From enis01amor at yahoo.fr Mon Feb 2 04:23:20 2009 From: enis01amor at yahoo.fr (chikh omar) Date: Mon, 2 Feb 2009 09:23:20 +0000 (GMT) Subject: [Avispa-users] ECC on avispa Message-ID: <518899.34909.qm@web26005.mail.ukl.yahoo.com> Hello, I need some clarifications: 1.did Avispa support Elliptic Curve Cryptography. for example How to model DiffieHellman key agreement using ECC on avispa. 2.How to agree on avispa that two parties agree on the same key at the end of exchange of some message. 3.how to model HMAC (keyed hash function). Best regards, ********************************************** Omar Cheikhrouhou Engineer & Researcher @SENS Lab (Software Engineering and Network Security) Higher Institute of Technological Studies - Address : Mahdia's road Km 2.5 Sfax. BP 88 A - 3099 El Bustan Sfax Telephone : (+216)74 237425 Poste : 437 Fax: : (+216)74 431 386 Ph.D @ CES Lab (Computer and Embedded System)-University of Sfax, National School of Engineers BP W, Sfax, 3038, Tunisia , Fax:(+216)74665369 Coordinator C2i @ ISET Sfax (Certified C2i since 2008) -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail63.csoft.net/pipermail/avispa-users/attachments/20090202/4a87ea02/attachment.html From SMO at zurich.ibm.com Mon Feb 2 07:06:48 2009 From: SMO at zurich.ibm.com (Sebastian Moedersheim) Date: Mon, 2 Feb 2009 13:06:48 +0100 Subject: [Avispa-users] ECC on avispa In-Reply-To: <518899.34909.qm@web26005.mail.ukl.yahoo.com> References: <518899.34909.qm@web26005.mail.ukl.yahoo.com> Message-ID: Hi > 1.did Avispa support Elliptic Curve Cryptography. for example How to > model DiffieHellman key agreement using ECC on avispa. I suppose that in the black-box crypto model it will be similar to standard Diffie-Hellman. See avispa-library/IKE* for some examples. You may however go closer to crypto by modeling some algebraic properties like those of multiplication. But I am not sure that this will work very well or help to give a better model. > 2.How to agree on avispa that two parties agree on the same key at > the end of exchange of some message. See also avispa library. > 3.how to model HMAC (keyed hash function). I suggest h(k,m) where h is a function, k is the key and m is the message. Cheers, Sebastian -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail63.csoft.net/pipermail/avispa-users/attachments/20090202/05fd6e33/attachment.html From alshadly09 at googlemail.com Tue Feb 3 06:04:34 2009 From: alshadly09 at googlemail.com (SALEH AL-SHADLY) Date: Tue, 03 Feb 2009 12:04:34 +0100 Subject: [Avispa-users] doubt about syntax Message-ID: <498824C2.1030404@googlemail.com> Dear All, I ve doubt about a simple syntax in HLPSL that is: if my session role is like this: role session( A, B, S : agent, .... ) .... end role now in the environment role in composition section where i call the session role. is there a difference if i make: session( A, B, S, ...) or session(S, A, B) i mean is the sequence of the agents should be the same as in parameter list of the session role or not? thanx in advance With regards Saleh From SMO at zurich.ibm.com Tue Feb 3 09:12:31 2009 From: SMO at zurich.ibm.com (Sebastian Moedersheim) Date: Tue, 3 Feb 2009 15:12:31 +0100 Subject: [Avispa-users] doubt about syntax In-Reply-To: <498824C2.1030404@googlemail.com> References: <498824C2.1030404@googlemail.com> Message-ID: Saleh, > role session( > A, B, S : agent, > .... > ) > .... > end role > > now in the environment role in composition section where i call the > session role. is there a difference if i make: > > session( A, B, S, ...) or session(S, A, B) > > i mean is the sequence of the agents should be the same as in parameter > list of the session role or not? The order does make a difference. In fact the name of the formal parameters of the role definition have nothing to do with what variable/constant names you use call (as it is standard in programming languages, and math in general). ---Sebastian -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail63.csoft.net/pipermail/avispa-users/attachments/20090203/c4d97dbe/attachment.html From