fresh Nr: Nonce;
-
- recv_2(S,R, {Ts, I, Kir}k(R,S) );
- send_3(R,I, {Nr}Kir);
- recv_4(I,R, {{Nr}succ}Kir);
-
- claim_R1(R,Secret,Kir);
- claim_R2(R,Nisynch);
- claim_R3(R,Empty,(Fresh,Kir));
- }
-
- role S
- {
- var Kir: SessionKey;
- fresh Ts: TimeStamp;
- var Ti: TimeStamp;
-
- recv_1(I,S, I,{Ti, R, Kir}k(I,S) );
- send_2(S,R, {Ts, I, Kir}k(R,S));
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/wmf.spdl b/Vagrant Files/shared/scyther/Protocols/wmf.spdl
deleted file mode 100644
index 758843ad8db42af3b4250060d47b14d88444938f..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/wmf.spdl
+++ /dev/null
@@ -1,54 +0,0 @@
-# Wide Mouthed Frog
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/wideMouthedFrog.html
-#
-# Note
-# The name of the party that has generated a message was added in order
-# to model the property described in SPORE that an agent can identify
-# its own messages and will reject them.
-
-usertype SessionKey;
-usertype TimeStamp;
-usertype ExpiredTimeStamp;
-
-const Fresh: Function;
-const Compromised: Function;
-
-protocol wmf(I,R,S)
-{
- role I
- {
- fresh Kir: SessionKey;
- fresh Ti: TimeStamp;
- var Kr: SessionKey;
-
- send_1(I,S, I, {I, Ti, R, Kir}k(I,S));
-
- claim_I1(I,Secret,Kir);
- claim_I2(I,Empty,(Fresh,Kir));
- }
-
- role R
- {
- var Ts: TimeStamp;
- var Kir: SessionKey;
-
- recv_2(S,R, {S, Ts, I, Kir}k(R,S) );
-
- claim_R1(R,Secret,Kir);
- claim_R2(R,Nisynch);
- claim_R3(R,Empty,(Fresh,Kir));
- }
-
- role S
- {
- var Kir: SessionKey;
- fresh Ts: TimeStamp;
- var Ti: TimeStamp;
-
- recv_1(I,S, I,{I, Ti, R, Kir}k(I,S) );
- send_2(S,R, {S, Ts, I, Kir}k(R,S));
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/woo-lam-pi-1.spdl b/Vagrant Files/shared/scyther/Protocols/woo-lam-pi-1.spdl
deleted file mode 100644
index 7e4e09dc56a0317935e27247354bacd062a41d78..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/woo-lam-pi-1.spdl
+++ /dev/null
@@ -1,41 +0,0 @@
-# Woo and Lam Pi 1
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/wooLamPi1.html
-#
-
-protocol woolamPi-1(I,R,S)
-{
- role I
- {
- var Nr: Nonce;
-
- send_1(I,R, I);
- recv_2(R,I, Nr);
- send_3(I,R, {I,R,Nr}k(I,S));
-
- }
-
- role R
- {
- fresh Nr: Nonce;
- var T: Ticket;
-
- recv_1(I,R, I);
- send_2(R,I, Nr);
- recv_3(I,R, T);
- send_4(R,S, {I,R, T}k(R,S));
- recv_5(S,R, {I,R, Nr}k(R,S));
-
- claim_R1(R,Nisynch);
- }
-
- role S
- {
- var Nr: Nonce;
-
- recv_4(R,S, {I,R, {I,R,Nr}k(I,S)}k(R,S));
- send_5(S,R, {I,R,Nr}k(R,S));
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/woo-lam-pi-2.spdl b/Vagrant Files/shared/scyther/Protocols/woo-lam-pi-2.spdl
deleted file mode 100644
index 5d767d614d01b5755e0b81f4d2eade5f6cb3e776..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/woo-lam-pi-2.spdl
+++ /dev/null
@@ -1,41 +0,0 @@
-# Woo and Lam Pi 2
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/wooLamPi2.html
-#
-
-protocol woolamPi-2(I,R,S)
-{
- role I
- {
- var Nr: Nonce;
-
- send_1(I,R, I);
- recv_2(R,I, Nr);
- send_3(I,R, {I,Nr}k(I,S));
-
- }
-
- role R
- {
- fresh Nr: Nonce;
- var T: Ticket;
-
- recv_1(I,R, I);
- send_2(R,I, Nr);
- recv_3(I,R, T);
- send_4(R,S, {I, T}k(R,S));
- recv_5(S,R, {I, Nr}k(R,S));
-
- claim_R1(R,Nisynch);
- }
-
- role S
- {
- var Nr: Nonce;
-
- recv_4(R,S, {I, {I,Nr}k(I,S)}k(R,S));
- send_5(S,R, {I,Nr}k(R,S));
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/woo-lam-pi-3.spdl b/Vagrant Files/shared/scyther/Protocols/woo-lam-pi-3.spdl
deleted file mode 100644
index 1db544e1b58b303e4c51014525bef6096465416a..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/woo-lam-pi-3.spdl
+++ /dev/null
@@ -1,41 +0,0 @@
-# Woo and Lam Pi 2
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/wooLamPi3.html
-#
-
-protocol woolamPi-3(I,R,S)
-{
- role I
- {
- var Nr: Nonce;
-
- send_1(I,R, I);
- recv_2(R,I, Nr);
- send_3(I,R, {Nr}k(I,S));
-
- }
-
- role R
- {
- fresh Nr: Nonce;
- var T: Ticket;
-
- recv_1(I,R, I);
- send_2(R,I, Nr);
- recv_3(I,R, T);
- send_4(R,S, {I, T}k(R,S));
- recv_5(S,R, {I, Nr}k(R,S));
-
- claim_R1(R,Nisynch);
- }
-
- role S
- {
- var Nr: Nonce;
-
- recv_4(R,S, {I, {Nr}k(I,S)}k(R,S));
- send_5(S,R, {I,Nr}k(R,S));
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/woo-lam-pi-f.spdl b/Vagrant Files/shared/scyther/Protocols/woo-lam-pi-f.spdl
deleted file mode 100644
index 22f028c0e8edc3654b2f162471de803271f53228..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/woo-lam-pi-f.spdl
+++ /dev/null
@@ -1,41 +0,0 @@
-# Woo and Lam Pi f
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/wooLamPif.html
-#
-
-protocol woolamPi-f(I,R,S)
-{
- role I
- {
- var Nr: Nonce;
-
- send_1(I,R, I);
- recv_2(R,I, Nr);
- send_3(I,R, {I,R,Nr}k(I,S));
-
- }
-
- role R
- {
- fresh Nr: Nonce;
- var T: Ticket;
-
- recv_1(I,R, I);
- send_2(R,I, Nr);
- recv_3(I,R, T);
- send_4(R,S, {I, R, Nr, T}k(R,S));
- recv_5(S,R, {I, R, Nr}k(R,S));
-
- claim_R1(R,Nisynch);
- }
-
- role S
- {
- var Nr: Nonce;
-
- recv_4(R,S, {I, R, Nr,{I,R,Nr}k(I,S)}k(R,S));
- send_5(S,R, {I, R, Nr}k(R,S));
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/woo-lam-pi.spdl b/Vagrant Files/shared/scyther/Protocols/woo-lam-pi.spdl
deleted file mode 100644
index 0c01c27968bc9d7d61f7ba99f48893a2e136b640..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/woo-lam-pi.spdl
+++ /dev/null
@@ -1,45 +0,0 @@
-# Woo and Lam Pi
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/wooLamPi.html
-#
-# Note:
-# Scyther finds an attack that appears to be legit, but is not present in
-# SPORE.
-#
-
-protocol woolamPi(I,R,S)
-{
- role I
- {
- var Nr: Nonce;
-
- send_1(I,R, I);
- recv_2(R,I, Nr);
- send_3(I,R, {Nr}k(I,S));
-
- }
-
- role R
- {
- fresh Nr: Nonce;
- var T: Ticket;
-
- recv_1(I,R, I);
- send_2(R,I, Nr);
- recv_3(I,R, T);
- send_4(R,S, {I, T}k(R,S));
- recv_5(S,R, {Nr}k(R,S));
-
- claim_R1(R,Nisynch);
- }
-
- role S
- {
- var Nr: Nonce;
-
- recv_4(R,S, {I,{Nr}k(I,S)}k(R,S));
- send_5(S,R, {Nr}k(R,S));
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/woo-lam.spdl b/Vagrant Files/shared/scyther/Protocols/woo-lam.spdl
deleted file mode 100644
index 7e28057801d960a6e5dee165249df7a1b2320362..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/woo-lam.spdl
+++ /dev/null
@@ -1,64 +0,0 @@
-# Woo and Lam Mutual Authentication
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/wooLamMutual.html
-#
-
-
-usertype SessionKey;
-
-const Fresh: Function;
-const Compromised: Function;
-
-protocol woolam(I,R,S)
-{
- role I
- {
- fresh N1: Nonce;
- var Kir: SessionKey;
- var N2: Nonce;
-
- send_1(I,R, I, N1);
- recv_2(R,I, R, N2);
- send_3(I,R, {I, R, N1, N2}k(I,S));
- recv_6(R,I, {R, N1, N2, Kir}k(I,S), {N1,N2}Kir);
- send_7(I,R, {N2}Kir);
-
-
- claim_I1(I,Secret,Kir);
- claim_I2(I,Nisynch);
- claim_I3(I,Empty,(Fresh,Kir));
- }
-
- role R
- {
- fresh N2: Nonce;
- var N1: Nonce;
- var Kir: SessionKey;
- var T1,T2: Ticket;
-
- recv_1(I,R, I, N1);
- send_2(R,I, R, N2);
- recv_3(I,R, T1);
- send_4(R,S, T1, {I, R, N1, N2}k(R,S));
- recv_5(S,R, T2, {I, N1, N2, Kir}k(R,S));
- send_6(R,I, T2, {N1,N2}Kir);
- recv_7(I,R, {N2}Kir);
-
- claim_R1(R,Secret,Kir);
- claim_R2(R,Nisynch);
- claim_R3(R,Empty,(Fresh,Kir));
- }
-
- role S
- {
- fresh Kir: SessionKey;
- var N1,N2: Nonce;
-
- recv_4(R,S, {I, R, N1, N2}k(I,S), {I, R, N1, N2}k(R,S));
- send_5(S,R, {R, N1, N2, Kir}k(I,S), {I, N1, N2, Kir}k(R,S));
- }
-}
-
-
-
diff --git a/Vagrant Files/shared/scyther/Protocols/yahalom-ban.spdl b/Vagrant Files/shared/scyther/Protocols/yahalom-ban.spdl
deleted file mode 100644
index b865362c98d2a908d1f05e32a228bbb81daf7069..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/yahalom-ban.spdl
+++ /dev/null
@@ -1,54 +0,0 @@
-# BAN simplified version of Yahalom
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/yahalomBAN.html
-#
-
-usertype SessionKey;
-const Fresh: Function;
-const Compromised: Function;
-
-protocol yahalom-BAN(I,R,S)
-{
- role I
- {
- fresh Ni: Nonce;
- var Nr: Nonce;
- var T: Ticket;
- var Kir: SessionKey;
-
- send_1(I,R, I,Ni);
- recv_3(S,I, Nr, {R,Kir,Ni}k(I,S), T );
- send_4(I,R, T, {Nr}Kir );
-
- claim_I1(I, Secret,Kir);
- claim_I2(I, Nisynch);
- claim_I3(I, Empty, (Fresh,Kir));
- }
-
- role R
- {
- fresh Nr: Nonce;
- var Ni: Nonce;
- var T: Ticket;
- var Kir: SessionKey;
-
- recv_1(I,R, I,Ni);
- send_2(R,S, R, Nr, {I,Ni}k(R,S) );
- recv_4(I,R, {I,Kir,Nr}k(R,S) , {Nr}Kir );
-
- claim_R1(R, Secret,Kir);
- claim_R2(R, Nisynch);
- claim_R3(R, Empty, (Fresh,Kir));
- }
-
- role S
- {
- fresh Kir: SessionKey;
- var Ni,Nr: Nonce;
-
- recv_2(R,S, R, Nr, {I,Ni}k(R,S) );
- send_3(S,I, Nr, {R,Kir,Ni}k(I,S), {I,Kir,Nr}k(R,S) );
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/yahalom-lowe.spdl b/Vagrant Files/shared/scyther/Protocols/yahalom-lowe.spdl
deleted file mode 100644
index 308a62abe081f271e859b6d8618f2084c685557d..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/yahalom-lowe.spdl
+++ /dev/null
@@ -1,52 +0,0 @@
-# Lowe's modified version of Yahalom
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/yahalomLowe.html
-#
-#
-
-usertype SessionKey;
-
-
-protocol yahalom-Lowe(I,R,S)
-{
- role I
- {
- fresh Ni: Nonce;
- var Nr: Nonce;
- var Kir: SessionKey;
-
- send_1(I,R, I,Ni);
- recv_3(S,I, {R,Kir,Ni,Nr}k(I,S) );
- send_5(I,R, {I, R, S, Nr}Kir );
-
- claim_I1(I, Secret,Kir);
- claim_I2(I, Nisynch);
- }
-
- role R
- {
- fresh Nr: Nonce;
- var Ni: Nonce;
- var Kir: SessionKey;
-
- recv_1(I,R, I,Ni);
- send_2(R,S, {I,Ni,Nr}k(R,S) );
- recv_4(S,R, {I,Kir}k(R,S));
- recv_5(I,R, {I, R, S, Nr}Kir);
-
- claim_R1(R, Secret,Kir);
- claim_R2(R, Nisynch);
- }
-
- role S
- {
- fresh Kir: SessionKey;
- var Ni,Nr: Nonce;
-
- recv_2(R,S, {I,Ni,Nr}k(R,S) );
- send_3(S,I, {R,Kir,Ni,Nr}k(I,S));
- send_4(S,R, {I,Kir}k(R,S));
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/yahalom-paulson.spdl b/Vagrant Files/shared/scyther/Protocols/yahalom-paulson.spdl
deleted file mode 100644
index a8dfe1e4400e0b18d8146af6a2930672e97d4b43..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/yahalom-paulson.spdl
+++ /dev/null
@@ -1,56 +0,0 @@
-# Paulson's strengthened version of Yahalom
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/yahalomPaulson.html
-#
-#
-
-const Fresh: Function;
-const Compromised: Function;
-
-usertype SessionKey;
-
-protocol yahalom-Paulson(I,R,S)
-{
- role I
- {
- fresh Ni: Nonce;
- var Nr: Nonce;
- var T: Ticket;
- var Kir: SessionKey;
-
- send_1(I,R, I,Ni);
- recv_3(S,I, Nr, {R,Kir,Ni}k(I,S), T );
- send_4(I,R, T, {Nr}Kir );
-
- claim_I1(I, Secret,Kir);
- claim_I2(I, Nisynch);
- claim_I3(I, Empty, (Fresh,Kir));
- }
-
- role R
- {
- fresh Nr: Nonce;
- var Ni: Nonce;
- var T: Ticket;
- var Kir: SessionKey;
-
- recv_1(I,R, I,Ni);
- send_2(R,S, R, Nr, {I,Ni}k(R,S) );
- recv_4(I,R, {I,R, Kir, Nr}k(R,S) , {Nr}Kir );
-
- claim_R1(R, Secret,Kir);
- claim_R2(R, Nisynch);
- claim_R3(R, Empty, (Fresh,Kir));
- }
-
- role S
- {
- fresh Kir: SessionKey;
- var Ni,Nr: Nonce;
-
- recv_2(R,S, R, Nr, {I,Ni}k(R,S) );
- send_3(S,I, Nr, {R,Kir,Ni}k(I,S), {I,R,Kir,Nr}k(R,S) );
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/Protocols/yahalom.spdl b/Vagrant Files/shared/scyther/Protocols/yahalom.spdl
deleted file mode 100644
index 063817fd13578148dc149004508f58ff1208364d..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Protocols/yahalom.spdl
+++ /dev/null
@@ -1,52 +0,0 @@
-# Yahalom
-#
-# Modelled after the description in the SPORE library
-# http://www.lsv.ens-cachan.fr/spore/yahalom.html
-#
-#
-
-usertype SessionKey;
-
-protocol yahalom(I,R,S)
-{
- role I
- {
- fresh Ni: Nonce;
- var Nr: Nonce;
- var T: Ticket;
- var Kir: SessionKey;
-
- send_1(I,R, I,Ni);
- recv_3(S,I, {R,Kir,Ni,Nr}k(I,S), T );
- send_4(I,R, T, {Nr}Kir );
-
- claim_I1(I, Secret,Kir);
- }
-
- role R
- {
- fresh Nr: Nonce;
- var Ni: Nonce;
- var T: Ticket;
- var Kir: SessionKey;
-
- recv_1(I,R, I,Ni);
- send_2(R,S, R, {I,Ni,Nr}k(R,S) );
- recv_4(I,R, {I,Kir}k(R,S) , {Nr}Kir );
-
- claim_R1(R, Secret,Kir);
- }
-
- role S
- {
- fresh Kir: SessionKey;
- var Ni,Nr: Nonce;
-
- recv_2(R,S, R, {I,Ni,Nr}k(R,S) );
- send_3(S,I, {R,Kir,Ni,Nr}k(I,S), {I,Kir}k(R,S) );
-
- claim(S, Secret, Ni);
- claim(S, Secret, Nr);
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/README.md b/Vagrant Files/shared/scyther/README.md
deleted file mode 100644
index 706df8d39fc2bbe14616a3a6bbd07a083b4d3229..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/README.md
+++ /dev/null
@@ -1,66 +0,0 @@
-The Scyther tool
-================
-
-Scyther is a tool for the symbolic analysis of security protocols. It is
-developed by Cas Cremers, and is available from
-<http://www.cs.ox.ac.uk/people/cas.cremers/scyther/index.html>.
-
-The below instructions apply only to the *distribution version* of
-the Scyther tool. If you are working from the source files, some paths may be
-slightly different, and it is recommended to follow the instructions in [../README.md](../README.md).
-
-Running the scyther tool
-------------------------
-
-### Graphical user interface ###
-
-The graphical user interface can be started by running `scyther-gui.py`,
-e.g., enter the following in a terminal and press return
-
- python ./scyther-gui.py
-
-### Command-line usage ###
-
-In the directory `./Scyther` there should be an executable for the
-Scyther backend. Its name depends on the platform:
-
- * `scyther-linux` (Linux)
- * `scyther-w32` (Windows)
- * `scyther-mac` (Mac OS X)
-
-If this executable does not exist, you probably downloaded the source
-files, and will need to compile it first. See `../README.md` for further
-details.
-
-There are also various test scripts (for usage in Linux) in this
-directory.
-
-Obtaining the sources
-----------------------
-
-Scyther is being developed on *Github*, and its complete source files are
-availabe from
-<https://github.com/cascremers/scyther>.
-
-Manual
-------
-
-We are currently rewriting the manual. The current (incomplete)
-distribution version of the manual can be found here:
-
- * [./scyther-manual.pdf](scyther-manual.pdf)
-
-
-Protocol Models
----------------
-
-The protocol models have the extension `.spdl` and can be found in the following directories:
-
- * [./Protocols](Protocols) and its subdirectories.
-
-License
--------
-
-Currently the Scyther tool is licensed under the GPL 2, as indicated in
-the source code. Contact Cas Cremers if you have any questions.
-
diff --git a/Vagrant Files/shared/scyther/Scripts/regression-test.py b/Vagrant Files/shared/scyther/Scripts/regression-test.py
deleted file mode 100644
index beabc7401a41f03adaac01670a93a0854594bb71..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Scripts/regression-test.py
+++ /dev/null
@@ -1,91 +0,0 @@
-#!/usr/bin/env python
-
-"""
- Scyther : An automatic verifier for security protocols.
