wneuper/isa: src/HOL/Auth/Kerberos

     1 (*  Title:      HOL/Auth/Kerberos_BAN

     2     ID:         $Id$

     3     Author:     Giampaolo Bella, Cambridge University Computer Laboratory

     4     Copyright   1998  University of Cambridge

     6 The Kerberos protocol, BAN version.

     8 From page 251 of

     9   Burrows, Abadi and Needham.  A Logic of Authentication.

    10   Proc. Royal Soc. 426 (1989)

    11 *)

    13 Kerberos_BAN = Shared +

    15 (* Temporal modelization: session keys can be leaked

    16                           ONLY when they have expired *)

    18 syntax

    19     CT :: event list=>nat

    20     Expired :: [nat, event list] => bool

    21     RecentAuth :: [nat, event list] => bool

    23 consts

    25     (*Duration of the session key*)

    26     SesKeyLife   :: nat

    28     (*Duration of the authenticator*)

    29     AutLife :: nat

    31 rules

    32     (*The ticket should remain fresh for two journeys on the network at least*)

    33     SesKeyLife_LB "# 2 <= SesKeyLife"

    35     (*The authenticator only for one journey*)

    36     AutLife_LB    "Suc 0 <= AutLife"

    38 translations

    39    "CT" == "length"

    41    "Expired T evs" == "SesKeyLife + T < CT evs"

    43    "RecentAuth T evs" == "CT evs <= AutLife + T"

    45 consts  kerberos_ban   :: event list set

    46 inductive "kerberos_ban"

    47   intrs

    49     Nil  "[] \\<in> kerberos_ban"

    51     Fake "[| evsf \\<in> kerberos_ban;  X \\<in> synth (analz (spies evsf)) |]

    52           ==> Says Spy B X # evsf \\<in> kerberos_ban"

    55     Kb1  "[| evs1 \\<in> kerberos_ban |]

    56           ==> Says A Server {|Agent A, Agent B|} # evs1

    57                 \\<in>  kerberos_ban"

    60     Kb2  "[| evs2 \\<in> kerberos_ban;  Key KAB \\<notin> used evs2;

    61              Says A' Server {|Agent A, Agent B|} \\<in> set evs2 |]

    62           ==> Says Server A

    63                 (Crypt (shrK A)

    64                    {|Number (CT evs2), Agent B, Key KAB,

    65                     (Crypt (shrK B) {|Number (CT evs2), Agent A, Key KAB|})|})

    66                 # evs2 \\<in> kerberos_ban"

    69     Kb3  "[| evs3 \\<in> kerberos_ban;

    70              Says S A (Crypt (shrK A) {|Number Ts, Agent B, Key K, X|})

    71                \\<in> set evs3;

    72              Says A Server {|Agent A, Agent B|} \\<in> set evs3;

    73              ~ Expired Ts evs3 |]

    74           ==> Says A B {|X, Crypt K {|Agent A, Number (CT evs3)|} |}

    75                # evs3 \\<in> kerberos_ban"

    78     Kb4  "[| evs4 \\<in> kerberos_ban;

    79              Says A' B {|(Crypt (shrK B) {|Number Ts, Agent A, Key K|}),

    80 		         (Crypt K {|Agent A, Number Ta|}) |}: set evs4;

    81              ~ Expired Ts evs4;  RecentAuth Ta evs4 |]

    82           ==> Says B A (Crypt K (Number Ta)) # evs4

    83                 \\<in> kerberos_ban"

    85          (*Old session keys may become compromised*)

    86     Oops "[| evso \\<in> kerberos_ban;

    87              Says Server A (Crypt (shrK A) {|Number Ts, Agent B, Key K, X|})

    88                \\<in> set evso;

    89              Expired Ts evso |]

    90           ==> Notes Spy {|Number Ts, Key K|} # evso \\<in> kerberos_ban"

    93 end

author	wenzelm
	Fri, 05 Oct 2001 21:52:39 +0200
changeset 11701	3d51fbf81c17
parent 11465	45d156ede468
child 11704	3c50a2cd6f00
permissions	-rw-r--r--