1 (* Title: HOL/Auth/Kerberos_BAN
3 Author: Giampaolo Bella, Cambridge University Computer Laboratory
4 Copyright 1998 University of Cambridge
6 The Kerberos protocol, BAN version.
9 Burrows, Abadi and Needham. A Logic of Authentication.
10 Proc. Royal Soc. 426 (1989)
13 Kerberos_BAN = Shared +
15 (* Temporal modelization: session keys can be leaked
16 ONLY when they have expired *)
20 Expired :: [nat, event list] => bool
21 RecentAuth :: [nat, event list] => bool
25 (*Duration of the session key*)
28 (*Duration of the authenticator*)
32 (*The ticket should remain fresh for two journeys on the network at least*)
33 SesKeyLife_LB "# 2 <= SesKeyLife"
35 (*The authenticator only for one journey*)
36 AutLife_LB "Suc 0 <= AutLife"
41 "Expired T evs" == "SesKeyLife + T < CT evs"
43 "RecentAuth T evs" == "CT evs <= AutLife + T"
45 consts kerberos_ban :: event list set
46 inductive "kerberos_ban"
49 Nil "[] \\<in> kerberos_ban"
51 Fake "[| evsf \\<in> kerberos_ban; X \\<in> synth (analz (spies evsf)) |]
52 ==> Says Spy B X # evsf \\<in> kerberos_ban"
55 Kb1 "[| evs1 \\<in> kerberos_ban |]
56 ==> Says A Server {|Agent A, Agent B|} # evs1
60 Kb2 "[| evs2 \\<in> kerberos_ban; Key KAB \\<notin> used evs2;
61 Says A' Server {|Agent A, Agent B|} \\<in> set evs2 |]
64 {|Number (CT evs2), Agent B, Key KAB,
65 (Crypt (shrK B) {|Number (CT evs2), Agent A, Key KAB|})|})
66 # evs2 \\<in> kerberos_ban"
69 Kb3 "[| evs3 \\<in> kerberos_ban;
70 Says S A (Crypt (shrK A) {|Number Ts, Agent B, Key K, X|})
72 Says A Server {|Agent A, Agent B|} \\<in> set evs3;
74 ==> Says A B {|X, Crypt K {|Agent A, Number (CT evs3)|} |}
75 # evs3 \\<in> kerberos_ban"
78 Kb4 "[| evs4 \\<in> kerberos_ban;
79 Says A' B {|(Crypt (shrK B) {|Number Ts, Agent A, Key K|}),
80 (Crypt K {|Agent A, Number Ta|}) |}: set evs4;
81 ~ Expired Ts evs4; RecentAuth Ta evs4 |]
82 ==> Says B A (Crypt K (Number Ta)) # evs4
85 (*Old session keys may become compromised*)
86 Oops "[| evso \\<in> kerberos_ban;
87 Says Server A (Crypt (shrK A) {|Number Ts, Agent B, Key K, X|})
90 ==> Notes Spy {|Number Ts, Key K|} # evso \\<in> kerberos_ban"