- Copyright (C) 2007-2013 Cas Cremers
-
- This program is free software; you can redistribute it and/or
- modify it under the terms of the GNU General Public License
- as published by the Free Software Foundation; either version 2
- of the License, or (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-"""
-
-def testSet(blacklist=[]):
- import os
-
- prefix = "../Protocols/"
- dl = os.listdir(prefix)
- fl = []
- for fn in dl:
- if fn.endswith(".spdl"):
- okay = True
- for fb in blacklist:
- if fn.startswith(fb):
- okay = False
- break
- if okay:
- fl.append((prefix,fn))
- return fl
-
-def evaluate(fn,prefix=""):
- import subprocess
- import tempfile
-
- cmd = "../Scyther/scyther-linux"
- args = [cmd,"--max-runs=4","--plain",fn]
-
- fstdout = tempfile.TemporaryFile()
- fstderr = tempfile.TemporaryFile()
-
- subprocess.call(args,stdout=fstdout,stderr=fstderr)
-
- fstdout.seek(0)
- fstderr.seek(0)
-
- res = ""
- for l in fstdout.xreadlines():
- res += prefix + l.strip() + "\n"
- #for l in fstderr.xreadlines():
- # print l
-
- fstdout.close()
- fstderr.close()
- return res
-
-
-def main():
- dest = "regression-test.txt"
- output = "regression-test.txt.tmp"
-
- fp = open(output, 'w')
-
- fl = testSet(blacklist=['ksl'])
- cnt = 1
- tres = ""
- for (prefix,fn) in sorted(fl):
- print "Evaluating %s (%i/%i)" % (fn,cnt,len(fl))
- res = evaluate(prefix+fn, "%s\t" % (fn))
- fp.write(res)
- tres += res
- cnt += 1
- fp.close()
-
- fp = open(dest, 'w')
- fp.write(tres)
- fp.close()
-
- print res
-
-
-
-if __name__ == '__main__':
- main()
diff --git a/Vagrant Files/shared/scyther/Scripts/regression-test.txt b/Vagrant Files/shared/scyther/Scripts/regression-test.txt
deleted file mode 100644
index 3fa247fe3833c1427d9322dab08b5fb6eb34ceb6..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Scripts/regression-test.txt
+++ /dev/null
@@ -1,64 +0,0 @@
-BKE.spdl claim bke,I SKR_4 kir Ok [no attack within bounds]
-BKE.spdl claim bke,R SKR_7 kir Ok [no attack within bounds]
-TLS-Paulson.spdl claim tlspaulson,a SKR_9a hash(sid,hash(pms,na,nb),na,pa,a,nb,pb,b,true) Ok [no attack within bounds]
-TLS-Paulson.spdl claim tlspaulson,a SKR_9b hash(sid,hash(pms,na,nb),na,pa,a,nb,pb,b,false) Ok [no attack within bounds]
-TLS-Paulson.spdl claim tlspaulson,b SKR_10a hash(sid,hash(pms,na,nb),na,pa,a,nb,pb,b,true) Ok [no attack within bounds]
-TLS-Paulson.spdl claim tlspaulson,b SKR_10b hash(sid,hash(pms,na,nb),na,pa,a,nb,pb,b,false) Ok [no attack within bounds]
-ccitt509-1.spdl claim ccitt509-1,R Nisynch_3 - Ok [proof of correctness]
-ccitt509-1c.spdl claim ccitt509-1c,R Nisynch_3 - Ok [proof of correctness]
-ccitt509-3.spdl claim ccitt509-3,I Nisynch_I1 - Ok [proof of correctness]
-ccitt509-3.spdl claim ccitt509-3,I Secret_I2 Ya Ok [proof of correctness]
-ccitt509-3.spdl claim ccitt509-3,I Secret_I3 Yb Ok [proof of correctness]
-ccitt509-3.spdl claim ccitt509-3,R Nisynch_R1 - Fail [at least 3 attacks]
-ccitt509-3.spdl claim ccitt509-3,R Secret_R2 Ya Ok [no attack within bounds]
-ccitt509-3.spdl claim ccitt509-3,R Secret_R3 Yb Ok [no attack within bounds]
-ccitt509-ban3.spdl claim ccitt509-ban3,I Nisynch_4 - Ok [proof of correctness]
-ccitt509-ban3.spdl claim ccitt509-ban3,R Nisynch_5 - Ok [no attack within bounds]
-needham-schroeder-lowe.spdl claim needhamschroederpk-Lowe,I Secret_I1 Ni Ok [no attack within bounds]
-needham-schroeder-lowe.spdl claim needhamschroederpk-Lowe,I Secret_I2 Nr Ok [no attack within bounds]
-needham-schroeder-lowe.spdl claim needhamschroederpk-Lowe,I Nisynch_I3 - Fail [at least 3 attacks]
-needham-schroeder-lowe.spdl claim needhamschroederpk-Lowe,R Secret_R1 Nr Ok [no attack within bounds]
-needham-schroeder-lowe.spdl claim needhamschroederpk-Lowe,R Secret_R2 Ni Ok [no attack within bounds]
-needham-schroeder-lowe.spdl claim needhamschroederpk-Lowe,R Nisynch_R3 - Fail [at least 3 attacks]
-needham-schroeder.spdl claim needhamschroederpk,I Secret_I1 Ni Ok [no attack within bounds]
-needham-schroeder.spdl claim needhamschroederpk,I Secret_I2 Nr Ok [no attack within bounds]
-needham-schroeder.spdl claim needhamschroederpk,I Nisynch_I3 - Fail [at least 3 attacks]
-needham-schroeder.spdl claim needhamschroederpk,R Secret_R1 Nr Fail [at least 5 attacks]
-needham-schroeder.spdl claim needhamschroederpk,R Secret_R2 Ni Fail [at least 5 attacks]
-needham-schroeder.spdl claim needhamschroederpk,R Nisynch_R3 - Fail [at least 3 attacks]
-smartright.spdl claim smartright,R Nisynch_R1 - Fail [at least 1 attack]
-splice-as-cj.spdl claim spliceAS-CJ,I Secret_7 N2 Ok [no attack within bounds]
-splice-as-cj.spdl claim spliceAS-CJ,I Niagree_9 - Fail [at least 1 attack]
-splice-as-cj.spdl claim spliceAS-CJ,I Nisynch_10 - Fail [at least 1 attack]
-splice-as-cj.spdl claim spliceAS-CJ,R Secret_8 N2 Ok [no attack within bounds]
-splice-as-cj.spdl claim spliceAS-CJ,R Niagree_11 - Fail [at least 1 attack]
-splice-as-cj.spdl claim spliceAS-CJ,R Nisynch_12 - Fail [at least 1 attack]
-splice-as-hc.spdl claim spliceAS-HC,I Secret_7 N2 Ok [no attack within bounds]
-splice-as-hc.spdl claim spliceAS-HC,I Niagree_9 - Fail [at least 1 attack]
-splice-as-hc.spdl claim spliceAS-HC,I Nisynch_10 - Fail [at least 1 attack]
-splice-as-hc.spdl claim spliceAS-HC,R Secret_8 N2 Ok [no attack within bounds]
-splice-as-hc.spdl claim spliceAS-HC,R Niagree_11 - Fail [at least 1 attack]
-splice-as-hc.spdl claim spliceAS-HC,R Nisynch_12 - Fail [at least 1 attack]
-splice-as.spdl claim spliceAS,I Secret_7 N2 Ok [no attack within bounds]
-splice-as.spdl claim spliceAS,I Niagree_9 - Fail [at least 1 attack]
-splice-as.spdl claim spliceAS,I Nisynch_10 - Fail [at least 1 attack]
-splice-as.spdl claim spliceAS,R Secret_8 N2 Ok [no attack within bounds]
-splice-as.spdl claim spliceAS,R Niagree_11 - Fail [at least 1 attack]
-splice-as.spdl claim spliceAS,R Nisynch_12 - Fail [at least 1 attack]
-woo-lam-pi-1.spdl claim woolamPi-1,R Nisynch_R1 - Fail [at least 2 attacks]
-woo-lam-pi-2.spdl claim woolamPi-2,R Nisynch_R1 - Fail [at least 3 attacks]
-woo-lam-pi-3.spdl claim woolamPi-3,R Nisynch_R1 - Fail [at least 2 attacks]
-woo-lam-pi-f.spdl claim woolamPi-f,R Nisynch_R1 - Fail [at least 1 attack]
-woo-lam-pi.spdl claim woolamPi,R Nisynch_R1 - Fail [at least 2 attacks]
-yahalom-ban-paulson-modified.spdl claim yahalom-BAN-Paulson-modified,A Secret_5 kab Ok [no attack within bounds]
-yahalom-ban-paulson-modified.spdl claim yahalom-BAN-Paulson-modified,B Secret_6 kab Ok [no attack within bounds]
-yahalom-ban-paulson.spdl claim yahalom-BAN-Paulson,A SKR_5 kab Ok [no attack within bounds]
-yahalom-ban-paulson.spdl claim yahalom-BAN-Paulson,B SKR_6 kab Ok [no attack within bounds]
-yahalom-lowe.spdl claim yahalom-Lowe,I Secret_I1 Kir Ok [proof of correctness]
-yahalom-lowe.spdl claim yahalom-Lowe,I Nisynch_I2 - Ok [proof of correctness]
-yahalom-lowe.spdl claim yahalom-Lowe,R Secret_R1 Kir Ok [proof of correctness]
-yahalom-lowe.spdl claim yahalom-Lowe,R Nisynch_R2 - Ok [no attack within bounds]
-yahalom.spdl claim yahalom,I Secret_I1 Kir Ok [no attack within bounds]
-yahalom.spdl claim yahalom,R Secret_R1 Kir Ok [no attack within bounds]
-yahalom.spdl claim yahalom,S Secret_S1 Ni Fail [at least 1 attack]
-yahalom.spdl claim yahalom,S Secret_S2 Nr Ok [no attack within bounds]
diff --git a/Vagrant Files/shared/scyther/Scripts/scytherview.py b/Vagrant Files/shared/scyther/Scripts/scytherview.py
deleted file mode 100644
index 99738673234fb3b223aabd92128f89e878981842..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Scripts/scytherview.py
+++ /dev/null
@@ -1,113 +0,0 @@
-#!/usr/bin/python
-"""
- Scyther : An automatic verifier for security protocols.
- Copyright (C) 2007-2013 Cas Cremers
-
- This program is free software; you can redistribute it and/or
- modify it under the terms of the GNU General Public License
- as published by the Free Software Foundation; either version 2
- of the License, or (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-"""
-
-#
-# Convert scyther dot output to a printable PDF and display it
-#
-# This is a simple hack to be able to quickly use the graphical output
-# of Scyther if one only has graphviz, but not elementtree and wxPython.
-#
-# Note 1: only works under Linux currently, because of silly assumptions
-# on temporary directories and pdf viewers.
-#
-# Note 2: this code assumes that both scyther-linux and dot can be found in the
-# environment (i.e. PATH variable)
-#
-import os,sys,commands
-import os.path
-
-tempcount = 0
-
-def generateTemp(extension='tmp'):
- # We need a temporary file to hold the generated postscript stuff before
- # it is converted to pdf
- global tempcount
-
- tempcount = tempcount + 1
- tmp = '/tmp/output_dot_%s_%i.%s' % (os.getpid(),tempcount,extension)
-
- try:
- os.unlink(tmp)
- except:
- pass
- return tmp
-
-def scyther_to_dotfile():
- """ Run Scyther, return dotfile name """
-
- mydir = os.path.dirname(__file__)
- scythername = os.path.join(mydir, "../Scyther/scyther-linux")
-
- args = " ".join(sys.argv[1:])
- tmpdotfile = generateTemp('dot')
-
- command = "%s --plain --dot-output %s > %s" % (scythername, args, tmpdotfile)
- output = commands.getoutput(command)
- return (output,tmpdotfile)
-
-def dotfile_to_pdffile(dotfile,outfile=None):
- """ Generate a PDF file (name is returned) from an input dotfile
- name """
-
- tmp = generateTemp('ps')
-
- # First split the input per digraph and call dot with -Gsize arguments to make
- # it fit to a landscape page
- dotdata = open(dotfile, "r")
- f = None
- for line in dotdata.xreadlines():
- if (line.find('digraph') == 0):
- f = os.popen("dot -Gsize='11.0,8.0' -Gratio=fill -Tps >>%s" % (tmp),'w')
- print >>f, line
- dotdata.close()
-
- if not f:
- return None
- f.close()
-
- if not outfile:
- outfile = generateTemp('pdf')
-
- # Now convert the resulting stuff to a pdf
- os.system('ps2pdf -sPAPERSIZE=a4 -g7014x5300 -r600 %s %s' % (tmp,outfile))
- #os.system('ps2pdf -g8300x6250 -r600 %s %s' % (tmp,outf))
-
- # And remove the temp file
- os.unlink(tmp)
-
- return outfile
-
-def main():
- (output,dotfile) = scyther_to_dotfile()
- print output
- pdffile = dotfile_to_pdffile(dotfile)
- os.unlink(dotfile)
- if pdffile:
- commands.getoutput("kpdf %s" % pdffile)
- os.unlink(pdffile)
- else:
- print "No graphs generated."
-
-if __name__ == '__main__':
- if len(sys.argv) > 1:
- main()
- else:
- print "Please provide the name of an input file."
-
diff --git a/Vagrant Files/shared/scyther/Scyther/.gitignore b/Vagrant Files/shared/scyther/Scyther/.gitignore
deleted file mode 100644
index c7e14a4cf54018ddb0f3361712aea1965fd4ba3e..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Scyther/.gitignore
+++ /dev/null
@@ -1,3 +0,0 @@
-scyther-mac
-scyther-linux
-scyther-w32.exe
diff --git a/Vagrant Files/shared/scyther/Scyther/Attack.py b/Vagrant Files/shared/scyther/Scyther/Attack.py
deleted file mode 100644
index d07ee6e50f7d35ac57c98bf154557f04bc968b2d..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Scyther/Attack.py
+++ /dev/null
@@ -1,71 +0,0 @@
-"""
- Scyther : An automatic verifier for security protocols.
- Copyright (C) 2007-2013 Cas Cremers
-
- This program is free software; you can redistribute it and/or
- modify it under the terms of the GNU General Public License
- as published by the Free Software Foundation; either version 2
- of the License, or (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-"""
-
-#
-# Attack
-#
-
-import Trace
-import Term
-#import Classification
-from Misc import *
-
-class Attack(object):
- def __init__(self):
- self.broken = []
- self.match = None
- self.initialKnowledge = []
- self.inverseKeys = []
- self.protocol = None
- self.semiTrace = Trace.SemiTrace()
- self.variables = []
- self.protocoldescr = {}
- self.id = None
- self.knowledge = None
- self.untrusted = []
- self.typeflaws = False
- self.commandline = ''
- self.scytherDot = None
- self.claim = None # refers to parent claim
-
- def getInvolvedAgents(self):
- result = []
- for run in self.semiTrace.runs:
- for agent in run.roleAgents.values():
- result.append(agent)
- return uniq(result)
-
- def buildKnowledge(self):
- if not self.knowledge:
- self.knowledge = Term.Knowledge(self)
- self.knowledge.buildKnowledge()
-
- def getPrecedingLabelSet(self,event):
- return self.protocoldescr[str(event.label[0])].getPrecedingLabelSet(event.label)
-
- def getPrecedingRoleSet(self,event):
- return self.protocoldescr[str(event.label[0])].getPrecedingRoleSet(event.label)
-
- #def classify(self):
- # classification = Classification.Classification(self)
- # classification.classifyClaims()
- # classification.classifyInitiations()
- # classification.classifyComplexity()
- # classification.classifyTypeflaws()
- # return classification
diff --git a/Vagrant Files/shared/scyther/Scyther/Claim.py b/Vagrant Files/shared/scyther/Scyther/Claim.py
deleted file mode 100644
index c0487894b4f7242507cdcaea53ea986f6a27663f..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Scyther/Claim.py
+++ /dev/null
@@ -1,197 +0,0 @@
-"""
- Scyther : An automatic verifier for security protocols.
- Copyright (C) 2007-2013 Cas Cremers
-
- This program is free software; you can redistribute it and/or
- modify it under the terms of the GNU General Public License
- as published by the Free Software Foundation; either version 2
- of the License, or (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-"""
-
-#
-# Claim
-#
-
-import Term
-
-def stateDescription(okay,n=1,caps=False):
- if okay:
- s = "trace pattern"
- if n != 1:
- s += "s"
- else:
- s = "attack"
- if n != 1:
- s += "s"
- if caps:
- s = s[0].upper() + s[1:]
- return s
-
-
-class Claim(object):
- def __init__(self):
- self.id = None # a unique id string, consisting of 'protocol,label'
- self.claimtype = None
- self.label = None
- self.shortlabel = None
- self.protocol = None
- self.role = None
- self.parameter = None
- self.failed = 0
- self.count = 0
- self.states = 0
- self.complete = False
- self.timebound = False
- self.attacks = []
- self.state = False # if true, it is a state, not an attack
- self.okay = None # true if good, false if bad
-
- # derived info
- self.foundstates = False
- self.foundproof = False
-
- def analyze(self):
-
- # determine short label
- # We need the rightmost thingy here
- label = self.label
- while isinstance(label,Term.TermTuple):
- label = label[1]
- self.shortlabel = label
-
- # determine id
- self.id = "%s,%s" % (self.protocol,self.shortlabel)
-
- # some additional properties
- if str(self.claimtype) == 'Reachable':
- self.state = True
- if self.failed > 0:
- self.foundstates = True
- if self.complete:
- self.foundproof = True
-
- # status
- # normally, with attacks, okay means none
- self.okay = (self.failed == 0)
- if self.state:
- # but the logic reverses when it is states and not
- # attacks...
- self.okay = (not self.okay)
-
- def stateName(self,count=1,caps=False):
- return stateDescription(self.state,count,caps)
-
- def getRank(self):
- """
- Return claim rank
- 0 - really failed
- 1 - probably failed
- 2 - probably okay
- 3 - really okay
- """
- n = len(self.attacks)
- if not self.okay:
- # not okay
- if (self.state and self.complete) or ((not self.state) and (n > 0)):
- return 0
- else:
- return 1
- else:
- # okay!
- if not ((self.state and (n > 0)) or ((not self.state) and self.complete)):
- return 2
- else:
- return 3
-
- def getVerified(self):
- """
- returns an element of [None,'Verified','Falsified']
- """
- opts = ['Falsified',None,None,'Verified']
- return opts[self.getRank()]
-
-
- def getColour(self):
- """
- Returns a colour that expresses the state
- """
- colours = ['#FF0000',
- '#800000',
- '#005800',
- '#00B000']
- return colours[self.getRank()]
-
- def getOkay(self):
- """
- Returns a very brief statement about the claim.
-
- Originally the two mid options had a question mark appended, but
- from a users' point of view this might only be more confusing,
- so I took them out again.
- """
- colours = ['Fail',
- 'Fail',
- 'Ok',
- 'Ok']
- return colours[self.getRank()]
-
- def getComment(self):
- """
- returns a sentence describing the results for this claim
- """
- n = len(self.attacks)
- atxt = self.stateName(n)
- remark = ""
- if not self.complete:
- if n == 0:
- # no attacks, no states within bounds
- remark = "No %s within bounds" % (atxt)
- else:
- # some attacks/states within bounds
- remark = "At least %i %s" % (n,atxt)
- else:
- if n == 0:
- # no attacks, no states
- remark = "No %s" % (atxt)
- else:
- # there exist n states/attacks (within any number of runs)
- remark = "Exactly %i %s" % (n,atxt)
- return remark + "."
-
- def triplet(self):
- """
- Return protocol,role,label triplet
- """
- return (self.protocol, self.role, self.shortlabel)
-
- def describe(self):
- s = str(self.claimtype)
- if self.parameter:
- s+= "(%s)" % self.parameter
-
- return s
-
- def roledescribe(self):
- return "%s: %s" % (self.role,self.describe())
-
- def __str__(self):
- """
- Resulting string
- """
- s = "claim id [%s], %s" % (self.id,self.describe())
-
- # determine status
- s+= "\t: %s" % self.getComment()
-
- return s
-
-
diff --git a/Vagrant Files/shared/scyther/Scyther/Error.py b/Vagrant Files/shared/scyther/Scyther/Error.py
deleted file mode 100644
index 88f5db8cb19cda4b053b3bc1b8d4abdb8ca22315..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Scyther/Error.py
+++ /dev/null
@@ -1,121 +0,0 @@
-#!/usr/bin/python
-"""
- Scyther : An automatic verifier for security protocols.
- Copyright (C) 2007-2013 Cas Cremers
-
- This program is free software; you can redistribute it and/or
- modify it under the terms of the GNU General Public License
- as published by the Free Software Foundation; either version 2
- of the License, or (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-"""
-
-#
-# Scyther interface error classes
-#
-
-#---------------------------------------------------------------------------
-
-class Error(Exception):
- """Base class for exceptions in this module."""
- pass
-
-class ScytherError(Error):
- """Exception raised for errors generated by the backend
-
- Attributes:
- errorlist -- list of error lines are retrieved from the
- backend
- """
-
- def __init__(self, errorlist,filenames=None,options=None):
- self.errorlist = errorlist
- self.filenames = filenames
- self.options = options
-
- def __str__(self):
- s = "Scyther backend reported errors"
- if len(self.filenames) == 0:
- s = s + " for unknown files."
- if len(self.filenames) == 1:
- s = s + " for file %s" % (self.filenames)
- if len(self.filenames) > 1:
- s = s + " for files %s" % (self.filenames)
- s = s + "\n"
- s = s + "Options: '%s'\n\n" % (self.options)
- S = s + "Error details:\n"
- s = s + "\n".join(self.errorlist)
- return s
-
-class InputError(Error):
- """Exception raised for errors in the input.
-
- Attributes:
- expression -- input expression in which the error occurred
- message -- explanation of the error
- """
-
- def __init__(self, expression, message):
- self.expression = expression
- self.message = message
-
-class BinaryError(Error):
- """Raised when the Scyther executable is not found.
-
- Attributes:
- file -- file location at which we should have been able to find it.
- """
-
- def __init__(self, file):
- self.file = file
-
- def __str__(self):
- return "Could not find Scyther executable at '%s'" % (self.file)
-
-
-class NoBinaryError(Error):
- """Raised when the Scyther executable is not defined.
-
- Attributes:
- None.
- """
-
- def __str__(self):
- return "Scyther class attribute 'program' was not defined."
-
-
-class UnknownPlatformError(Error):
- """Raised when the platform is not supported yet.
-
- Attributes:
- platform -- string describing the platform.
- """
-
- def __init__(self, platform):
- self.platform = platform
-
- def __str__(self):
- return "The %s platform is currently unsupported." % self.platform
-
-class StringListError(Error):
- """Raised when the a string should be a list of strings or a string
-
- Attributes:
- obj -- object that did not fit
- """
-
- def __init__(self, obj):
- self.obj = obj
-
- def __str__(self):
- return "Got '%s', which is type '%s' instead of a (list of) string." % (self.obj, type(self.obj))
-
-# vim: set ts=4 sw=4 et list lcs=tab\:>-:
diff --git a/Vagrant Files/shared/scyther/Scyther/FindDot.py b/Vagrant Files/shared/scyther/Scyther/FindDot.py
deleted file mode 100644
index c70c3ff413fea106d810ed81ab315bf246bd3758..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Scyther/FindDot.py
+++ /dev/null
@@ -1,129 +0,0 @@
-"""
- Scyther : An automatic verifier for security protocols.
- Copyright (C) 2007-2013 Cas Cremers
-
- This program is free software; you can redistribute it and/or
- modify it under the terms of the GNU General Public License
- as published by the Free Software Foundation; either version 2
- of the License, or (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-"""
-
-#
-# FindDot.py
-#
-# Since version 2.31, GraphViz no longer sets the PATH environment variable on Windows.
-# The sole reason of existence for this file is to solve this issue automatically if possible.
-
-#---------------------------------------------------------------------------
-""" Import externals """
-import sys
-import os
-#---------------------------------------------------------------------------
-""" Import internals """
-import Misc
-#---------------------------------------------------------------------------
-
-DOTLOCATION = None
-
-#---------------------------------------------------------------------------
-
-def testDot(fpath):
-
- try:
- cmd = "%s -V" % (fpath)
- (sts,sout,serr) = Misc.safeCommandOutput(cmd)
- if sts != -1:
- if "version" in sout + serr:
- return True
- except:
- pass
-
- return False
-
-#---------------------------------------------------------------------------
-
-def scanPrefix(pf,name):
-
- if pf.endswith("*"):
- import glob
-
- gl = glob.glob(pf)
- for pf in gl:
- for root,dirs,files in os.walk(pf):
- for d in dirs:
- npf = os.path.join(root,d)
- res = scanPrefix(npf,name)
- if res != None:
- return res
-
- return None
-
- fpath = os.path.join(pf,name)
- if len(pf) > 0:
- fpath = "\"%s\"" % (fpath)
- if testDot(fpath) == True:
- return fpath
-
- return None
-
-
-def scanLocations():
- if sys.platform.startswith("win"):
- prefixes = ["", \
- "C:\Program Files\Graphviz*", \
- "C:\Program Files (x86)\Graphviz*" ]
- name = "dot.exe"
- else:
- prefixes = [""]
- name = "dot"
-
- for pf in prefixes:
- path = scanPrefix(pf,name)
- if path != None:
- return path
-
- return None
-
-#---------------------------------------------------------------------------
-
-def findDot():
- global DOTLOCATION
-
- # Cache the results
- if DOTLOCATION != None:
- return DOTLOCATION
-
- DOTLOCATION = scanLocations()
- if DOTLOCATION == None:
- Misc.panic("""
-Could not find the required 'dot' program, which is part of the Graphviz suite.
-Please install it from http://www.graphviz.org/
-
-Ubuntu users: install the 'graphviz' package.
-
-Windows users: make sure that Graphviz is installed and
- that the location of the 'dot' program is in
- the PATH environment variable.
-
-Restarting your system may be needed for Scyther to locate any newly installed
-programs.
- """)
- return DOTLOCATION
-
-#---------------------------------------------------------------------------
-
-if __name__ == '__main__':
- Misc.panic(findDot())
-
-#---------------------------------------------------------------------------
-
-# vim: set ts=4 sw=4 et list lcs=tab\:>-:
diff --git a/Vagrant Files/shared/scyther/Scyther/Misc.py b/Vagrant Files/shared/scyther/Scyther/Misc.py
deleted file mode 100644
index e41abd8be8b78adf5da1a74bd3448dcee65effa5..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Scyther/Misc.py
+++ /dev/null
@@ -1,158 +0,0 @@
-"""
- Scyther : An automatic verifier for security protocols.
- Copyright (C) 2007-2013 Cas Cremers
-
- This program is free software; you can redistribute it and/or
- modify it under the terms of the GNU General Public License
- as published by the Free Software Foundation; either version 2
- of the License, or (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-"""
-
-#
-# Misc.py
-# Various helper functions
-
-#---------------------------------------------------------------------------
-
-""" Import externals """
-import sys
-import os.path
-try:
- from subprocess import Popen,PIPE
-except:
- panic("""
-Cannot import 'subprocess.Popen' module.
-
-You need at least Python 2.4 to use this program.
-""")
-
-#---------------------------------------------------------------------------
-
-def confirm(question):
- answer = ''
- while answer not in ('y','n'):
- print question,
- answer = raw_input().lower()
- return answer == 'y'
-
-def exists(func,list):
- return len(filter(func,list)) > 0
-
-def forall(func,list):
- return len(filter(func,list)) == len(list)
-
-def uniq(li):
- result = []
- for elem in li:
- if (not elem in result):
- result.append(elem)
- return result
-
-# Return a sorted copy of a list
-def sorted(li):
- result = li[:]
- result.sort()
- return result
-
-
-# ensurePath: wraps os.makedirs
-def ensurePath(pt):
- """
- Make sure the path exists: if not, create the directories one by one
-
- By example:
-
- Call with "dog/cat/bone" ensures that afterwards, this subdirectory structure (dog/cat/bone) exists, with 'bone' a directory.
- It ensures this by doing the procedure for "dog", then "dog/cat", etc...
- """
-
- if not os.path.isdir(pt):
- # Note that os.path.exists(pt) may still hold. In this case the next command will cause an error.
- os.makedirs(pt)
-
-
-# path
-def mypath(file):
- """ Construct a file path relative to the scyther-gui main directory
- """
- # Determine base directory (taking symbolic links into account)
- cmd_file = os.path.realpath(os.path.abspath(inspect.getfile( inspect.currentframe() )))
- basedir = os.path.split(cmd_file)[0]
- return os.path.join(basedir,file)
-
-def getShell():
- """
- Determine if we want a shell for Popen
- """
- if sys.platform.startswith("win"):
- shell=False
- else:
- # Needed to handle the string input correctly (as opposed to a sequence where the first element is the executable)
- # This is not needed on Windows, where it has a different effect altogether.
- # See http://docs.python.org/library/subprocess.html?highlight=subprocess#module-subprocess
- shell=True
- return shell
-
-def safeCommandOutput(cmd, storePopen=None):
- """ Execute a command and return (sts,sout,serr).
- Meant for short outputs, as output is stored in memory and
- not written to a file.
- """
- p = Popen(cmd, shell=getShell(), stdout=PIPE, stderr=PIPE)
- if storePopen != None:
- storePopen(p)
- (sout,serr) = p.communicate()
-
- return (p.returncode,sout,serr)
-
-def safeCommand(cmd, storePopen=None):
- """ Execute a command with some arguments. Safe cross-platform
- version, I hope. """
-
- try:
- p = Popen(cmd, shell=getShell())
- if storePopen != None:
- storePopen(p)
- sts = p.wait()
- except KeyboardInterrupt, EnvironmentError:
- raise
- except:
- print "Wile processing [%s] we had an" % (cmd)
- print "unexpected error:", sys.exc_info()[0]
- print
- sts = -1
- raise # For now still raise
-
- return sts
-
-
-def panic(text):
- """
- Errors that occur before we even are sure about wxPython etc. are dumped
- on the command line and reported using Tkinter.
- """
-
- try:
- import Tkinter
- except:
- print text
- sys.exit(-1)
-
- print text
-
- root = Tkinter.Tk()
- w = Tkinter.Label(root, justify=Tkinter.LEFT, padx = 10, text=text)
- w.pack()
- root.mainloop()
-
- sys.exit(-1)
-
diff --git a/Vagrant Files/shared/scyther/Scyther/Scyther.py b/Vagrant Files/shared/scyther/Scyther/Scyther.py
deleted file mode 100644
index 0de9bb6c597a59919d9a11df1de16aed34c6c406..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Scyther/Scyther.py
+++ /dev/null
@@ -1,648 +0,0 @@
-#!/usr/bin/python
-"""
- Scyther : An automatic verifier for security protocols.
- Copyright (C) 2007-2013 Cas Cremers
-
- This program is free software; you can redistribute it and/or
- modify it under the terms of the GNU General Public License
- as published by the Free Software Foundation; either version 2
- of the License, or (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-"""
-
-#
-# Scyther interface
-#
-
-#---------------------------------------------------------------------------
-
-""" Import externals """
-import os
-import os.path
-import sys
-import StringIO
-import tempfile
-try:
- import hashlib
- HASHLIB = True
-except ImportError:
- HASHLIB = False
- pass
-
-#---------------------------------------------------------------------------
-
-""" Import scyther components """
-import XMLReader
-import Error
-import Claim
-from Misc import *
-
-#---------------------------------------------------------------------------
-
-"""
-Globals
-"""
-
-FirstCheck = True
-
-#---------------------------------------------------------------------------
-
-"""
-Get current directory (for this file)
-"""
-def getMyDir():
- return os.path.dirname( os.path.realpath( __file__ ) )
-
-"""
-The default path for the binaries is the current one.
-"""
-def getBinDir():
- return getMyDir()
-
-"""
-Return Cache prefix path
-Returns None if not existent
-"""
-def getCacheDir():
-
- tmpdir = None
-
- # Check if user chose the path
- cachedirkey = "SCYTHERCACHEDIR"
- if cachedirkey in os.environ.keys():
- tmpdir = os.environ[cachedirkey]
- if tmpdir == "":
- # Special value: if the variable is present, but equals the empty string, we disable caching.
- return None
- else:
- # Otherwise take from path
- tmpdir = tempfile.gettempdir()
-
- # If not none, append special name
- if tmpdir != None:
- tmpdir = os.path.join(tmpdir,"Scyther-cache")
-
- return tmpdir
-
-
-
-#---------------------------------------------------------------------------
-
-def Check():
- """
- Various dynamic checks that can be performed before starting the
- backend.
- """
-
- global FirstCheck
-
- # First time
- if FirstCheck:
- """
- Perform any checks that only need to be done the first time.
- """
- FirstCheck = False
-
- # Every time
-
- # Check Scyther backend program availability
- program = getScytherBackend()
- CheckSanity(program)
-
-
-#---------------------------------------------------------------------------
-
-def CheckSanity(program):
- """
- This is where the existence is checked of the Scyther backend.
- """
-
- if not os.path.isfile(program):
- raise Error.BinaryError, program
-
-#---------------------------------------------------------------------------
-
-def EnsureString(x,sep=" "):
- """
- Takes a thing that is either a list or a string.
- Turns it into a string. If it was a list, <sep> is inserted, and the
- process iterats.
-
- TODO does not accept unicode yet, that is something that must be
- handled to or we run into wxPython problems eventually.
- """
- if type(x) is str:
- return x
-
- elif type(x) is list:
- newlist = []
- for el in x:
- newlist.append(EnsureString(el,sep))
- return sep.join(newlist)
-
- else:
- raise Error.StringListError, x
-
-
-#---------------------------------------------------------------------------
-
-def getScytherBackend():
- # Where is my executable?
- #
- # Auto-detect platform and infer executable name from that
- #
- if "linux" in sys.platform:
-
- """ linux """
- scythername = "scyther-linux"
-
- elif "darwin" in sys.platform:
-
- """ OS X """
- scythername = "scyther-mac"
-
- elif sys.platform.startswith('win'):
-
- """ Windows """
- scythername = "scyther-w32.exe"
-
- else:
-
- """ Unsupported"""
- raise Error.UnknownPlatformError, sys.platform
-
- program = os.path.join(getBinDir(),scythername)
- return program
-
-
-#---------------------------------------------------------------------------
-
-class Scyther(object):
- def __init__ ( self):
-
- # Init
- self.program = getScytherBackend()
- self.spdl = None
- self.inputfile = None
- self.filenames = []
- self.options = ""
- self.claims = None
- self.errors = None
- self.errorcount = 0
- self.warnings = None
- self.run = False
- self.output = None
- self.cmd = None
-
- # defaults
- self.xml = True # this results in a claim end, otherwise we simply get the output
-
- def setInput(self,spdl):
- self.spdl = spdl
- self.inputfile = None
- self.guessFileNames()
-
- def setFile(self,filename):
- self.inputfile = filename
- self.filenames = [self.inputfile]
- self.spdl = ""
- fp = open(filename,"r")
- for l in fp.readlines():
- self.spdl += l
- fp.close()
-
- def addFile(self,filename):
- self.inputfile = None
- if not self.spdl:
- self.spdl = ""
- fp = open(filename,"r")
- for l in fp.readlines():
- self.spdl += l
- fp.close()
- self.guessFileNames()
-
- def guessFileNames(self,spdl=None):
- """
- Try to extract filenames (well, actually, protocol names) sloppily from some spdl script.
-
- There are two modes:
-
- [init] : If the spdl parameter is empty or None, we reset the filenames and extract from self.spdl
- [add] : If the spdl parameter is non-empty, add the extracted filenames to an existing list
-
- """
-
- if (spdl == None) or (len(spdl) == 0):
- spdl = self.spdl
- if spdl == None:
- spdl = ""
- self.filenames = []
-
- for sl in spdl.splitlines():
- l = sl.strip()
- prefix = "protocol "
- postfix = "("
- x = l.find(prefix)
- if x >= 0:
- # The prefix occurs
- y = l.find(postfix,x+len(prefix))
- if y >= 0:
- gn = l[x+len(prefix):y]
- # check for helper protocols
- if not gn.startswith("@"):
- if gn not in self.filenames:
- self.filenames.append(gn)
-
- def addArglist(self,arglist):
- for arg in arglist:
- self.options += " %s" % (arg)
-
- def doScytherCommand(self, spdl, args, checkKnown=False, storePopen=None):
- """
- Cached version of the 'real' below
-
- TODO: CC: One possible problem with the caching is the side-effect, e.g., scyther writing to specific named output files. These are not
- captured in the cache. I don't have a good solution for that yet.
- """
- global HASHLIB
-
- # Can we use the cache?
- canCache = False
- if HASHLIB:
- cacheDir = getCacheDir()
- if cacheDir != None:
- canCache = True
- else:
- cacheDir = None
-
- # If we cannot use the cache, we either need to compute or, if checking for cache presense,...
- if not canCache:
- if checkKnown == True:
- # not using the cache, so we don't have it already
- return False
- else:
- # Need to compute
- return self.doScytherCommandReal(spdl,args, storePopen=storePopen)
-
- # Apparently we are supporsed to be able to use the cache
- m = hashlib.sha256()
- if spdl == None:
- m.update("[spdl:None]")
- else:
- m.update(spdl)
- if args == None:
- m.update("[args:None]")
- else:
- m.update(args)
-
- uid = m.hexdigest()
-
- # Split the uid to make 256 subdirectories with 256 subdirectories...
- prefixlen = 2
- uid1 = uid[:prefixlen]
- uid2 = uid[prefixlen:prefixlen+2]
- uid3 = uid[prefixlen+2:]
-
- # Possibly we could also decide to store input and arguments in the cache to analyze things later
-
- # Construct: cachePath/uid1/uid2/...
- path = os.path.join(cacheDir,uid1,uid2)
- name1 = "%s.out" % (uid3)
- name2 = "%s.err" % (uid3)
-
- fname1 = os.path.join(path, name1)
- fname2 = os.path.join(path, name2)
-
- try:
- """
- Try to retrieve the result from the cache
- """
- fh1 = open(fname1,"r")
- out = fh1.read()
- fh1.close()
- fh2 = open(fname2,"r")
- err = fh2.read()
- fh2.close()
- if checkKnown == True:
- # We got to here, so we have it
- return True
- else:
- # Not checking cache, we need the result
- return (out,err)
- except:
- pass
-
- """
- Something went wrong, do the real thing and cache afterwards
- """
- if checkKnown == True:
- # We were only checking, abort
- return False
-
- (out,err) = self.doScytherCommandReal(spdl,args, storePopen=storePopen)
-
- try:
- # Try to store result in cache
- ensurePath(path)
-
- fh1 = open(fname1,"w")
- fh1.write(out)
- fh1.close()
-
- fh2 = open(fname2,"w")
- fh2.write(err)
- fh2.close()
- except:
- pass
-
- return (out,err)
-
-
- def doScytherCommandReal(self, spdl, args, storePopen=None):
- """
- Run Scyther backend on the input
-
- Arguments:
- spdl -- string describing the spdl text
- args -- arguments for the command-line
- storePopen -- callback function to register Popen objects (used for process kill by other threads)
- Returns:
- (output,errors)
- output -- string which is the real output
- errors -- string which captures the errors
- """
-
- if self.program == None:
- raise Error.NoBinaryError
-
- # Sanitize input somewhat
- if spdl == "":
- # Scyther hickups on completely empty input
- spdl = "\n"
-
- # Extract filenames for error reporting later
- self.guessFileNames(spdl=spdl)
-
- # Generate temporary files for the output.
- # Requires Python 2.3 though.
- (fde,fne) = tempfile.mkstemp() # errors
- (fdo,fno) = tempfile.mkstemp() # output
- if spdl:
- (fdi,fni) = tempfile.mkstemp() # input
-
- # Write (input) file
- fhi = os.fdopen(fdi,'w+b')
- fhi.write(spdl)
- fhi.close()
-
- # Generate command line for the Scyther process
- self.cmd = ""
- self.cmd += "\"%s\"" % self.program
- self.cmd += " --append-errors=%s" % fne
- self.cmd += " --append-output=%s" % fno
- self.cmd += " %s" % args
- if spdl:
- self.cmd += " %s" % fni
-
- # Only for debugging, really
- ##print self.cmd
-
- # Start the process
- safeCommand(self.cmd, storePopen=storePopen)
-
- # reseek
- fhe = os.fdopen(fde)
- fho = os.fdopen(fdo)
- errors = fhe.read()
- output = fho.read()
-
- # clean up files
- fhe.close()
- fho.close()
- os.remove(fne)
- os.remove(fno)
- if spdl:
- os.remove(fni)
-
- return (output,errors)
-
- def sanitize(self):
- """ Sanitize some of the input """
- self.options = EnsureString(self.options)
-
- def verify(self,extraoptions=None,checkKnown=False,storePopen=None):
- """ Should return a list of results """
- """ If checkKnown == True, we do not call Scyther, but just check the cache, and return True iff the result is in the cache """
-
- # Cleanup first
- self.sanitize()
-
- # prepare arguments
- args = ""
- if self.xml:
- args += " --dot-output --xml-output --plain"
- args += " %s" % self.options
- if extraoptions:
- # extraoptions might need sanitizing
- args += " %s" % EnsureString(extraoptions)
-
- # Are we only checking the cache?
- if checkKnown == True:
- return self.doScytherCommand(self.spdl, args, checkKnown=checkKnown, storePopen=storePopen)
-
- # execute
- (output,errors) = self.doScytherCommand(self.spdl, args, storePopen=storePopen)
- self.run = True
-
- # process errors
- self.errors = []
- self.warnings = []
- for l in errors.splitlines():
- line = l.strip()
- if len(line) > 0:
- # filter out any non-errors (say maybe only claim etc) and count
- # them.
- if line.startswith("claim\t"):
- # Claims are lost, reconstructed from the XML output
- pass
- elif line.startswith("warning"):
- # Warnings are stored seperately
- self.warnings.append(line)
- else:
- # otherwise it is an error
- self.errors.append(line)
-
- self.errorcount = len(self.errors)
- if self.errorcount > 0:
- raise Error.ScytherError(self.errors,filenames=self.filenames,options=self.options)
-
- # process output
- self.output = output
- self.validxml = False
- self.claims = []
- if self.xml:
- if len(output) > 0:
- if output.startswith("<scyther>"):
-
- # whoohee, xml
- self.validxml = True
-
- xmlfile = StringIO.StringIO(output)
- reader = XMLReader.XMLReader()
- self.claims = reader.readXML(xmlfile)
-
- # Determine what should be the result
- if self.xml:
- return self.claims
- else:
- return self.output
-
- def verifyOne(self,cl=None,checkKnown=False,storePopen=None):
- """
- Verify just a single claim with an ID retrieved from the
- procedure below, 'scanClaims', or a full claim object
-
- If checkKnown is True, return if the result is already known (but never recompute).
- """
- if cl:
- # We accept either a claim or a claim id
- if isinstance(cl,Claim.Claim):
- cl = cl.id
- return self.verify("--filter=%s" % cl, checkKnown=checkKnown,storePopen=storePopen)
- else:
- # If no claim, then its just normal verification
- return self.verify(checkKnown=checkKnown,storePopen=storePopen)
-
- def scanClaims(self):
- """
- Retrieve the list of claims. Of each element (a claim), claim.id
- can be passed to --filter=X or 'verifyOne' later.
- A result of 'None' means that some errors occurred.
- """
- self.verify("--scan-claims")
- if self.errorcount > 0:
- return None
- else:
- self.validxml = False # Signal that we should not interpret the output as XML
- return self.claims
-
- def getClaim(self,claimid):
- if self.claims:
- for cl in self.claims:
- if cl.id == claimid:
- return cl
- return None
-
- def __str__(self):
- if self.run:
- if self.errorcount > 0:
- return "%i errors:\n%s" % (self.errorcount, "\n".join(self.errors))
- else:
- if self.xml and self.validxml:
- s = "Verification results:\n"
- for cl in self.claims:
- s += str(cl) + "\n"
- return s
- else:
- return self.output
- else:
- return "Scyther has not been run yet."
-
-#---------------------------------------------------------------------------
-
-def GetClaims(filelist, filterlist=None):
- """
- Given a list of file names in filelist,
- returns a dictionary of filenames to lists claim names.
- Filenames which yielded no claims are filtered out.
-
- Filterlist may be None or a list of claim names (Secret, SKR, Niagree etc).
- """
-
- dict = {}
- for fname in filelist:
- try:
- sc = Scyther()
- sc.setFile(fname)
- l = sc.scanClaims()
- if l != None:
- cl = []
- for claim in l:
- if filterlist == None:
- cl.append(claim.id)
- else:
- if claim.claimtype in filterlist:
- cl.append(claim.id)
- dict[fname] = cl
- except:
- pass
- return dict
-
-#---------------------------------------------------------------------------
-
-def FindProtocols(path="",filterProtocol=None):
- """
- Find a list of protocol names
-
- Note: Unix only! Will not work under windows.
- """
-
- import commands
-
- cmd = "find %s -iname '*.spdl'" % (path)
- plist = commands.getoutput(cmd).splitlines()
- nlist = []
- for prot in plist:
- if filterProtocol != None:
- if filterProtocol(prot):
- nlist.append(prot)
- else:
- nlist.append(prot)
- return nlist
-
-#---------------------------------------------------------------------------
-
-def GetInfo(html=False):
- """
- Retrieve a tuple (location,string) with information about the tool,
- retrieved from the --expert --version data
- """
-
- program = getScytherBackend()
- arg = "--expert --version"
- sc = Scyther()
- (output,errors) = sc.doScytherCommand(spdl=None, args=arg)
- if not html:
- return (program,output)
- else:
- sep = "<br>\n"
- html = "Backend: %s%s" % (program,sep)
- for l in output.splitlines():
- l.strip()
- html += "%s%s" % (l,sep)
- return html
-
-
-def GetLicense():
- """
- Retrieve license information.
- """
-
- program = getScytherBackend()
- arg = "--license"
- sc = Scyther()
- (output,errors) = sc.doScytherCommand(spdl=None, args=arg)
- return output
-
-
-#---------------------------------------------------------------------------
-
-# vim: set ts=4 sw=4 et list lcs=tab\:>-:
diff --git a/Vagrant Files/shared/scyther/Scyther/Term.py b/Vagrant Files/shared/scyther/Scyther/Term.py
deleted file mode 100644
index 9369aa24ebcf518003261f0a3aafcf0b695563a7..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Scyther/Term.py
+++ /dev/null
@@ -1,223 +0,0 @@
-"""
- Scyther : An automatic verifier for security protocols.
- Copyright (C) 2007-2013 Cas Cremers
-
- This program is free software; you can redistribute it and/or
- modify it under the terms of the GNU General Public License
- as published by the Free Software Foundation; either version 2
- of the License, or (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-"""
-
-#
-# Term
-#
-import Trace
-from Misc import *
-
-class InvalidTerm(TypeError):
- "Exception used to indicate that a given term is invalid"
-
-
-class Knowledge(object):
- def __init__(self,attack):
- self.attack = attack
- self.knowledge = []
-
- def getInverse(self,term):
- for pair in self.attack.inverseKeys:
- if term == pair[0]:
- return pair[1]
- if term == pair[1]:
- return pair[0]
-
- # Get the inverse key
- def getInverseKey(self,term):
- # First try to see if the entire term has an inverse
- result = self.getInverse(term)
- if result != None:
- return result
-
- # If it is an apply term, try to see if the function has an inverse
- if isinstance(term,TermApply):
- result = self.getInverse(term.function)
- if result != None:
- return TermApply(result,term.argument)
-
- # No inverse found, so term is its own inverse
- return term
-
- # Add a term to the knowledge
- def add(self,term):
- if term == None:
- return
- added = False
- for x in term.deriveTerms(self):
- if not x in self.knowledge:
- added = True
- self.knowledge.append(x)
-
- # Something new was added, maybe this can help us to decrypt a term
- # that we could not decrypt before
- if added:
- for x in self.knowledge:
- if isinstance(x,TermEncrypt):
- self.add(x)
-
- def canDerive(self,term):
- # We can derive free variables, because we can even choose them
- if isinstance(term,TermVariable) and term.isFree():
- return True
- # We can derive a term if it is in the knowledge
- # or all terms required to construct it are in the knowledge
- if exists(lambda x: x == term,self.knowledge):
- return True
- constructors = term.constructorTerms()
-
- if len(constructors) == 1 and constructors[0] == term:
- # This is a single term, there is no need to look at constructor
- # terms as we have already looked at the complete term
- return False
-
- return forall(lambda x: self.canDerive(x),constructors)
-
-
- # Knowledge is the initial knowledge and all messages in sends
- def buildKnowledge(self):
- self.knowledge = self.attack.initialKnowledge[:]
- for run in self.attack.semiTrace.runs:
- # Intruder actions do not add knowledge processing them
- # is a waste of time
- if run.intruder:
- continue
- for event in run:
- if isinstance(event,Trace.EventSend):
- self.add(event.message)
- self.add(event.fr)
- self.add(event.to)
-
-class Term(object):
- def __init__(self):
- self.types = None
-
- def __str__(self):
- raise InvalidTerm
-
- def constructorTerms(self):
- raise InvalidTerm
-
- def deriveTerms(self,knowledge):
- raise InvalidTerm
-
- # Two terms are equal when their string rep is equal
- def __cmp__(self,other):
- return cmp(str(self),str(other))
-
-
-class TermConstant(Term):
- def __init__(self, constant):
- Term.__init__(self)
- self.value = str(constant)
-
- def deriveTerms(self,knowledge):
- return [self]
-
- def constructorTerms(self):
- return [self]
-
- def __str__(self):
- return self.value
-
-class TermEncrypt(Term):
- def __init__(self, value, key):
- Term.__init__(self)
- self.value = value
- self.key = key
-
- def deriveTerms(self,knowledge):
- # In order to unpack an encrypted term we have to have the inverse key
- inverse = knowledge.getInverseKey(self.key)
- if knowledge.canDerive(inverse):
- return [self] + [self.value] + self.value.deriveTerms(knowledge)
- else:
- return [self]
-
- def constructorTerms(self):
- return [self.value,self.key]
-
- def __str__(self):
- return "{%s}%s" % (self.value, self.key)
-
-class TermApply(Term):
- def __init__(self, function, argument):
- Term.__init__(self)
- self.function = function
- self.argument = argument
-
- def constructorTerms(self):
- return [self.function,self.argument]
-
- def deriveTerms(self,knowledge):
- return [self]
-
- def __str__(self):
- return "%s(%s)" % (self.function, self.argument)
-
-class TermVariable(Term):
- def __init__(self, name, value):
- Term.__init__(self)
- self.name = name
- self.value = value
-
- def isFree(self):
- return self.value == None
-
- def constructorTerms(self):
- if self.value != None:
- return [self.value]
- else:
- return [self.name]
-
- def deriveTerms(self,knowledge):
- if self.value != None:
- return [self,self.value] + self.value.deriveTerms(knowledge)
- else:
- return [self,self.name]
-
- def __str__(self):
- if (self.value != None):
- return str(self.value)
- else:
- return str(self.name)
-
-class TermTuple(Term):
- def __init__(self, op1, op2):
- Term.__init__(self)
- self.op1 = op1
- self.op2 = op2
-
- def __str__(self):
- return "%s,%s" % (self.op1,self.op2)
-
- def constructorTerms(self):
- return [self.op1,self.op2]
-
- def deriveTerms(self,knowledge):
- return [self,self.op1,self.op2]+self.op1.deriveTerms(knowledge)+self.op2.deriveTerms(knowledge)
-
- def __getitem__(self,index):
- if index == 0:
- return self.op1
- elif index == 1:
- return self.op2
- else:
- return self.op2.__getitem__(index-1)
-
diff --git a/Vagrant Files/shared/scyther/Scyther/Trace.py b/Vagrant Files/shared/scyther/Scyther/Trace.py
deleted file mode 100644
index 31e31cc7be59e9a97da71df3415c3a29df28ad2f..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Scyther/Trace.py
+++ /dev/null
@@ -1,358 +0,0 @@
-"""
- Scyther : An automatic verifier for security protocols.
- Copyright (C) 2007-2013 Cas Cremers
-
- This program is free software; you can redistribute it and/or
- modify it under the terms of the GNU General Public License
- as published by the Free Software Foundation; either version 2
- of the License, or (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-"""
-
-#
-# Trace
-#
-from Misc import *
-
-class InvalidAction(TypeError):
- "Exception used to indicate that a given action is invalid"
-
-class InvalidEvent(TypeError):
- "Exception used to indicate that a given event is invalid"
-
-class SemiTrace(object):
- def __init__(self):
- self.runs = []
-
- def totalCount(self):
- count = 0
- for run in self.runs:
- count += len(run.eventList)
- return count
-
- def sortActions(self,actionlist):
- newlist = actionlist[:]
- newlist.sort(lambda x,y: self.getOrder(x,y))
- return newlist
-
- def getEnabled(self,previous):
- enabled = []
- for run in self.runs:
- for event in run:
- if event in previous or event in enabled:
- continue
- prec = self.getPrecedingEvents(event,previous)
- if len(prec) == 0:
- enabled.append(event)
- return enabled
-
- # Returns run,index tuples for all connections
- def getConnections(self,event,removeIntruder=False):
- if not removeIntruder:
- return event.follows
- result = []
- if event.run.intruder:
- for before in event.getBefore():
- result.extend(self.getConnections(before,removeIntruder))
-
- for x in event.follows:
- fol = self.getEvent(x)
- # If this is an intruder action descend into it
- if fol.run.intruder:
- result.extend(self.getConnections(fol,removeIntruder))
- else:
- result.append(x)
- return uniq(result)
-
- # Return the minimum set of preceding events for a given event
- # that is the events before this event in the same run and all
- # actions required by the partional ordering
- # If previous is non empty remove all events already in previous
- def getPrecedingEvents(self,event,previous=[]):
- # If it is cached return cached version
- if event.preceding != None:
- return filter(lambda x: x not in previous,event.preceding)
- preceding = []
- for prec in event.getBefore():
- preceding.append(prec)
- preceding.extend(self.getPrecedingEvents(prec))
- for x in event.follows:
- fol = self.getEvent(x)
- preceding.append(fol)
- preceding.extend(self.getPrecedingEvents(fol))
- preceding = uniq(preceding)
- event.preceding = preceding
- preceding = filter(lambda x: x not in previous,preceding)
- return preceding
-
- # Returns -1 if the first event has to be before the second one
- # +1 if the second event has to be before the first one
- # 0 if there is no order defined on the two events
- def getOrder(self,event1,event2):
- if (event1 in self.getPrecedingEvents(event2)):
- return -1
- if (event2 in self.getPrecedingEvents(event1)):
- return 1
- return 0
-
- # Get event by run id and index
- def getEvent(self,idx):
- (rid,index) = idx
- for run in self.runs:
- if run.id != rid:
- continue
- for event in run:
- if event.index == index:
- return event
- raise InvalidEvent
-
- # Get all claim events in the trace
- def getClaims(self):
- claims = []
- for run in self.runs:
- for event in run:
- if isinstance(event,EventClaim):
- claims.append(event)
- return claims
-
- # Returns a list of all initiation events in the semitrace
- def getInitiations(self):
- initiations = []
- for run in self.runs:
- # Initiations are runs of honest agents
- if (run.intruder):
- continue
- # Which contain no recvs before the first send
- for action in run:
- if (isinstance(action,EventRead)):
- break
- elif (isinstance(action,EventSend)):
- initiations.append(action)
- break
- return initiations
-
- # Get all runs performed by a specific agent
- def getAgentRuns(self,agent):
- result = []
- for run in self.runs:
- if run.getAgent() == agent:
- result.append(run)
- return result
-
- # Return a list of all runs that are parallel with this run
- def getParallelRuns(self,run):
- parallel = []
- first = run.getFirstAction()
- # Process all events that are before the end of the run
- for event in self.getPrecedingEvents(run.getLastAction()):
- # Only count those we haven't found yet
- if event.run in parallel or event.run == run:
- continue
- # If the event is also after the beginning of the run it is
- # parallel
- if self.getOrder(event,first) == 1:
- parallel.append(event.run)
- return parallel
-
- def getRun(self,runid):
- for run in self.runs:
- if run.id == runid:
- return run
- return None
-
-class ProtocolDescription(object):
- def __init__(self,protocol):
- self.protocol = protocol
- self.roledescr = {}
-
- # Find event by label
- def findEvent(self,eventlabel,eventType=None):
- for (role,descr) in self.roledescr.items():
- for event in descr:
- if event.label == eventlabel:
- if eventType == None or isinstance(event,eventType):
- return event
-
- # Return all events that should have occured before the given event
- # if the protocol is executed exactly as specified
- # (i.e. all previous events in the same run and the preceding events
- # of the matching sends of all reads)
- def getPrecedingEvents(self,eventlabel,eventType=None):
- event = self.findEvent(eventlabel,eventType)
- if event.preceding != None:
- return event.preceding
- preceding = event.getBefore()+[event]
- for prev in preceding:
- # For this event and all events that are before it in the run
- # description see if it is a read and if it is also add the
- # precedinglabelset of the matching send
- if (isinstance(prev,EventRead)):
- match = self.findEvent(prev.label,EventSend)
- if match:
- preceding.extend(self.getPrecedingEvents(match.label,EventSend))
- preceding = uniq(preceding)
- event.preceding = preceding
- return preceding
-
- # Calculate the preceding labelset that is all read events
- # that are in the precedingEvents of a certain event
- def getPrecedingLabelSet(self,eventlabel):
- events = self.getPrecedingEvents(eventlabel)
- events = filter(lambda x: isinstance(x,EventRead),events)
- return [x.label for x in events]
-
- # Calculate the roles in preceding labelset that is all roles that
- # that are in the precedingEvents of a certain event
- def getPrecedingRoleSet(self,eventlabel):
- events = self.getPrecedingEvents(eventlabel)
- roles = uniq([x.run.role for x in events])
- return roles
-
-
- def __str__(self):
- s = ''
- for x in self.roledescr.values():
- for e in x:
- s += str(e) + "\n"
- return s
-
-class Run(object):
- def __init__(self):
- self.id = None
- self.protocol = None
- self.role = None
- self.roleAgents = {}
- self.eventList = []
- self.intruder = False
- self.attack = None
- self.variables = []
-
- def __iter__(self):
- return iter(self.eventList)
-
- def getAgent(self):
- if self.intruder:
- return None
- return self.roleAgents[self.role]
-
- def getFirstAction(self):
- return self.eventList[0]
-
- def getLastAction(self):
- return self.eventList[-1]
-
- def collapseIntruder(self):
- """ TODO still working on this. """
- if self.intruder:
- shouldcollapse = False
- for ev in self:
- return
-
-class Event(object):
- def __init__(self,index,label,follows):
- self.index = index
- self.label = label
- self.follows = follows
- self.run = None
- self.preceding = None
- self.rank = None
-
- def shortLabel(self):
- try:
- return self.label[len(self.label)-1]
- except:
- return str(self.label)
-
- def getBefore(self):
- result = []
- for event in self.run:
- if (event == self):
- return result
- result.append(event)
- # This should never happen
- assert(False)
-
-class EventSend(Event):
- def __init__(self,index,label,follows,fr,to,message):
- Event.__init__(self,index,label,follows)
- self.fr = fr
- self.to = to
- self.message = message
-
- def __str__(self):
- if self.run.intruder:
- return "SEND(%s)" % self.message
- else:
- return "SEND_%s(%s,%s)" % (self.shortLabel(),self.to,self.message)
-
-class EventRead(Event):
- def __init__(self,index,label,follows,fr,to,message):
- Event.__init__(self,index,label,follows)
- self.fr = fr
- self.to = to
- self.message = message
-
- def __str__(self):
- if self.run.intruder:
- return "READ(%s)" % self.message
- else:
- return "READ_%s(%s,%s)" % (self.shortLabel(),self.fr, self.message)
-
-class EventClaim(Event):
- def __init__(self,index,label,follows,role,type,argument):
- Event.__init__(self,index,label,follows)
- self.role = role
- self.type = type
- self.argument = argument
- self.broken = None
-
- # A Claim should be ignored if there is an untrusted agent in the role
- # agents
- def ignore(self):
- for untrusted in self.run.attack.untrusted:
- if untrusted in self.run.roleAgents.values():
- return True
- return False
-
- # Return (protocol,role)
- def protocolRole(self):
- return "(%s,%s)" % (self.run.protocol,self.run.role)
-
- def argstr(self):
- if self.argument == None:
- return '*'
- else:
- return str(self.argument)
-
- def __str__(self):
- return "CLAIM_%s(%s, %s)" % (self.shortLabel(),self.type,self.argstr())
-
-class EventIntruder(Event):
- """
- Intruder event extensions (allows for collapsing attacks later)
- """
- def __init__(self,follows,message,key,result):
- Event.__init__(self,0,None,follows)
- self.follows = follows
- self.message = message
- self.key = key
- self.result = result
- self.intruder = True
-
-class EventDecr(EventIntruder):
- def __str__(self):
- return "DECR(%s, %s, %s)" % (self.message, self.key, self.result)
-
-class EventEncr(EventIntruder):
- def __str__(self):
- return "ENCR(%s, %s, %s)" % (self.message, self.key, self.result)
-
-
diff --git a/Vagrant Files/shared/scyther/Scyther/XMLReader.py b/Vagrant Files/shared/scyther/Scyther/XMLReader.py
deleted file mode 100644
index ebafc4767de133a32edd0a0c59a976896debee6a..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Scyther/XMLReader.py
+++ /dev/null
@@ -1,357 +0,0 @@
-"""
- Scyther : An automatic verifier for security protocols.
- Copyright (C) 2007-2013 Cas Cremers
-
- This program is free software; you can redistribute it and/or
- modify it under the terms of the GNU General Public License
- as published by the Free Software Foundation; either version 2
- of the License, or (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-"""
-
-#
-# XMLReader
-#
-# Note:
-# This requires python elementtree to work
-# See: http://effbot.org/zone/element-index.htm
-#
-# On Fedora Core you can install this by installing the python-elementtree rpm
-# Things will be a lot faster and consume less memory if you install the
-# cElementTree module
-#
-# In python 2.5 cElementTree is in the core, so you don't need to install
-# extra packages
-#
-
-import sys
-
-# Check for cElementTree presence. Otherwise use ElementTree.
-useiter = True
-try:
- # python 2.5 has cElementTree in the core
- import xml.etree.cElementTree as cElementTree
-except:
- # try the old way
- try:
- import cElementTree
- except ImportError:
- useiter = False
- try:
- from elementtree import ElementTree
- except ImportError:
- print """
-ERROR:
-
-Could not locate either the [elementtree] or the [cElementTree] package.
-Please install one of them in order to work with the Scyther python interface.
-The [cElementTree] packages can be found at http://effbot.org/zone/celementtree.htm
-
-Note that you can still use the Scyther binaries in the 'Bin' directory.
- """
- sys.exit(1)
-
-## Simply pick cElementTree
-#import cElementTree
-## Simply pick ElementTree
-#useiter = False
-#from elementtree import ElementTree
-
-import Term
-import Attack
-import Trace
-import Claim
-
-class XMLReader(object):
-
- def __init__ (self):
- self.varlist = []
- pass
-
- def readXML(self, input):
- # Use iter parse when possble so we can clear the attack after reading
- # it in order to preserve memory (this requires cElementTree)
-
- attackbuffer = []
- claims = []
-
- if useiter:
- parser = cElementTree.iterparse(input)
- else:
- parser = ElementTree.parse(input).findall('*')
-
- for elem in parser:
- # The iter parser receives the input in tuples (event and element)
- # we only need the event
- if useiter:
- elem = elem[1]
-
- if elem.tag == 'state':
- attack = self.readAttack(elem)
- attackbuffer.append(attack)
- if useiter:
- elem.clear()
-
- if elem.tag == 'claimstatus':
- claim = self.readClaim(elem)
- claim.attacks = attackbuffer
- claims.append(claim)
-
- # link to parent
- for attack in claim.attacks:
- attack.claim = claim
-
- attackbuffer = []
- if useiter:
- elem.clear()
-
- return claims
-
- # Read a term from XML
- def readTerm(self,xml):
- # If xml is None the term should also be none
- if xml == None:
- return None
- # If this is a term variable read it directly
- if (xml.tag in ('tuple','const','apply','encrypt','var')):
- return self.readSubTerm(xml)
- # Otherwise read from it's first child
- children = xml.getchildren()
- assert(len(children) == 1)
- return self.readSubTerm(children[0])
-
- def readSubTerm(self, tag):
- if tag.tag == 'tuple':
- return Term.TermTuple(self.readTerm(tag.find('op1')),self.readTerm(tag.find('op2')))
- elif tag.tag == 'const':
- return Term.TermConstant(tag.text)
- elif tag.tag == 'apply':
- return Term.TermApply(self.readTerm(tag.find('function')),self.readTerm(tag.find('arg')))
- elif tag.tag == 'encrypt':
- return Term.TermEncrypt(self.readTerm(tag.find('op')),self.readTerm(tag.find('key')))
- elif tag.tag == 'var':
- name = Term.TermConstant(tag.get('name'))
- # Instantiate this variable if possible (note this list is empty while reading
- # the variables section of the XML file)
- for inst in self.varlist:
- if inst.name == name:
- return inst
- # If it is not instantiated in varlist, just return a variable with this name and no
- # value
- return Term.TermVariable(name,None)
- else:
- raise Term.InvalidTerm, "Invalid term type in XML: %s" % tag.tag
-
- def readEvent(self,xml):
- label = self.readTerm(xml.find('label'))
- follows = xml.findall('follows')
- followlist = []
- for follow in follows:
- follow = follow.find('after')
- if follow == None:
- # Ignore follow definitions that do not contain after
- continue
- follow = (int(follow.get('run')),int(follow.get('index')))
- followlist.append(follow)
-
- (etype,index) = (xml.get('type'),int(xml.get('index')))
- if etype in ('send','read','recv'):
- fr = self.readTerm(xml.find('from'))
- to = self.readTerm(xml.find('to'))
- message = self.readTerm(xml.find('message'))
- if (etype == 'send'):
- return Trace.EventSend(index,label,followlist,fr,to,message)
- else:
- return Trace.EventRead(index,label,followlist,fr,to,message)
- elif xml.get('type') == 'claim':
- role = self.readTerm(xml.find('role'))
- etype = self.readTerm(xml.find('type'))
- argument = self.readTerm(xml.find('argument'))
- # Freshness claims are implemented as Empty claims with
- # (Fresh,Value) as arguments
- try:
- if etype == 'Empty' and argument[0] == 'Fresh':
- etype = Term.TermConstant('Fresh')
- argument = argument[1]
- elif etype == 'Empty' and argument[0] == 'Compromised':
- etype = Term.TermConstant('Compromised')
- argument = argument[1]
- except:
- pass
- return Trace.EventClaim(index,label,followlist,role,etype,argument)
- else:
- raise Trace.InvalidAction, "Invalid action in XML: %s" % (xml.get('type'))
-
- def readRun(self,xml):
- assert(xml.tag == 'run')
- run = Trace.Run()
- run.id = int(xml.find('runid').text)
- # TODO why is protocol name a term??
- run.protocol = str(self.readTerm(xml.find('protocol')))
- run.intruder = xml.find('protocol').get('intruder') == 'true'
- run.role = xml.find('rolename').text
- for role in xml.find('roleagents'):
- name = role.find('rolename').text
- agent = self.readTerm(role.find('agent'))
- run.roleAgents[name] = agent
- for eventxml in xml.find('eventlist'):
- action = self.readEvent(eventxml)
- action.run = run
- run.eventList.append(action)
- for variable in xml.find('variables'):
- # Read the variables one by one
- assert(variable.tag == 'variable')
- var = self.readTerm(variable.find('name').find('term'))
- var.types = self.readTypeList(variable.find('name'))
-
- substxml = variable.find('substitution')
- # Read substitution if present
- if substxml != None:
- subst = self.readTerm(substxml.find('term'))
- subst.types = self.readTypeList(substxml)
- newvar = Term.TermVariable(var.name,subst)
- newvar.types = var.types
- var = newvar
-
- run.variables.append(var)
- return run
-
- # Read protocol description for a certain role
- def readRoleDescr(self,xml):
- assert(xml.tag == 'role')
- run = Trace.Run()
- # We will need the last label later on to see if a
- # run is complete
- run.lastLabel = None
- run.role = xml.find('rolename').text
- for eventxml in xml.find('eventlist'):
- action = self.readEvent(eventxml)
- action.run = run
- run.eventList.append(action)
- run.lastLabel = action.label
- return run
-
- def readTypeList(self,xml):
- result = []
- vartypes = xml.find('type').find('termlist')
- for vartype in vartypes:
- # We will assume that types are simple strings
- result.append(str(self.readTerm(vartype)))
- return result
-
- def readClaim(self, xml):
- claim = Claim.Claim()
- for event in xml.getchildren():
- if event.tag == 'claimtype':
- claim.claimtype = self.readTerm(event)
- elif event.tag == 'label':
- # We store the full protocol,label construct for
- # consistency with the technical parts, so it is left to
- # the __str__ of claim to select the right element
- claim.label = self.readTerm(event)
- elif event.tag == 'protocol':
- claim.protocol = self.readTerm(event)
- elif event.tag == 'role':
- claim.role = self.readTerm(event)
- elif event.tag == 'parameter':
- claim.parameter = self.readTerm(event)
-
- elif event.tag == 'failed':
- claim.failed = int(event.text)
- elif event.tag == 'count':
- claim.count = int(event.text)
- elif event.tag == 'states':
- claim.states = int(event.text)
-
- elif event.tag == 'complete':
- claim.complete = True
- elif event.tag == 'timebound':
- claim.timebound = True
- else:
- print >>sys.stderr,"Warning unknown tag in claim: %s" % claim.tag
-
- claim.analyze()
- return claim
-
- def readAttack(self, xml):
- self.varlist = []
- attack = Attack.Attack()
- attack.id = int(xml.get('id'))
- # A state contains 4 direct child nodes:
- # broken, system, variables and semitrace
- # optionally a fifth: dot
- for event in xml.getchildren():
- if event.tag == 'broken':
- attack.broken.append((self.readTerm(event.find('claim')),
- self.readTerm(event.find('label'))))
- elif event.tag == 'system':
- attack.match = int(event.find('match').text)
- for term in event.find('commandline'):
- if attack.commandline != '':
- attack.commandline += ' '
- attack.commandline += term.text
- for term in event.find('untrusted').find('termlist'):
- attack.untrusted.append(str(self.readTerm(term)))
- for term in event.find('initialknowledge').find('termlist'):
- attack.initialKnowledge.append(self.readTerm(term))
- for keypair in event.find('inversekeys'):
- inverse = []
- for term in keypair:
- inverse.append(self.readTerm(term))
- assert(len(inverse) == 0 or len(inverse) == 2)
- attack.inverseKeys.append(inverse)
- # TODO why is protocol name a term??
- for protocolxml in event.findall('protocol'):
- protocol = str(self.readTerm(protocolxml.find('name')))
- descr = Trace.ProtocolDescription(protocol)
- attack.protocoldescr[protocol] = descr
- for rolexml in protocolxml.findall('role'):
- roledescr = self.readRoleDescr(rolexml)
- descr.roledescr[roledescr.role] = roledescr
-
- elif event.tag == 'semitrace':
- for runxml in event:
- run = self.readRun(runxml)
- run.attack = attack
- attack.semiTrace.runs.append(run)
-
- elif event.tag == 'dot':
- # Apparently Scyther already generated dot output,
- # store
- attack.scytherDot = event.text
-
- elif event.tag == 'variables':
- # Read the variables one by one
- for varxml in event:
- if varxml.get('typeflaw') == 'true':
- attack.typeflaws = True
- var = self.readTerm(varxml.find('name').find('term'))
- var.types = self.readTypeList(varxml.find('name'))
-
- substxml = varxml.find('substitution')
- # Read substitution if present
- if substxml != None:
- subst = self.readTerm(substxml.find('term'))
- subst.types = self.readTypeList(substxml)
- newvar = Term.TermVariable(var.name,subst)
- newvar.types = var.types
- var = newvar
-
- attack.variables.append(var)
-
- # When all have been read set self.varlist so that when
- # we read terms in the attacks they can be filled in using
- # this list
- self.varlist = attack.variables
- else:
- print >>sys.stderr,"Warning unknown tag in attack: %s" % event.tag
- return attack
-
diff --git a/Vagrant Files/shared/scyther/Scyther/__init__.py b/Vagrant Files/shared/scyther/Scyther/__init__.py
deleted file mode 100644
index 1fa659c3f150e2b87cd3c2451c68164162f6faf6..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Scyther/__init__.py
+++ /dev/null
@@ -1,29 +0,0 @@
-"""
- Scyther : An automatic verifier for security protocols.
- Copyright (C) 2007-2013 Cas Cremers
-
- This program is free software; you can redistribute it and/or
- modify it under the terms of the GNU General Public License
- as published by the Free Software Foundation; either version 2
- of the License, or (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-"""
-
-#
-# Init this module
-#
-# Set prefix for __all__
-#
-import Scyther
-
-# Provide scope
-__all__ = ["Scyther"]
-
diff --git a/Vagrant Files/shared/scyther/Time/test.py b/Vagrant Files/shared/scyther/Time/test.py
deleted file mode 100644
index 50ea49ec7de77543cbb04bbf243ac90ba6796e4a..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/Time/test.py
+++ /dev/null
@@ -1,63 +0,0 @@
-#!/usr/bin/python
-"""
- Scyther : An automatic verifier for security protocols.
- Copyright (C) 2008 Cas Cremers
-
- This program is free software; you can redistribute it and/or
- modify it under the terms of the GNU General Public License
- as published by the Free Software Foundation; either version 2
- of the License, or (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-"""
-
-#
-# test.py
-# experimenting with the constraint solver
-#
-# Ubuntu package: python-constraint
-#
-# http://labix.org/python-constraint
-#
-
-#---------------------------------------------------------------------------
-
-""" Import externals """
-import sys
-try:
- from constraint import *
-except:
- print "Could not import constraint solver module."
- print "For more information, visit"
- print " http://labix.org/python-constraint"
- sys.exit()
-
-#---------------------------------------------------------------------------
-
-def test():
- problem = Problem()
- problem.addVariables(range(0, 16), range(1, 16+1))
- problem.addConstraint(AllDifferentConstraint(), range(0, 16))
- problem.addConstraint(ExactSumConstraint(34), [0,5,10,15])
- problem.addConstraint(ExactSumConstraint(34), [3,6,9,12])
- for row in range(4):
- problem.addConstraint(ExactSumConstraint(34),
- [row*4+i for i in range(4)])
- for col in range(4):
- problem.addConstraint(ExactSumConstraint(34),
- [col+4*i for i in range(4)])
- solutions = problem.getSolutions()
- print solutions
-
-#---------------------------------------------------------------------------
-
-if __name__ == '__main__':
- test()
-
diff --git a/Vagrant Files/shared/scyther/batcher.sh b/Vagrant Files/shared/scyther/batcher.sh
deleted file mode 100644
index 6b430d39ae4c0b26b8563032c7609b97b1afa1cf..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/batcher.sh
+++ /dev/null
@@ -1,46 +0,0 @@
-#!/bin/sh
-#
-# batcher.sh
-#
-# usage: ./batcher.sh TEST_MPA_ARGUMENTS
-#
-# Tries to parallellize the jobs, and sends a mail afterwards
-
-echo "================================="
-echo " Phase 0: Setup"
-echo "================================="
-AWKSCRIPT=" { srand(); print int(1000000 * rand()) } "
-RND=`echo | awk "$AWKSCRIPT"`
-
-JOBNAME="test$RND"
-JSONFILE="$PWD/$JOBNAME.json"
-BATCHFILE="$PWD/$JOBNAME.sh"
-
-echo $JOBNAME
-echo $JSONFILE
-echo $BATCHFILE
-
-echo "================================="
-echo " Phase 1: generate jobs list"
-echo "================================="
-bsub -I -N -W 8:00 -J $JOBNAME ./test-mpa.py --pickle $JSONFILE $*
-
-echo "================================="
-echo " Phase 2a: precompute job outputs"
-echo "================================="
-# Each verification has a time limit of 600 seconds = 10 minutes
-# To fit in the one hour queue, that means 5 jobs maximum.
-bsub -I -N -W 8:00 -J $JOBNAME -oo $BATCHFILE ./make-bsub.py $JSONFILE 5 -W 1:00 -J $JOBNAME
-# Due to pending etc. the below may take a while.
-sleep 10
-bash $BATCHFILE
-echo "================================="
-echo " Phase 2b: perfom actual job"
-echo " (after precomputation is done"
-echo "================================="
-bsub -I -N -W 8:00 -J after$JOBNAME -w "ended($JOBNAME)" ./test-mpa.py $*
-
-
-echo "================================="
-echo " Done."
-echo "================================="
diff --git a/Vagrant Files/shared/scyther/combos-book.sh b/Vagrant Files/shared/scyther/combos-book.sh
deleted file mode 100644
index 888db4516ce93ea571c6674da5ab268569127efa..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/combos-book.sh
+++ /dev/null
@@ -1,11 +0,0 @@
-#!/bin/sh
-
-bsub -W 8:00 -Jd "book-aa-t" -N ./test-mpa.py -m 2 --plain --latex book-aa-t Protocols/MultiProtocolAttacks/*.spdl
-bsub -W 8:00 -Jd "book-aa-b" -N ./test-mpa.py -m 2 --plain -b --latex book-aa-b Protocols/MultiProtocolAttacks/*.spdl
-bsub -W 8:00 -Jd "book-aa-u" -N ./test-mpa.py -m 2 --plain -u --latex book-aa-u Protocols/MultiProtocolAttacks/*.spdl
-bsub -W 8:00 -Jd "book-ex-t" -N ./test-mpa.py -m 2 --plain --extravert --latex book-ex-t Protocols/MultiProtocolAttacks/*.spdl
-bsub -W 8:00 -Jd "book-ex-b" -N ./test-mpa.py -m 2 --plain -b --extravert --latex book-ex-b Protocols/MultiProtocolAttacks/*.spdl
-bsub -W 8:00 -Jd "book-ex-u" -N ./test-mpa.py -m 2 --plain -u --extravert --latex book-ex-u Protocols/MultiProtocolAttacks/*.spdl
-bsub -W 8:00 -Jd "book-iu-t" -N ./test-mpa.py -m 2 --plain --init-unique --latex book-iu-t Protocols/MultiProtocolAttacks/*.spdl
-bsub -W 8:00 -Jd "book-iu-b" -N ./test-mpa.py -m 2 --plain -b --init-unique --latex book-iu-b Protocols/MultiProtocolAttacks/*.spdl
-bsub -W 8:00 -Jd "book-iu-u" -N ./test-mpa.py -m 2 --plain -u --init-unique --latex book-iu-u Protocols/MultiProtocolAttacks/*.spdl
diff --git a/Vagrant Files/shared/scyther/combos-ike.sh b/Vagrant Files/shared/scyther/combos-ike.sh
deleted file mode 100644
index 515b20e3a64397b6f6bc925578b2ad09502800aa..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/combos-ike.sh
+++ /dev/null
@@ -1,8 +0,0 @@
-#!/bin/sh
-
-# Individual data
-./combos-ikev1.sh
-./combos-ikev2.sh
-
-# And combine
-./combos-ikev0.sh
diff --git a/Vagrant Files/shared/scyther/combos-ikev0.sh b/Vagrant Files/shared/scyther/combos-ikev0.sh
deleted file mode 100644
index 389835ba5b9262acbc611bd798f747b8f645562c..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/combos-ikev0.sh
+++ /dev/null
@@ -1,12 +0,0 @@
-#!/bin/sh
-
-bsub -W 8:00 -Jd "ike0-aa-t" -N ./test-mpa.py -m 2 --plain --latex ike0-aa-t ~/src/ikev2/pp-results/mpa/ikev*.spdl
-bsub -W 8:00 -Jd "ike0-aa-b" -N ./test-mpa.py -m 2 --plain -b --latex ike0-aa-b ~/src/ikev2/pp-results/mpa/ikev*.spdl
-bsub -W 8:00 -Jd "ike0-aa-u" -N ./test-mpa.py -m 2 --plain -u --latex ike0-aa-u ~/src/ikev2/pp-results/mpa/ikev*.spdl
-bsub -W 8:00 -Jd "ike0-ex-t" -N ./test-mpa.py -m 2 --plain --extravert --latex ike0-ex-t ~/src/ikev2/pp-results/mpa/ikev*.spdl
-bsub -W 8:00 -Jd "ike0-ex-b" -N ./test-mpa.py -m 2 --plain -b --extravert --latex ike0-ex-b ~/src/ikev2/pp-results/mpa/ikev*.spdl
-bsub -W 8:00 -Jd "ike0-ex-u" -N ./test-mpa.py -m 2 --plain -u --extravert --latex ike0-ex-u ~/src/ikev2/pp-results/mpa/ikev*.spdl
-bsub -W 8:00 -Jd "ike0-iu-t" -N ./test-mpa.py -m 2 --plain --init-unique --latex ike0-iu-t ~/src/ikev2/pp-results/mpa/ikev*.spdl
-bsub -W 8:00 -Jd "ike0-iu-b" -N ./test-mpa.py -m 2 --plain -b --init-unique --latex ike0-iu-b ~/src/ikev2/pp-results/mpa/ikev*.spdl
-bsub -W 8:00 -Jd "ike0-iu-u" -N ./test-mpa.py -m 2 --plain -u --init-unique --latex ike0-iu-u ~/src/ikev2/pp-results/mpa/ikev*.spdl
-
diff --git a/Vagrant Files/shared/scyther/combos-ikev1.sh b/Vagrant Files/shared/scyther/combos-ikev1.sh
deleted file mode 100644
index a5743b996c7cb75d33edb5bccc2a6c32b13d82f6..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/combos-ikev1.sh
+++ /dev/null
@@ -1,12 +0,0 @@
-#!/bin/sh
-
-bsub -W 8:00 -Jd "ike1-aa-t" -N ./test-mpa.py -m 2 --plain --latex ike1-aa-t ~/src/ikev2/pp-results/mpa/ikev1*.spdl
-bsub -W 8:00 -Jd "ike1-aa-b" -N ./test-mpa.py -m 2 --plain -b --latex ike1-aa-b ~/src/ikev2/pp-results/mpa/ikev1*.spdl
-bsub -W 8:00 -Jd "ike1-aa-u" -N ./test-mpa.py -m 2 --plain -u --latex ike1-aa-u ~/src/ikev2/pp-results/mpa/ikev1*.spdl
-bsub -W 8:00 -Jd "ike1-ex-t" -N ./test-mpa.py -m 2 --plain --extravert --latex ike1-ex-t ~/src/ikev2/pp-results/mpa/ikev1*.spdl
-bsub -W 8:00 -Jd "ike1-ex-b" -N ./test-mpa.py -m 2 --plain -b --extravert --latex ike1-ex-b ~/src/ikev2/pp-results/mpa/ikev1*.spdl
-bsub -W 8:00 -Jd "ike1-ex-u" -N ./test-mpa.py -m 2 --plain -u --extravert --latex ike1-ex-u ~/src/ikev2/pp-results/mpa/ikev1*.spdl
-bsub -W 8:00 -Jd "ike1-iu-t" -N ./test-mpa.py -m 2 --plain --init-unique --latex ike1-iu-t ~/src/ikev2/pp-results/mpa/ikev1*.spdl
-bsub -W 8:00 -Jd "ike1-iu-b" -N ./test-mpa.py -m 2 --plain -b --init-unique --latex ike1-iu-b ~/src/ikev2/pp-results/mpa/ikev1*.spdl
-bsub -W 8:00 -Jd "ike1-iu-u" -N ./test-mpa.py -m 2 --plain -u --init-unique --latex ike1-iu-u ~/src/ikev2/pp-results/mpa/ikev1*.spdl
-
diff --git a/Vagrant Files/shared/scyther/combos-ikev2.sh b/Vagrant Files/shared/scyther/combos-ikev2.sh
deleted file mode 100644
index 1da0bb158296e4872f8676ea2e4e49d34a718bc9..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/combos-ikev2.sh
+++ /dev/null
@@ -1,13 +0,0 @@
-#!/bin/sh
-
-bsub -W 8:00 -Jd "ike2-aa-t" -N ./test-mpa.py -m 2 --plain --latex ike2-aa-t ~/src/ikev2/pp-results/mpa/ikev2*.spdl
-bsub -W 8:00 -Jd "ike2-aa-b" -N ./test-mpa.py -m 2 --plain -b --latex ike2-aa-b ~/src/ikev2/pp-results/mpa/ikev2*.spdl
-bsub -W 8:00 -Jd "ike2-aa-u" -N ./test-mpa.py -m 2 --plain -u --latex ike2-aa-u ~/src/ikev2/pp-results/mpa/ikev2*.spdl
-bsub -W 8:00 -Jd "ike2-ex-t" -N ./test-mpa.py -m 2 --plain --extravert --latex ike2-ex-t ~/src/ikev2/pp-results/mpa/ikev2*.spdl
-bsub -W 8:00 -Jd "ike2-ex-b" -N ./test-mpa.py -m 2 --plain -b --extravert --latex ike2-ex-b ~/src/ikev2/pp-results/mpa/ikev2*.spdl
-bsub -W 8:00 -Jd "ike2-ex-u" -N ./test-mpa.py -m 2 --plain -u --extravert --latex ike2-ex-u ~/src/ikev2/pp-results/mpa/ikev2*.spdl
-bsub -W 8:00 -Jd "ike2-iu-t" -N ./test-mpa.py -m 2 --plain --init-unique --latex ike2-iu-t ~/src/ikev2/pp-results/mpa/ikev2*.spdl
-bsub -W 8:00 -Jd "ike2-iu-b" -N ./test-mpa.py -m 2 --plain -b --init-unique --latex ike2-iu-b ~/src/ikev2/pp-results/mpa/ikev2*.spdl
-bsub -W 8:00 -Jd "ike2-iu-u" -N ./test-mpa.py -m 2 --plain -u --init-unique --latex ike2-iu-u ~/src/ikev2/pp-results/mpa/ikev2*.spdl
-
-
diff --git a/Vagrant Files/shared/scyther/combos-iso.sh b/Vagrant Files/shared/scyther/combos-iso.sh
deleted file mode 100644
index b9fb2500a7d26bf52cb396464d3f2ceb9cd4dac7..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/combos-iso.sh
+++ /dev/null
@@ -1,11 +0,0 @@
-#!/bin/sh
-
-bsub -W 8:00 -Jd "iso-aa-t" -N ./test-mpa.py -m 2 --plain --latex iso-aa-t ~/papers/iso9798/scyther-models/*.spdl
-bsub -W 8:00 -Jd "iso-aa-b" -N ./test-mpa.py -m 2 --plain -b --latex iso-aa-b ~/papers/iso9798/scyther-models/*.spdl
-bsub -W 8:00 -Jd "iso-aa-u" -N ./test-mpa.py -m 2 --plain -u --latex iso-aa-u ~/papers/iso9798/scyther-models/*.spdl
-bsub -W 8:00 -Jd "iso-ex-t" -N ./test-mpa.py -m 2 --plain --extravert --latex iso-ex-t ~/papers/iso9798/scyther-models/*.spdl
-bsub -W 8:00 -Jd "iso-ex-b" -N ./test-mpa.py -m 2 --plain -b --extravert --latex iso-ex-b ~/papers/iso9798/scyther-models/*.spdl
-bsub -W 8:00 -Jd "iso-ex-u" -N ./test-mpa.py -m 2 --plain -u --extravert --latex iso-ex-u ~/papers/iso9798/scyther-models/*.spdl
-bsub -W 8:00 -Jd "iso-iu-t" -N ./test-mpa.py -m 2 --plain --init-unique --latex iso-iu-t ~/papers/iso9798/scyther-models/*.spdl
-bsub -W 8:00 -Jd "iso-iu-b" -N ./test-mpa.py -m 2 --plain -b --init-unique --latex iso-iu-b ~/papers/iso9798/scyther-models/*.spdl
-bsub -W 8:00 -Jd "iso-iu-u" -N ./test-mpa.py -m 2 --plain -u --init-unique --latex iso-iu-u ~/papers/iso9798/scyther-models/*.spdl
diff --git a/Vagrant Files/shared/scyther/generate-attack-graphs.py b/Vagrant Files/shared/scyther/generate-attack-graphs.py
deleted file mode 100644
index bad12b1da886ea2e86cd0d3001b275afd3b5a5f3..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/generate-attack-graphs.py
+++ /dev/null
@@ -1,131 +0,0 @@
-#!/usr/bin/env python
-"""
- Scyther : An automatic verifier for security protocols.
- Copyright (C) 2007-2013 Cas Cremers
-
- This program is free software; you can redistribute it and/or
- modify it under the terms of the GNU General Public License
- as published by the Free Software Foundation; either version 2
- of the License, or (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-"""
-
-"""
-Generate attacks for each claim
-
-To also generate resource usage details on linux, use something like:
-
- xargs -a protocols.txt -n 1 -I {} /usr/bin/time -v -o {}.times ./generate-attack-graphs.py {}
-
-where 'protocols.txt' contains a protocol file per line.
-"""
-
-#---------------------------------------------------------------------------
-
-""" Import externals """
-import sys
-
-#---------------------------------------------------------------------------
-
-""" Import scyther components """
-import Scyther.Scyther as Scyther
-
-#---------------------------------------------------------------------------
-
-def create_file_prefix(fn,cid):
- """
- Create a filename prefix for fn,cid without extension
- """
-
- tcid = cid
- i = tcid.rfind(",")
- if i > 0:
- if fn.find(tcid[:i]) >= 0:
- tcid = tcid[i+1:]
-
- tfn = fn.replace(".spdl","")
- i = tfn.rfind("/")
- if i >= 0:
- tfn = tfn[i+1:]
-
- pref = "%s-%s" % (tfn,tcid)
- pref = pref.replace(",","_")
-
- return pref
-
-
-def render_dot(fn,gtype):
- """
- Render .dot file called fn into gtype file
- """
- from subprocess import call
-
- if len(gtype) > 5:
- # Something is fishy, abort
- return
-
- base_name = fn
- i = base_name.rfind(".")
- if i > 0:
- base_name = base_name[:i]
-
- cmd = ["dot","-T" + gtype,"-o%s.%s" % (base_name,gtype),fn]
- #print cmd
-
- call(cmd)
-
-
-def render_best_attack(fn,cid):
- """
- Extract the best attack for this claim and file name
- """
- x = Scyther.Scyther()
- x.setFile(fn)
-
- x.options = "-r4 -T60"
- x.verifyOne(cid)
-
- pref = create_file_prefix(fn,cid)
-
- for cl in x.claims:
- cln = cl.claimtype
- if cln == "Commit":
- cln = "Data_agree"
-
- if len(cl.attacks) > 0:
- dotfile = "attack-%s-%s.dot" % (pref,cln)
- fp = open(dotfile,'w')
- fp.write(cl.attacks[-1].scytherDot)
- fp.close()
-
- render_dot(dotfile,"png")
- render_dot(dotfile,"pdf")
-
- print "%s; %s" % (fn,cl)
-
-def main():
-
- filelist = sys.argv[1:]
- # Compute dict of filenames to claim id's
- cl = Scyther.GetClaims(filelist)
-
- for fn in set(cl):
- for cid in cl[fn]:
-
- render_best_attack(fn,cid)
-
-
-
-if __name__ == '__main__':
- main()
-
-#---------------------------------------------------------------------------
-# vim: set ts=4 sw=4 et list lcs=tab\:>-:
diff --git a/Vagrant Files/shared/scyther/json-scyther.py b/Vagrant Files/shared/scyther/json-scyther.py
deleted file mode 100644
index b8e23bd5def9b64736d9c605b557fb5d72fb7b12..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/json-scyther.py
+++ /dev/null
@@ -1,66 +0,0 @@
-#!/usr/bin/env python
-"""
- Scyther : An automatic verifier for security protocols.
- Copyright (C) 2007-2013 Cas Cremers
-
- This program is free software; you can redistribute it and/or
- modify it under the terms of the GNU General Public License
- as published by the Free Software Foundation; either version 2
- of the License, or (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-"""
-
-
-"""
-
-Author: Cas Cremers
-
-"""
-
-import sys
-import json
-from Scyther import Scyther
-
-
-def scyther_json(jsondata):
- """
- Decode json data into (protocollist,options,filter) and run scyther
- """
- s = Scyther.Scyther()
-
- (protocollist,options,filter) = json.loads(jsondata)
-
- s.options = str(options)
- for protocol in sorted(protocollist):
- s.addFile(protocol)
- s.verifyOne(str(filter))
-
-def fileandline(fn,linenos):
- fp = open(fn,"r")
- ln = 1
- done = 0
- sz = len(linenos)
- for l in fp.xreadlines():
- if str(ln) in linenos:
- print l
- scyther_json(l)
- done = done + 1
- if done >= sz:
- fp.close()
- return
- ln = ln + 1
- fp.close()
- return
-
-if __name__ == '__main__':
- fileandline(sys.argv[1],set(sys.argv[2:]))
-
-
diff --git a/Vagrant Files/shared/scyther/make-bsub.py b/Vagrant Files/shared/scyther/make-bsub.py
deleted file mode 100644
index 0897da157cddc70cd0ce1883f9d4d4331de9760d..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/make-bsub.py
+++ /dev/null
@@ -1,69 +0,0 @@
-#!/usr/bin/env python
-#
-import sys
-import json
-import math
-
-"""
-Given a file of Scyther verification tests to do (json file), create a shell file to run them all using bsub.
-
-Arguments:
-
- [1] Filename of json stuff
- [2] Step count: how many verification tasks go into one job
- [3] Additional commands to send to bsub (e.g. "-W 1:00")
-
-"""
-
-def countlines(fn):
- count = 0
- fh = open(fn,'r')
- for l in fh.xreadlines():
- count = count + 1
- fh.close()
- return count
-
-def marker(jobcount,todo):
- left = todo - jobcount
- dperc = int((100 * jobcount) / todo)
- print "echo \"Sent %i out of %i jobs, hence %i left. %i%% done.\"" % (jobcount,todo,left,dperc)
-
-def main(fn,step,optlist):
-
- todo = math.ceil(countlines(fn) / int(step))
-
- fh = open(fn,'r')
- ln = 1
- buf = 0
- s = ""
- jobcount = 0
- done = 0
-
- for l in fh.xreadlines():
- if buf == 0:
- s = "bsub %s ./json-scyther.py %s" % (" ".join(optlist),fn)
- s += " %i" % (ln)
- buf = buf + 1
- done = done + 1
- if buf >= int(step):
- print (s)
- s = ""
- buf = 0
- jobcount = jobcount + 1
- if jobcount % 10 == 0:
- """
- After ten jobs, display progress info
- """
- marker(jobcount,todo)
-
- ln = ln + 1
- print (s)
- marker(jobcount,todo)
- fh.close()
-
-
-if __name__ == '__main__':
- """ Usage: filename, step, options to send to bsub
- """
- main(sys.argv[1],sys.argv[2],sys.argv[3:])
-
diff --git a/Vagrant Files/shared/scyther/mpa.spdl b/Vagrant Files/shared/scyther/mpa.spdl
deleted file mode 100644
index 4913029f4daf23383d192b390e22b9f82a0e5b9d..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/mpa.spdl
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * Needham-Schroeder-Lowe protocol
- */
-
-// The protocol description
-
-protocol nsl3(I,R)
-{
- role I
- {
- fresh ni: Nonce;
- var nr: Nonce;
-
- send_1(I,R, {ni,I}pk(R) );
- recv_2(R,I, {ni,nr,R}pk(I) );
- send_3(I,R, {nr}pk(R) );
-
- claim_i1(I,Secret,ni);
- claim_i2(I,Secret,nr);
- claim_i3(I,Niagree);
- claim_i4(I,Nisynch);
- }
-
- role R
- {
- var ni: Nonce;
- fresh nr: Nonce;
-
- recv_1(I,R, {ni,I}pk(R) );
- send_2(R,I, {ni,nr,R}pk(I) );
- recv_3(I,R, {nr}pk(R) );
-
- claim_r1(R,Secret,ni);
- claim_r2(R,Secret,nr);
- claim_r3(R,Niagree);
- claim_r4(R,Nisynch);
- }
-}
-
-/*
- * Needham-Schroeder-Lowe protocol,
- * broken version (wrong role name in first message)
- */
-
-// The protocol description
-
-protocol nsl3-broken(I,R)
-{
- role I
- {
- fresh ni: Nonce;
- var nr: Nonce;
-
- send_1(I,R, {ni,R}pk(R) );
- recv_2(R,I, {ni,nr,R}pk(I) );
- send_3(I,R, {nr}pk(R) );
-
- claim_i1(I,Secret,ni);
- claim_i2(I,Secret,nr);
- claim_i3(I,Niagree);
- claim_i4(I,Nisynch);
- }
-
- role R
- {
- var ni: Nonce;
- fresh nr: Nonce;
-
- recv_1(I,R, {ni,R}pk(R) );
- send_2(R,I, {ni,nr,R}pk(I) );
- recv_3(I,R, {nr}pk(R) );
-
- claim_r1(R,Secret,ni);
- claim_r2(R,Secret,nr);
- claim_r3(R,Niagree);
- claim_r4(R,Nisynch);
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/notes-brutus-mpa.txt b/Vagrant Files/shared/scyther/notes-brutus-mpa.txt
deleted file mode 100644
index b89e3938e66be4445e2f8a8071d21a0c4606bb27..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/notes-brutus-mpa.txt
+++ /dev/null
@@ -1,181 +0,0 @@
-run test-MPA with --pickle to some file FILE.
-
-Choose a STEP integer: how many verifications are batched into a single job.
-
-Then:
-
-./make-bsub.py FILE STEP -W 1:00 [OTHER BSUB OPTIONS] > tests.sh
-
-Then
-
-bash tests.sh
-
-
-When all is done, rerun the original thing without pickle.
-
-
-
-This invokes then:
-json-scyther.py
-in different batches
-
-
-
-
-
-Test run for real
-
-
-Fri Dec 31 16:33:20 CET 2010
-
-Login & screen on brutus3 node.
-
-bsub -W 2:00 ./test-mpa.py --pickle mpa-tests.json -A Protocols/MultiProtocolAttacks/*.spdl
-
-Fri Dec 31 18:48:29 CET 2010
-
-Given the 6 minutes timeout, decided to batch into the 1h queues. Thus 9
-verifications can safely go in a batch.
-
-./make-bsub.py mpa-tests.json 9 -W 1:00 >mpa-tests.sh
-
-bash mpa-tests.sh
-
-
-Hmm. For the 1h queue on Brutus, there is a 10.000 pending jobs limit. Thus my
-40.000+ jobs get stuck here.
-
-So I could have done the division such that the jobs can be pended at onces
-but it would have meant putting the jobs in the 8h or more queues.
-
-For the batching thing, it would be nice to print a counter every 10 bsubs so
-if it gets stuck, you can see where it is (or better: how much is left).
-
-The lsf.o* output files clog up the directory. Find a way to disable them!
-
-Woops, we get mail once in a while. Not good. Unclear under which conditions
-this occurs, it seems to be errors only. (Probably stale file pointers from
-the old watch & rm solution.)
-
-Sun Jan 2 10:54:23 CET 2011
-
-All jobs have been submitted, now only 3000 pending.
-
-There may be a limit for me of about 128 active jobs at the same time.
-
-Sun Jan 2 11:30:30 CET 2011
-
-2200 pending.
-
-Sun Jan 2 12:38:48 CET 2011
-
-1155 pending.
-(bjobs -p | grep PEND | wc -l)
-
-Sun Jan 2 13:59:04 CET 2011
-
-0 jobs pending, 32 jobs active.
-
-Sun Jan 2 14:18:11 CET 2011
-
-Done. Recomp started (without --pickle FILE above)
-Takes too long on login node. Killed at 14:40.
-
-Instead, rerunning with:
-
-bsub -I -N ./test-mpa.py -A Protocols/MultiProtocolAttacks/*.spdl
-
--I for interactive, -N for mail at end.
-
-Sun Jan 2 14:45:04 CET 2011
-
-Above job is running. It also seems faster.
-
-Sun Jan 2 20:07:58 CET 2011
-
-Sigh. It got killed after one hour because no time limit was set.
-Rerunning with -W 6:00
-
-
-
-
-
-
-Sun Jan 2 14:30:19 CET 2011
-
-In parallel, starting new huge job; biggest possible using current script options.
-
-bsub -W 7:00 ./test-mpa.py --pickle test-full-mpa.json --self-communication -A Protocols/MultiProtocolAttacks/*.spdl
-
-Actually, these big jobs should be started with finishing e-mail notification
-or the switch that makes the bsub command only return after the jobs has
-finished, otherwise we end up watching bjobs all the time, which is boring.
-
-Sun Jan 2 14:40:08 CET 2011
-
-The above test generation is now running.
-
-Sun Jan 2 20:09:42 CET 2011
-
-The test generation seems to have finished at 15:31.
-
-./make-bsub.py test-full-mpa.json 10 -W 1:00 >test-full-mpa.sh
-
-This finished at 20:11.
-So now running
-
-nice bash test-full-mpa.sh
-
-G
-
-
-
-Sun Jan 2 15:07:13 CET 2011
-
-A third parallel test:
-
-batcher.sh OPTIONS_AND_FILES_FOR_TEST_MPA_SCRIPT
-
-Running with -L5. This should automate all of the previous stuff.
-
-
-
-
-Wed Jan 5 15:37:11 CET 2011
-
-Running for cryptrec (with new Scyther version and new batches of 5 things)
-./batcher.sh ~/papers/iso/*.spdl
-
-
-
-Tue Jan 18 17:10:49 CET 2011
-
-./batcher.sh -m 1 --all-types --self-communication ~/papers/iso/*.spdl
-The batcher has jobid 930582
-
-(error, reverting to os.makedirs(path))
-
-Tue Jan 18 23:45:15 CET 2011
-
-./test-iso-combo.sh
-
-Tue Jan 18 23:49:15 CET 2011
-
-./batcher.sh -m 2 --all-types --self-communication ~/papers/iso/*.spdl
-
-Solved: do "watch -n 10 ./WIPER.sh 11"
-(wiper.sh finds lsf files accessed longer ago than 11 minutes and wipes them)
-
-./test-mpa-alltypes.sh
-
-
-
-Mon Jan 24 14:55:23 CET 2011
-
-./batcher.sh -m 2 --all-types Protocols/MultiProtocolAttacks/*.spdl
-
-
-
-Sat Jan 29 13:35:22 CET 2011
-
-./batcher.sh -m 2 -A --self-communication Protocols/MultiProtocolAttacks/*.spdl
diff --git a/Vagrant Files/shared/scyther/ns3.spdl b/Vagrant Files/shared/scyther/ns3.spdl
deleted file mode 100644
index edde4ab3c4b52e7026d2482594f5eb815bfbbfa3..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/ns3.spdl
+++ /dev/null
@@ -1,47 +0,0 @@
-/*
- * Needham-Schroeder protocol
- */
-
-// The protocol description
-
-protocol ns3(I,R)
-{
- role I
- {
- fresh ni: Nonce;
- var nr: Nonce;
-
- send_1(I,R, {ni,I}pk(R) );
- recv_2(R,I, {ni,nr}pk(I) );
- claim(I,Running,R,ni,nr);
- send_3(I,R, {nr}pk(R) );
-
- claim(I,Secret,ni);
- claim(I,Secret,nr);
- claim(I,Alive);
- claim(I,Weakagree);
- claim(I,Commit,R,ni,nr);
- claim(I,Niagree);
- claim(I,Nisynch);
- }
-
- role R
- {
- var ni: Nonce;
- fresh nr: Nonce;
-
- recv_1(I,R, {ni,I}pk(R) );
- claim(R,Running,I,ni,nr);
- send_2(R,I, {ni,nr}pk(I) );
- recv_3(I,R, {nr}pk(R) );
-
- claim(R,Secret,ni);
- claim(R,Secret,nr);
- claim(R,Alive);
- claim(R,Weakagree);
- claim(R,Commit,I,ni,nr);
- claim(R,Niagree);
- claim(R,Nisynch);
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/nsl3-broken.spdl b/Vagrant Files/shared/scyther/nsl3-broken.spdl
deleted file mode 100644
index 3681cd9a41030e2a77957f0f85c5ab20e413f7fc..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/nsl3-broken.spdl
+++ /dev/null
@@ -1,40 +0,0 @@
-/*
- * Needham-Schroeder-Lowe protocol,
- * broken version (wrong role name in first message)
- */
-
-// The protocol description
-
-protocol nsl3-broken(I,R)
-{
- role I
- {
- fresh ni: Nonce;
- var nr: Nonce;
-
- send_1(I,R, {ni,R}pk(R) );
- recv_2(R,I, {ni,nr,R}pk(I) );
- send_3(I,R, {nr}pk(R) );
-
- claim_i1(I,Secret,ni);
- claim_i2(I,Secret,nr);
- claim_i3(I,Niagree);
- claim_i4(I,Nisynch);
- }
-
- role R
- {
- var ni: Nonce;
- fresh nr: Nonce;
-
- recv_1(I,R, {ni,R}pk(R) );
- send_2(R,I, {ni,nr,R}pk(I) );
- recv_3(I,R, {nr}pk(R) );
-
- claim_r1(R,Secret,ni);
- claim_r2(R,Secret,nr);
- claim_r3(R,Niagree);
- claim_r4(R,Nisynch);
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/nsl3.spdl b/Vagrant Files/shared/scyther/nsl3.spdl
deleted file mode 100644
index c393e73c3db93f066dd83588a2831656e723809c..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/nsl3.spdl
+++ /dev/null
@@ -1,47 +0,0 @@
-/*
- * Needham-Schroeder-Lowe protocol
- */
-
-// The protocol description
-
-protocol nsl3(I,R)
-{
- role I
- {
- fresh ni: Nonce;
- var nr: Nonce;
-
- send_1(I,R, {ni,I}pk(R) );
- recv_2(R,I, {ni,nr,R}pk(I) );
- claim(I,Running,R,ni,nr);
- send_3(I,R, {nr}pk(R) );
-
- claim(I,Secret,ni);
- claim(I,Secret,nr);
- claim(I,Alive);
- claim(I,Weakagree);
- claim(I,Commit,R,ni,nr);
- claim(I,Niagree);
- claim(I,Nisynch);
- }
-
- role R
- {
- var ni: Nonce;
- fresh nr: Nonce;
-
- recv_1(I,R, {ni,I}pk(R) );
- claim(R,Running,I,ni,nr);
- send_2(R,I, {ni,nr,R}pk(I) );
- recv_3(I,R, {nr}pk(R) );
-
- claim(R,Secret,ni);
- claim(R,Secret,nr);
- claim(R,Alive);
- claim(R,Weakagree);
- claim(R,Commit,I,ni,nr);
- claim(R,Niagree);
- claim(R,Nisynch);
- }
-}
-
diff --git a/Vagrant Files/shared/scyther/precompute-ike.sh b/Vagrant Files/shared/scyther/precompute-ike.sh
deleted file mode 100644
index 7b7652fb88f2e6307740cf84ebcb18710efa6e3e..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/precompute-ike.sh
+++ /dev/null
@@ -1,5 +0,0 @@
-#!/bin/sh
-
-./batcher.sh -m 2 --all-types --self-communication ~/src/ikev2/pp-results/mpa/ikev1*.spdl
-./batcher.sh -m 2 --all-types --self-communication ~/src/ikev2/pp-results/mpa/ikev2*.spdl
-
diff --git a/Vagrant Files/shared/scyther/progressbarDummy.py b/Vagrant Files/shared/scyther/progressbarDummy.py
deleted file mode 100644
index 9ddd7e9603a98a8eafcb31f39792dc16f814cb66..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/progressbarDummy.py
+++ /dev/null
@@ -1,60 +0,0 @@
-#!/usr/bin/env python
-"""
- Scyther : An automatic verifier for security protocols.
- Copyright (C) 2007-2013 Cas Cremers
-
- This program is free software; you can redistribute it and/or
- modify it under the terms of the GNU General Public License
- as published by the Free Software Foundation; either version 2
- of the License, or (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-"""
-
-
-"""
-
-Dummy.
-
-Author: Cas Cremers
-
-"""
-
-class ProgressBar(object):
-
- def __init__(self,widgets=[],maxval=100):
- self.widgets = widgets
- self.maxval = maxval
-
- def start(self):
- if self.widgets:
- if len(self.widgets) > 0:
- print self.widgets[0],
-
- def update(self,count):
- pass
-
- def finish(self):
- print " Done."
-
-
-def SimpleProgress():
- return
-
-def ETA():
- return
-
-def Percentage():
- return
-
-def Bar(marker,left,right):
- return
-
-# vim: set ts=4 sw=4 et list lcs=tab\:>-:
diff --git a/Vagrant Files/shared/scyther/scyther-gui.py b/Vagrant Files/shared/scyther/scyther-gui.py
deleted file mode 100644
index d20be43b828fcccdb5ad79a4e1d635a3ab6a056b..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/scyther-gui.py
+++ /dev/null
@@ -1,245 +0,0 @@
-#!/usr/bin/env python
-"""
- Scyther : An automatic verifier for security protocols.
- Copyright (C) 2007-2013 Cas Cremers
-
- This program is free software; you can redistribute it and/or
- modify it under the terms of the GNU General Public License
- as published by the Free Software Foundation; either version 2
- of the License, or (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-"""
-
-
-#---------------------------------------------------------------------------
-# Try to get wxPython
-try:
- import wx
-except ImportError,err:
- from Scyther import Misc
-
- errmsg = "Problem with importing the required [wxPython] package."
-
- if 'No module' in str(err):
- errmsg = """Could not find the required [wxPython] package.
-Please install this package in order to use the graphical user
-interface of Scyther.
-The [wxPython] packages can be found at http://www.wxpython.org/
-
-Ubuntu users: the wxPython packages are called 'python-wxgtk' followed by the
-version number."""
- elif ('32-bit mode' in str(err)) or ('no matching architecture' in str(err)):
- import os
-
- key = "VERSIONER_PYTHON_PREFER_32_BIT"
- data = "yes"
-
- keyfound = False
- try:
- if sys.environment[key] == data:
- keyfound = True
- except:
- pass
-
- if keyfound:
- """
- We already tried to set the environment variable, but it is still not working.
- """
- import sys
- #print "Key found. good job. no success."
-
- errmsg = """Problem with importing the required [wxPython] package.
-
- Possibly the problem is caused by wxPython only working in 32-bit mode currently.
- You can try the following on the command line:
-
- $ export VERSIONER_PYTHON_PREFER_32_BIT=yes
- $ ./scyther-gui.py"""
-
- else:
- """
- Key not found. Try if that works.
- """
- import sys
- from subprocess import call
-
- #print "Key not found. Trying to set it now."
- # TODO: check for MAC's if we need something like 'pythonw'
- call(sys.argv, shell=True, env={key: data})
- sys.exit(0)
-
-
- Misc.panic("""
-ERROR:
-
-%s
-
-Note that you can still use the Scyther binaries in the 'Scyther' directory.
-
-The exact error was:
---------------------------------------------------------------------------------
-%s
---------------------------------------------------------------------------------
- """ % (errmsg,err))
-
-
-
-#---------------------------------------------------------------------------
-""" import externals """
-import sys
-import os
-from optparse import OptionParser, SUPPRESS_HELP
-from subprocess import *
-
-#---------------------------------------------------------------------------
-
-""" Import scyther-gui components """
-from Scyther import Scyther,Misc
-from Gui import About,Preference,Mainwindow
-
-#---------------------------------------------------------------------------
-
-def parseArgs():
- usage = "usage: %s [options] [inputfile]" % sys.argv[0]
- description = "scyther-gui is a graphical user interface for the scyther protocol verification tool."
- parser = OptionParser(usage=usage,description=description)
-
- # command
- parser.add_option("-V","--verify",dest="command",default=None,action="store_const",const="verify",
- help="Immediately verify the claims of the protocol (requires input file)")
- parser.add_option("-s","--state-space",dest="command",default=None,action="store_const",const="statespace",
- help="Immediately generate the complete characterization of the protocol (requires input file)")
- parser.add_option("-a","--auto-claims",dest="command",default=None,action="store_const",const="autoverify",
- help="Immediately verified protocol using default claims (requires input file)")
- #parser.add_option("-c","--check",dest="command",default=None,action="store_const",const="check",
- # help="Immediately check protocol (requires input file)")
-
- # License
- parser.add_option("-l","--license",dest="license",default=False,action="store_const",const=True,
- help="Show license")
-
- # no-splash
- parser.add_option("-N","--no-splash",dest="splashscreen",default=True,action="store_const",const=False,
- help="Do not show the splash screen")
-
- # misc debug etc (not shown in the --help output)
- parser.add_option("","--test",dest="test",default=False,action="store_true",
- help=SUPPRESS_HELP)
-
- return parser.parse_args()
-
-#---------------------------------------------------------------------------
-
-class MySplashScreen(wx.SplashScreen):
- def __init__(self,basedir):
- path = os.path.join(basedir,"Images")
- image = os.path.join(path,"scyther-splash.png")
- bmp = wx.Image(image).ConvertToBitmap()
- wx.SplashScreen.__init__(self, bmp,
- wx.SPLASH_CENTRE_ON_SCREEN | wx.SPLASH_TIMEOUT,
- 5000, None, -1)
- self.Bind(wx.EVT_CLOSE, self.OnClose)
- self.fc = wx.FutureCall(2000, self.ShowMain)
-
- def OnClose(self, evt):
- # Make sure the default handler runs too so this window gets
- # destroyed
- evt.Skip()
- self.Hide()
-
- # if the timer is still running then go ahead and show the
- # main frame now
- if self.fc.IsRunning():
- self.fc.Stop()
- self.ShowMain()
-
-
- def ShowMain(self):
- if self.fc.IsRunning():
- self.Raise()
-
-
-#---------------------------------------------------------------------------
-
-def isSplashNeeded(opts):
- if not opts.command:
- if opts.splashscreen and not (Preference.get('splashscreen') in ['false','off','disable','0']):
- return True
- return False
-
-#---------------------------------------------------------------------------
-
-class ScytherApp(wx.App):
- def OnInit(self):
- import os, inspect
-
- wx.GetApp().SetAppName("Scyther-gui")
-
- # Determine base directory (taking symbolic links into account)
- cmd_file = os.path.realpath(os.path.abspath(inspect.getfile( inspect.currentframe() )))
- basedir = os.path.split(cmd_file)[0]
-
- # Parse arguments
- (opts,args) = parseArgs()
-
- # License option may abort here
- if opts.license:
- print Scyther.GetLicense()
- sys.exit(0)
-
- # Load preferences file
- Preference.init()
-
- #"""
- #Create and show the splash screen. It will then create and show
- #the main frame when it is time to do so.
- #
- #The splash screen is disabled for automatic commands, and also
- #by a setting in the preferences file.
- #"""
- #if isSplashNeeded(opts):
- # splash = MySplashScreen(basedir)
- # splash.Show()
-
- self.mainWindow = Mainwindow.MainWindow(opts,args)
- self.SetTopWindow(self.mainWindow)
- self.mainWindow.Show()
-
- if isSplashNeeded(opts):
- dlg = About.AboutScyther(self.mainWindow,basedir)
- dlg.ShowModal()
- dlg.Destroy()
-
- return True
-
- def OnExit(self):
- """ Tear down """
-
-
-#---------------------------------------------------------------------------
-
-def CheckRequirements():
- """ Check for any required programs """
-
- """ We need 'dot', in the graphviz package """
- from Scyther import FindDot
-
- FindDot.findDot() # If Graphviz is not found, this function will call panic to complain.
-
-#---------------------------------------------------------------------------
-
-
-if __name__ == '__main__':
- CheckRequirements()
- scythergui = ScytherApp()
- scythergui.MainLoop()
-
-# vim: set ts=4 sw=4 et list lcs=tab\:>-:
diff --git a/Vagrant Files/shared/scyther/scyther-gui.rc b/Vagrant Files/shared/scyther/scyther-gui.rc
deleted file mode 100644
index cd3a913e215297bcbc293f08c0a2f40c0bd205e0..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/scyther-gui.rc
+++ /dev/null
@@ -1,4 +0,0 @@
-wxicon icon Images/scyther-gui-64.ico
-wxicon icon Images/scyther-gui-32.ico
-wxicon icon Images/scyther-gui-16.ico
-#include "wx/msw/wx.rc"
diff --git a/Vagrant Files/shared/scyther/scyther.py b/Vagrant Files/shared/scyther/scyther.py
deleted file mode 100644
index ef99d75e3d9105d7c441e10f7ea0741bec9eb5aa..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/scyther.py
+++ /dev/null
@@ -1,57 +0,0 @@
-#!/usr/bin/env python
-"""
- Scyther : An automatic verifier for security protocols.
- Copyright (C) 2007-2013 Cas Cremers
-
- This program is free software; you can redistribute it and/or
- modify it under the terms of the GNU General Public License
- as published by the Free Software Foundation; either version 2
- of the License, or (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-"""
-
-#
-# python wrapper for the Scyther command-line tool
-#
-
-#---------------------------------------------------------------------------
-
-""" Import externals """
-import sys
-
-#---------------------------------------------------------------------------
-
-""" Import scyther components """
-import Scyther.Scyther as Scyther
-
-#---------------------------------------------------------------------------
-
-def usage():
- x = Scyther.Scyther()
- x.xml = False
- x.options = "--help"
- x.verify()
- return x
-
-def simpleRun(args):
- x = Scyther.Scyther()
- x.options = args
- x.verify()
- return x
-
-if __name__ == '__main__':
- pars = sys.argv[1:]
- if len(pars) == 0:
- print usage()
- else:
- print simpleRun(" ".join(pars))
-
-
diff --git a/Vagrant Files/shared/scyther/test-delta.py b/Vagrant Files/shared/scyther/test-delta.py
deleted file mode 100644
index 863d13b18f0c2c7b7823b31a749fbebd9c0107a0..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/test-delta.py
+++ /dev/null
@@ -1,181 +0,0 @@
-#!/usr/bin/env python
-"""
- Scyther : An automatic verifier for security protocols.
- Copyright (C) 2007-2013 Cas Cremers
-
- This program is free software; you can redistribute it and/or
- modify it under the terms of the GNU General Public License
- as published by the Free Software Foundation; either version 2
- of the License, or (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-"""
-
-
-"""
-
-Example script to show how to perform large-scale tests using the
-Scyther Python API (contained in the Scyther subdirectory)
-
-In this example, we find the differences between two different switch
-settings for a large set of protocols.
-
-The notification triggers if claim lists differ, or when a claim is okay
-in one test but not in the other. Hence, we ignore differences between
-complete/bounded verification.
-
-Author: Cas Cremers
-
-
-Define the strings below.
-
-TEST0 is used for both, TEST1/2 define the difference between
-the tests.
-"""
-#---------------------------------------------------------------------------
-
-TEST0 = ""
-TEST1 = "--max-runs=1"
-TEST2 = "--max-runs=4"
-
-#---------------------------------------------------------------------------
-
-""" Import externals """
-import commands
-
-#---------------------------------------------------------------------------
-
-""" Import scyther components """
-from Scyther import Scyther
-
-#---------------------------------------------------------------------------
-
-def filterProtocol(protocol):
- """
- We may want to filter out some protocols.
- This function allows that. Return True if it is okay (and should be
- included) or False otherwise.
- """
- include = True
- return include
-
-def simpleRun(args):
- x = Scyther.Scyther()
- x.options = args
- x.verify()
- return x
-
-def ScytherRes(protocol,args=""):
- """
- Run Scyther on a protocol and return a tuple with the
- resulting object and claim list.
- """
- global TEST0
-
- args = "%s %s %s" % (TEST0, args, protocol)
- s = simpleRun(args)
- return (s,s.claims)
-
-
-def findSameClaim(cl,claim):
- """
- Find in claim list the claim that corresponds to claim
- """
- for claim2 in cl:
- if claim2.id == claim.id:
- return claim2
- return None
-
-
-def ScytherDiff(protocol):
- """
- Check whether the two different switch settings yield a different
- result.
- """
- global TEST1, TEST2
-
- (s1,cl1) = ScytherRes(protocol,TEST1)
- (s2,cl2) = ScytherRes(protocol,TEST2)
-
- res = ""
- if len(cl1) != len(cl2):
- res += "Different claim lists:\n%s\n%s\n" % (cl1,cl2)
- else:
- for claim1 in cl1:
- claim2 = findSameClaim(cl2,claim1)
- if claim2 == None:
- res += "%s not in second test.\n" % (claim1)
- else:
- if claim1.okay != claim2.okay:
- res += "Different results:\n%s\n%s\n" % (claim1,claim2)
-
- if res == "":
- return None
- else:
- return res
-
-
-def findProtocols():
- """
- Find a list of protocol names
- """
-
- cmd = "find -iname '*.spdl'"
- plist = commands.getoutput(cmd).splitlines()
- nlist = []
- for prot in plist:
- if filterProtocol(prot):
- nlist.append(prot)
- return nlist
-
-
-def main():
- """
- Simple test case with a few protocols
- """
- global TEST0,TEST1,TEST2
-
- list = findProtocols()
- print "Performing delta analysis"
- print
- print "String 0 (used for both): '%s'" % TEST0
- print "String 1: '%s'" % TEST1
- print "String 2: '%s'" % TEST2
- print
- print "After filtering, we are left with the following protocols:", list
- print
- maxcount = len(list)
- count = 1
- delta = 0
- for prot in list:
- perc = (100 * count) / maxcount
- print "[%i%%] %s: " % (perc,prot),
- res = ScytherDiff(prot)
- if res != None:
- print
- print "-" * 72
- print prot
- print "-" * 72
- print res
- delta = delta + 1
- else:
- print "No interesting delta found."
- count = count + 1
-
- print
- print "Analysis complete."
- print "%i out of %i protocols differed [%i%%]." % (delta,maxcount,(100 * delta)/maxcount)
-
-
-if __name__ == '__main__':
- main()
-
-
-# vim: set ts=4 sw=4 et list lcs=tab\:>-:
diff --git a/Vagrant Files/shared/scyther/test-mpa.py b/Vagrant Files/shared/scyther/test-mpa.py
deleted file mode 100644
index bf5a34432ed6ed8a8db0700bbdbff613f4e14ccb..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/test-mpa.py
+++ /dev/null
@@ -1,896 +0,0 @@
-#!/usr/bin/env python
-"""
- Scyther : An automatic verifier for security protocols.
- Copyright (C) 2007-2013 Cas Cremers
-
- This program is free software; you can redistribute it and/or
- modify it under the terms of the GNU General Public License
- as published by the Free Software Foundation; either version 2
- of the License, or (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-"""
-
-
-"""
-
-Example script to show how to perform large-scale tests using the
-Scyther Python API (contained in the Scyther subdirectory)
-
-In this example, multi-protocol attack analysis is performed on a small
-test set.
-
-Author: Cas Cremers
-
-"""
-
-from Scyther import Scyther
-
-from optparse import OptionParser, OptionGroup, SUPPRESS_HELP
-import time
-import os.path
-import json
-
-try:
- from progressbar import *
- PROGRESSBAR = True
-except ImportError:
- from progressbarDummy import *
- PROGRESSBAR = False
- print """
-Missing the progressbar library.
-
-It can be downloaded from:
-
-http://code.google.com/p/python-progressbar/
-
-"""
-
-FOUND = []
-ALLMPA = []
-ALLCLAIMS = []
-INVOLVED = []
-PROTFILETONAME = {}
-PROTNAMETOFILE = {}
-OPTS = None
-ARGS = None
-PICKLEDATA = set()
-
-
-#---------------------------------------------------------------------------
-
-def parseArgs():
- usage = "usage: %prog [options] [inputfile]"
- description = "test-mpa.py is a test script to help with multi-protocol analysis."
- parser = OptionParser(usage=usage,description=description, version="%prog 2.0")
-
- group = OptionGroup(parser, "Bounding the search space")
- group.add_option("-m","--max-protocols",type="int",dest="maxprotocols",default=3,
- help="Define maximum number of protocols in a multi-protocol attack [3].")
-
- group.add_option("-r","--max-runs",type="int",dest="maxruns",default=4,
- help="Define maximum number of runs in the analysis [4].")
-
- group.add_option("-T","--timeout",type="int",dest="timeout",default=600,
- help="Timeout in seconds for each analysis [600].")
-
- group.add_option("-L","--limit",type="int",dest="limit",default=0,
- help="Limit the length of the list of protocols [None].")
- parser.add_option_group(group)
-
- group = OptionGroup(parser, "Matching type options")
- group.add_option("-t","--typed",dest="defoptarray",default=[],action="append_const",const="--match=0",
- help="Verify protocols with respect to a typed model (-m 0) [default]")
- group.add_option("-b","--basic-types",dest="defoptarray",default=[],action="append_const",const="--match=1",
- help="Verify protocols with respect to basic type flaws only (-m 1)")
- group.add_option("-u","--untyped",dest="defoptarray",default=[],action="append_const",const="--match=2",
- help="Verify protocols with respect to an untyped model (-m 2)")
- group.add_option("-A","--all-types",dest="alltypes",default=False,action="store_true",
- help="Verify protocols with respect to all matching types")
- parser.add_option_group(group)
-
- group = OptionGroup(parser, "Restricting self-communication")
- group.add_option("-U","--init-unique",dest="defoptarray",default=[],action="append_const",const="--init-unique",
- help="Use Scythers --init-unique switch to filter out initiators talking to themselves.")
- group.add_option("-E","--extravert",dest="defoptarray",default=[],action="append_const",const="--extravert",
- help="Use Scythers --extravert switch to filter out agents talking to themselves.")
- group.add_option("","--self-communication",dest="selfcommunication",default=False,action="store_true",
- help="Explore all self-communication restrictions (as MPA-only option).")
- parser.add_option_group(group)
-
- # Misc
- parser.add_option("","--pickle",dest="pickle",
- help="Do not invoke Scyther but write intended calls to a file with the given name.") # action="store" and type="string" are defaults
- parser.add_option("-l","--latex",dest="latex",
- help="Output latex files with the given prefix.") # action="store" and type="string" are defaults
- parser.add_option("-v","--verbose",dest="verbose",default=False,action="store_true",
- help="Be more verbose.")
- parser.add_option("-D","--debug",dest="debug",default=False,action="store_true",
- help="Enable debugging features.")
- parser.add_option("-p","--plain",dest="plain",default=False,action="store_true",
- help="Ensure plain output, e.g., no progress bars.")
-
- return parser.parse_args()
-
-#---------------------------------------------------------------------------
-
-class Attack(object):
-
- def __init__(self,claim,mpalist):
-
- self.claim = claim
- self.mpalist = mpalist
-
- def protocol(self):
- return self.claim.protocol
-
- def mpashort(self):
-
- s = []
- for fn in self.mpalist:
- ptn = os.path.normpath(fn)
- (head,tail) = os.path.split(ptn)
- s.append(tail)
-
- return s
-
- def claimid(self):
- return "%s" % (self.claim.id)
-
- def __str__(self):
- s = "(%s,%s)" % (self.claim.id, self.mpashort())
- return s
-
- def fullstr(self):
- s = "%s,%s" % (self.claim.id, self.mpalist)
- return s
-
- def __cmp__(self,other):
- s1 = self.fullstr()
- s2 = other.fullstr()
- if (s1 == s2):
- return 0
- else:
- if s1 < s2:
- return -1
- else:
- return 1
-
-
-#---------------------------------------------------------------------------
-
-
-def uniq(l):
-
- ll = []
- for x in l:
- if x not in ll:
- ll.append(x)
- return ll
-
-
-def powerset(s):
- """
- s is a set
- returns the powerset
- """
- pws = set([frozenset()])
- for el in s:
- # Double old powerset by adding its elements and also new ones
- for s2 in pws.copy():
- if len(s2) == 0:
- pws.add(frozenset([el]))
- else:
- pws.add(frozenset([el]).union(s2))
- return pws
-
-
-#---------------------------------------------------------------------------
-
-def MyScyther(protocollist,filt=None,options=[],checkpickle=True):
- """
- Evaluate the composition of the protocols in protocollist.
- If there is a filter, i.e. "ns3,I1" then only this specific claim
- will be evaluated.
-
- By default, when Pickling, no evaluation is done (checkpickle=True).
- Setting 'checkpickle' to False ignores this check and verifies anyway.
- """
- global OPTS
- global PICKLEDATA
-
- s = Scyther.Scyther()
-
- # Standard
- opts = OPTS.defoptarray + options
-
- # Cover for caching issue where no --match= option is given (default to 0)
- matchfound = False
- for opt in opts:
- if opt.startswith("--match="):
- matchfound = True
- break
- if not matchfound:
- opts.append("--match=0")
-
- # Adding other command-line parameters (i.e. with arguments)
- opts.append("-T %i" % (int(OPTS.timeout)))
- opts.append("--max-runs=%i" % (int(OPTS.maxruns)))
-
- # arguments to call
- s.options = (" ".join(sorted(uniq(opts)))).strip()
- if OPTS.debug:
- print s.options
-
- for protocol in sorted(protocollist):
- s.addFile(protocol)
- if checkpickle and OPTS.pickle:
- # Do not really verify! Just dump request if not already known
- if s.verifyOne(filt, checkKnown=True) == False:
- PICKLEDATA.add((tuple(sorted(protocollist)),s.options,filt))
- else:
- # Verify results
- s.verifyOne(filt)
- return s
-
-
-def getCorrectIsolatedClaims(protocolset,options=[]):
- """
- Given a set of protocols, determine the correct claims when run in
- isolation.
- Returns a tuple, consisting of
- - a list of compiling protocols
- - a list of tuples (protocol,claimid) wich denote correct claims
- """
- correctclaims = []
- goodprotocols = []
-
- if not OPTS.plain:
- widgets = ['Scanning for claims that are correct in isolation: ', SimpleProgress(), ' protocols (', Percentage(), ') ',
- Bar(marker='#',left='[',right=']')
- ]
- pbar = ProgressBar(widgets=widgets, maxval=len(protocolset))
- pbar.start()
- count = 0
- cpcount = 0
- for protocol in protocolset:
- # verify protocol in isolation
- s = MyScyther([protocol],options=options,checkpickle=False)
- # investigate the results
- goodprotocols.append(protocol)
- allfalse = True
- for claim in s.claims:
- global ALLCLAIMS
- global PROTFILETONAME
- global PROTNAMETOFILE
-
- if claim not in ALLCLAIMS:
- ALLCLAIMS.append(claim)
-
- if claim.okay:
- correctclaims.append((protocol,claim.id))
- allfalse = False
-
- PROTFILETONAME[protocol] = str(claim.protocol)
- PROTNAMETOFILE[str(claim.protocol)] = protocol
-
- count += 1
- if not allfalse:
- cpcount += 1
- if not OPTS.plain:
- pbar.update(count)
-
- if not OPTS.plain:
- pbar.finish()
- return (goodprotocols,correctclaims,cpcount)
-
-
-def verifyProtList(protlist,claimid,options=[]):
- """
- Check attacks on this protocol list.
- Returns True if no attack ("correct") and False if an attack is found.
- """
- s = MyScyther(protlist,claimid,options)
- claim = s.getClaim(claimid)
- if claim:
- if not claim.okay:
- return False
- return True
-
-
-
-def verifyProtSubSet(protlist,claimid,options=[]):
- """
- Check attacks on true subsets of this list.
- Note subsets must include the claim id
- """
- global OPTS
-
- ps = powerset(set(protlist))
- for s in ps:
- if (len(s) > 0) and (len(s) < len(protlist)):
- res = verifyProtList(list(s),claimid,options)
- if res == False:
- """
- If an attack is found we're actually done but for pickle we
- make an exception to generate all possible variants.
- """
- if not OPTS.pickle:
- return False
- return True
-
-
-def verifyMPAattack(mpalist,claimid,options=[]):
- """
- Check for Multi-Protocol Attacks on this protocol list.
- Returns True if no attack ("correct") and False if an MPA attack is found.
-
- First consider subsets, so if there is an attack there, don't consider others.
- """
- global OPTS
-
- res = verifyProtSubSet(mpalist,claimid,options)
- if res or OPTS.pickle:
- """
- Only really needed when no attack found but for pickle we make an
- exception to generate all possible variants.
- """
- return verifyProtList(mpalist,claimid,options)
- return True
-
-
-def verifyMPAlist(mpalist,claimid,options=[]):
- """
- Check the existence of a multi-protocol attack in this context
-
- If an attack is found, we return False, otherwise True. This is
- needed for the iteration later.
- """
- global OPTS, ARGS
-
- if OPTS.debug:
- print time.asctime(), mpalist, claimid, options
-
- if not verifyMPAattack(mpalist,claimid,options):
- global FOUND
- global ALLFOUND
- global INVOLVED
-
- claim = claimidToClaim(claimid)
-
- # This is an MPA attack!
- if OPTS.debug:
- print "I've found a multi-protocol attack on claim %s in the context %s." % (claimid,str(mpalist))
-
- att = Attack(claim,mpalist)
- FOUND.append(att)
- ALLFOUND.append(att)
-
- inv = [claim.protocol]
- for fn in mpalist:
- global PROTFILETONAME
- inv.append(PROTFILETONAME[fn])
-
- for pn in inv:
- if pn not in INVOLVED:
- INVOLVED.append(pn)
-
- #return False
-
- return True
-
-
-def constructMPAlist(protocolset,claimid,mpalist,length,start,callback,options=[]):
- """
- Append a list of parallel protocols, without duplicates,
- such that the added part is lexicographically ordered (from
- index 'start' in the protocol list)
- For each possible list, the function callback is called. If the
- callback returns true, iteration proceeds (returning true in the
- end), otherwise it aborts and returns false.
- """
- if len(mpalist) < length:
- # list is not long enough yet
- for pn in range(start,len(protocolset)):
- p = protocolset[pn]
- if p not in mpalist:
- if not constructMPAlist(protocolset,claimid,mpalist + [p],length,pn+1,callback,options=options):
- return False
- return True
- else:
- # list is long enough: callback
- return callback(mpalist,claimid,options)
-
-
-def findMPA(protocolset,protocol,claimid,options=[]):
- """
- The protocol claim is assumed to be correct. When does it break?
- """
- global OPTS
-
- # First we examine 2-protocol attacks, and then increase the
- # number of parallel protocols if we don't find any attacks on the
- # claim.
- maxcount = OPTS.maxprotocols
- count = 2
- if len(protocolset) < maxcount:
- # we cannot have more protocols in parallel than there are
- # protocols.
- maxcount = len(protocolset)
-
- # the actual incremental search loop
- while count <= maxcount:
- constructMPAlist(protocolset,claimid,[protocol],count,0,verifyMPAlist,options)
- count += 1
- return None
-
-
-def foundToDicts(attacklist = []):
- """
- Turn a list of attacks into a more structured dict of dicts
- protocolname -> claimid -> P(attack)
- """
- res = {}
- for att in attacklist:
- pn = str(att.protocol())
- cl = att.claimid()
-
- if pn not in res.keys():
- res[pn] = {}
- if cl not in res[pn].keys():
- res[pn][cl] = set()
- res[pn][cl].add(att)
- return res
-
-
-def findAllMPA(protocolset,options=[],mpaoptions=[]):
- """
- Given a set of protocols, find multi-protocol attacks
- """
-
- global FOUND
- global OPTS, ARGS
- global PROTNAMETOFILE
- global ALLCLAIMS
-
- FOUND = []
-
- # Find all correct claims in each protocol
- (protocolset,correct,cpcount) = getCorrectIsolatedClaims(protocolset,options)
- print "Investigating %i correct claims in %i protocols." % (len(correct), cpcount)
-
- mpaprots = []
- res = []
-
- if len(correct) == 0:
- print "Nothing to do."
- return res
-
- if OPTS.verbose:
- """
- When verbose, list correct claims in protocols
- """
- pmapclaims = {}
- for (protocol,claimid) in correct:
- if protocol not in pmapclaims.keys():
- pmapclaims[protocol] = set()
- pmapclaims[protocol].add(claimid)
- print "Protocols with correct claims:"
- if len(pmapclaims.keys()) == 0:
- print " None."
- else:
- for pk in pmapclaims.keys():
- print " %s, %s" % (pk, pmapclaims[pk])
- print
- left = set()
- for p in protocolset:
- if p not in pmapclaims.keys():
- left.add(p)
- print "Protocols with no correct claims:"
- if len(left) == 0:
- print " None."
- else:
- for p in left:
- print " %s" % (p)
- print
-
- # output of all claims (only if latex required)
-
- if OPTS.latex:
- clset = set()
- for claim in ALLCLAIMS:
- prot = str(claim.protocol)
- file = PROTNAMETOFILE[prot]
- clid = claim.id
- descr = claim.roledescribe()
-
- tup = (file,prot,clid,descr)
- clset.add(tup)
-
- fp = open("gen-%s-claims.txt" % (OPTS.latex),"w")
-
- fp.write("%% OPTS: %s\n" % OPTS)
- fp.write("%% ARGS: %s\n" % ARGS)
-
- for (file,prot,clid,descr) in sorted(clset):
- fp.write("%s; %s; %s; %s\n" % (file,prot,clid,descr))
-
- fp.close()
-
- # Latex output of protocols with correct claims
- if OPTS.latex:
- pmapclaims = {}
- for (protocol,claimid) in correct:
- if protocol not in pmapclaims.keys():
- pmapclaims[protocol] = set()
- pmapclaims[protocol].add(claimid)
-
- fp = open("gen-%s-correctclaims.tex" % (OPTS.latex),"w")
-
- fp.write("%% OPTS: %s\n" % OPTS)
- fp.write("%% ARGS: %s\n" % ARGS)
-
- fp.write("\\begin{tabular}{ll}\n")
- fp.write("Protocol & Claims \\\\\n")
- for protocol in sorted(pmapclaims.keys()):
- fp.write("%s & " % (PROTFILETONAME[protocol]))
- claims = sorted(pmapclaims[protocol])
- latexcl = set()
- for claimid in claims:
- claim = claimidToClaim(claimid)
- latexcl.add(claim.roledescribe())
-
- fp.write("; ".join(sorted(latexcl)))
- fp.write("\\\\\n")
- fp.write("\\end{tabular}\n")
- fp.close()
-
- # For all these claims...
- if not OPTS.plain:
- widgets = ['Scanning for MPA attacks: ', SimpleProgress(), ' claims (', Percentage(), ') ',
- Bar(marker='#',left='[',right=']'),
- ETA()
- ]
- pbar = ProgressBar(widgets=widgets, maxval=len(correct))
- pbar.start()
- count = 0
-
- # Concatenate options but add space iff needed
- alloptions = options + mpaoptions
-
- for (protocol,claimid) in correct:
- # Try to find multi-protocol attacks
- findMPA(protocolset,protocol,claimid,options=alloptions)
- count += 1
- if not OPTS.plain:
- pbar.update(count)
- if not OPTS.plain:
- pbar.finish()
-
- """
- The below computation assumes protocol names are unique to files, but if
- they are not, some other errors should have been reported by the Scyther
- backend anyway (conflicting protocol definitions in MPA analysis).
- """
- for att in FOUND:
- pn = att.protocol()
- if pn not in mpaprots:
- mpaprots.append(pn)
- res.append(att)
-
- """
- Latex table of attacks
-
- TODO : map file names to protocol names, write out claim details
-
- TODO : remove main protocol from list (it's: "MPA attacks when run in parallel with")
-
- TODO : Check whether current tests stop after finding *one* MPA attack or whether they find *all*.
-
- """
- if OPTS.latex and not OPTS.pickle:
- fp = open("gen-%s-mpaattacks.tex" % (OPTS.latex),"w")
-
- fp.write("%% OPTS: %s\n" % OPTS)
- fp.write("%% ARGS: %s\n" % ARGS)
-
- fp.write("\\begin{tabular}{lll}\n")
- fp.write("Protocol & Claim & MPA attacks \\\\ \n")
-
- # Convert to more useful structure (maybe move one level up)
- res = foundToDicts(FOUND)
-
- """
- Scan per protocol in mpaprots (maybe sorted?)
- """
- for prot in sorted(res.keys()):
- """
- List claim and then attack scenarios (to some max?)
- """
- ltprot = prot
- for claimid in sorted(res[prot].keys()):
-
- firstclaim = True
- for att in sorted(res[prot][claimid]):
-
- if firstclaim:
-
- ltclaim = att.claim.roledescribe()
- firstclaim = False
-
- attl = att.mpalist
- ltattacks = []
- for attprot in attl:
- if PROTFILETONAME[attprot] != att.claim.protocol:
- ltattacks.append(PROTFILETONAME[attprot])
-
- fp.write("%s & %s & %s \\\\ \n" % (ltprot,ltclaim,sorted(ltattacks)))
-
- # Erase for cleaner table
- ltprot = ""
- ltclaim = ""
-
- fp.write("\\end{tabular}\n")
- fp.close()
-
- print "-" * 70
- print "Summary:"
- print
- print "We scanned %i protocols with options [%s]." % (len(protocolset),options)
- print "We found %i correct claims." % (len(correct))
- print "We then scanned combinations of at most %i protocols with options [%s]." % (OPTS.maxprotocols,alloptions)
- if OPTS.pickle:
- print "However, just precomputing now, hence we are not drawing any conclusions."
- else:
- print "We found %i MPA attacks." % (len(FOUND))
- print "The attacks involve the claims of %i protocols." % (len(mpaprots))
- print "-" * 70
- print
-
- return res
-
-
-def claimidToClaim(claimid):
- """
- Return claim object given a claim id
- """
- global ALLCLAIMS
-
- for claim in ALLCLAIMS:
- if claim.id == claimid:
- return claim
-
-
-
-def showDiff(reslist):
- """
- Show difference between (opts,mpaopts,attacklist) tuples in list
- """
- if len(reslist) == 0:
- print "Comparison list is empty"
- return
-
- (opt1,mpaopt1,al1) = reslist[0]
- print "-" * 70
- print "Base case: attacks for \n [%s]:" % (opt1 + mpaopt1)
- print
- print len(al1)
- for a in al1:
- print "Base attack: %s" % (a)
-
- print "-" * 70
- print
-
- for i in range(0,len(reslist)-1):
- (opt1,mpaopt1,al1) = reslist[i]
- (opt2,mpaopt2,al2) = reslist[i+1]
-
- print "-" * 70
- print "Comparing the attacks for \n [%s] with\n [%s]:" % (opt1 + mpaopt1, opt2 + mpaopt2)
- print
- print len(al1), len(al2)
- for a in al2:
- if a not in al1:
- print "Added attack: %s" % (a)
- for a in al1:
- if a not in al2:
- print "Removed attack: %s" % (a)
-
- print "-" * 70
- print
-
-
-
-
-
-
-def makeChoices():
- """
- Make choice grid.
- Later options should (intuitively) give more attacks.
-
- [ MPAonly, (text,switch)* ]
- """
-
- global OPTS, ARGS
-
- choices = []
-
- if OPTS.alltypes:
-
- choices.append([ False, \
- ("no type flaws",["--match=0"]), \
- ("basic type flaws",["--match=1"]), \
- ("all type flaws",["--match=2"]), \
- ])
-
- if OPTS.selfcommunication:
-
- choices.append([ True, \
- ("Disallow A-A",["--extravert"]), \
- ("Allow responder A-A",["--init-unique"]), \
- ("Allow A-A",[]) \
- ])
-
- return choices
-
-
-def exploreTree( i, choices , l, options = [], mpaoptions = []):
- """
- Each choice[x] is an array again:
-
- MPAonly, (txt,arg)*
- """
-
- if i >= len(choices):
- return [(options,mpaoptions,findAllMPA(l, options = options, mpaoptions = mpaoptions))]
-
- mpaonly = choices[i][0]
- cl = choices[i][1:]
-
- res = []
- for (txt,arg) in cl:
-
- print "For choice %i, selecting options %s" % (i,txt)
- if mpaonly:
- o1 = []
- o2 = arg
- else:
- o1 = arg
- o2 = []
- res = res + exploreTree(i+1, choices, l, options = options + o1, mpaoptions = mpaoptions + o2)
-
- return res
-
-
-
-def fullScan(l, options = [], mpaoptions = []):
-
- global OPTS
- global ALLFOUND
- global ALLCLAIMS
- global INVOLVED
- global PROTNAMETOFILE
- global PROTFILETONAME
-
- ALLFOUND = []
- ALLCLAIMS = []
- INVOLVED = []
-
- if OPTS.limit > 0:
- l = l[:OPTS.limit]
-
- choices = makeChoices()
- if len(choices) == 0:
- """
- No choices, just evaluate
- """
- res = findAllMPA(l, options = options, mpaoptions = mpaoptions)
-
- else:
- lres = exploreTree(0, choices, l, options = options, mpaoptions = mpaoptions)
- if len(lres) > 1:
- if not OPTS.pickle:
- showDiff(lres)
-
- allprots = set()
- attprots = set()
- invprots = set()
- for att in ALLFOUND:
- attprots.add(str(att.protocol()))
- for cl in ALLCLAIMS:
- allprots.add(str(cl.protocol))
- for prot in INVOLVED:
- invprots.add(str(prot))
-
- if not OPTS.pickle:
- print "The bottom line: we found %i protocols with multi-protocol attacks from a set of %i protocols." % (len(attprots),len(allprots))
- print
-
- print "Multi-protocol attacks were found on:"
- for prot in sorted(list(allprots & attprots)):
- print " %s" % (prot)
- print
-
- print "No multi-protocol attacks were found on these protocols, but they caused MPA attacks:"
- for prot in sorted(list((allprots - attprots) & invprots)):
- print " %s" % (prot)
- print
-
- print "These protocols were not involved in any MPA attacks:"
- for prot in sorted(list((allprots - attprots) - invprots)):
- print " %s\t[%s]" % (prot,PROTNAMETOFILE[prot])
- print
-
-
-
-
-def bigTest():
- """
- Perform the tests as reported in the book.
- """
- import os
-
- global OPTS, ARGS
-
- l = []
- nl = []
-
- """
- Check for any given filenames
- """
- if len(ARGS) == 0:
- # No filenames given
- testpath = "Protocols/MultiProtocolAttacks/"
- fl = os.listdir(testpath)
- for fn in fl:
- if fn.endswith(".spdl"):
- nl.append(fn)
-
- # Prepend again the path
- l = []
- for fn in nl:
- l.append(testpath+fn)
- else:
- for fn in ARGS:
- l.append(fn)
- nl = l
-
- # Report list
- print "Performing multi-protocol analysis for the following protocols:", nl
-
- fullScan(l)
-
-
-
-def main():
- global OPTS, ARGS, PICKLEDATA
-
- (OPTS,ARGS) = parseArgs()
- if OPTS.pickle:
- PICKLEDATA = set()
-
- bigTest()
-
- #simpleTest()
-
- if OPTS.pickle:
- pf = open(OPTS.pickle,"wa")
- for el in PICKLEDATA:
- json.dump(el,pf)
- pf.write("\n")
- pf.close()
-
-
-if __name__ == '__main__':
- main()
-
-
-# vim: set ts=4 sw=4 et list lcs=tab\:>-:
diff --git a/Vagrant Files/shared/scyther/todo.txt b/Vagrant Files/shared/scyther/todo.txt
deleted file mode 100644
index 60e05afa63449ee5cd2599f34d0504405ce324d9..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/todo.txt
+++ /dev/null
@@ -1,29 +0,0 @@
-URGENT
-
--
-
-TO BE DONE
-
-- Config file should use Python's confParse module.
-- Save preferences in local file on close.
-
-WOULD LIKE TO HAVE
-
-- Font selector for graphs.
-- Nice graph scaling for all platforms (now only supported under Linux
- using the Python Imaging Library through postscript; currently
- wxPython does not support any cross-platform vector format out of the
- box, as SVG is still only a non-default build option.)
-- Support for using an external editor.
- - toggle for 'watch file'.
- - toggle for 'auto-verify on change' or something like that.
-- Ideally we somehow color the correct/incorrect tags in the editor.
-- Line numbering is needed for the editor window otherwise you cannot
- interpret attacks. Probably use wx.Py editor things.
-- Scyther executable should be able to be set by means of preferences.
-
-IN AN IDEAL WORLD...
-
-- Use Python modules to generate the attack graphs from the XML, also
- allow for eg. ASCII output.
-
diff --git a/Vagrant Files/shared/scyther/wiper.sh b/Vagrant Files/shared/scyther/wiper.sh
deleted file mode 100644
index 11766f70e8bd4ad8586ec39c54625ce6f2d738e2..0000000000000000000000000000000000000000
--- a/Vagrant Files/shared/scyther/wiper.sh
+++ /dev/null
@@ -1,9 +0,0 @@
-#!/bin/sh
-#
-# Wipe Brutus artefacts.
-#
-# Run as 'watch -n 10 ./wiper.sh'
-
-find lsf.* -maxdepth 0 -amin +11 -print -delete 2>&1
-
-
diff --git a/Vagrant Files/shared/example.txt.txt b/Vagrant Files/shared/test folder/example.txt.txt
similarity index 100%
rename from Vagrant Files/shared/example.txt.txt
rename to Vagrant Files/shared/test folder/example.txt.txt