alshadly09 at googlemail.com Wed Feb 4 06:06:29 2009 From: alshadly09 at googlemail.com (SALEH AL-SHADLY) Date: Wed, 04 Feb 2009 12:06:29 +0100 Subject: [Avispa-users] parameters in avispa Message-ID: <498976B5.8090607@googlemail.com> Dear All, in my model the session role is like this: /role session( PaC, CPAA, NPAA, CAAA, NAAA : agent, PANA_Auth_Key : symmetric_key, CPAA_ID, NPAA_ID : text, NPAA_PK, NAAA_PK, CAAA_PK : public_key, NAAA_SK : symmetric_key )/ now, when i called the session form the env. role i did like this: /session(pac, cpaa, _*npaa*_, caaa, naaa, pana_auth_key, cpaa_id, _*npaa_id*_, npaa_pk, naaa_pk, caaa_pk, naaa_sk) /\ session(pac, cpaa, _*i*_, caaa, naaa, pana_auth_key, cpaa_id, *_npaa_id_*, npaa_pk, naaa_pk, caaa_pk, naaa_sk)/ my question is: is it necessary, if i ve replaced one agent by the intruder (i), to replace also its id by i's id? or not important to do so? i mean is there a difference between the above call and the following: /session(pac, cpaa, _*npaa*_, caaa, naaa, pana_auth_key, cpaa_id, _*npaa_id*_, npaa_pk, naaa_pk, caaa_pk, naaa_sk) /\ session(pac, cpaa, _*i*_, caaa, naaa, pana_auth_key, cpaa_id, *_i_id_*, npaa_pk, naaa_pk, caaa_pk, naaa_sk) with man regards Saleh / From alshadly09 at googlemail.com Wed Feb 4 07:04:31 2009 From: alshadly09 at googlemail.com (SALEH AL-SHADLY) Date: Wed, 04 Feb 2009 13:04:31 +0100 Subject: [Avispa-users] anonymity Message-ID: <4989844F.5090700@googlemail.com> Dear All, does avispa support anonymity goals , like; identity privacy, location privacy and so ..., ? and how model them? regards Saleh From SMO at zurich.ibm.com Wed Feb 4 07:29:22 2009 From: SMO at zurich.ibm.com (Sebastian Moedersheim) Date: Wed, 4 Feb 2009 13:29:22 +0100 Subject: [Avispa-users] parameters in avispa In-Reply-To: <498976B5.8090607@googlemail.com> References: <498976B5.8090607@googlemail.com> Message-ID: Saleh, > is it necessary, if i ve replaced one agent by the intruder (i), to > replace also its id by i's id? or not important to do so? > > i mean is there a difference between the above call and the following: > There is a difference, as you use different parameters. Which one is "right" depends on what you are modeling, but in most cases, the intruder should have his own keys, ids ... in the sessions where he acts under his real name. > does avispa support anonymity goals , like; identity privacy, location > privacy and so ..., ? > and how model them? No. --Sebastian -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail63.csoft.net/pipermail/avispa-users/attachments/20090204/1cb78700/attachment.html From lee_jingfeng at yahoo.com.cn Wed Feb 4 19:51:04 2009 From: lee_jingfeng at yahoo.com.cn (=?gb2312?B?vrC35SDA7g==?=) Date: Thu, 5 Feb 2009 08:51:04 +0800 (CST) Subject: [Avispa-users] unsuscribe Message-ID: <195717.14473.qm@web15903.mail.cnb.yahoo.com> unsuscribe ___________________________________________________________ ????????????????? http://card.mail.cn.yahoo.com/ From alshadly09 at googlemail.com Thu Feb 5 05:04:33 2009 From: alshadly09 at googlemail.com (SALEH AL-SHADLY) Date: Thu, 05 Feb 2009 11:04:33 +0100 Subject: [Avispa-users] parameters vs. init Message-ID: <498AB9B1.3070808@googlemail.com> Dear all, if I pass a variable , see (Apk), as a parameter or I define it (Apk) as local variable then initialize it as init Apk := apk does that make a difference? if so what is it? regards Saleh From alshadly09 at googlemail.com Thu Feb 5 10:31:00 2009 From: alshadly09 at googlemail.com (SALEH AL-SHADLY) Date: Thu, 05 Feb 2009 16:31:00 +0100 Subject: [Avispa-users] CL-AtSe trace? Message-ID: <498B0634.7050804@googlemail.com> Dear All, used CL-AtSe back-end to analyze my model and it found an attack. a part of its trace as follows: i -> (pac,9): start (pac,9) -> i: n27(NewPaC_ID).npaa_id i -> (npaa,4): NewPaC_ID(7).npaa_id (npaa,4) -> i: npaa_id.cpaa_id i -> (npaa,4): npaa_id.caaa_pk (npaa,4) -> i: n8(New_ns_id).n8(NnPAA) i -> (pac,3): start (pac,3) -> i: n1(NewPaC_ID).npaa_id .. .. .. so, if we look to the second line (n27(NewPaC_ID)) is a freshly generated nonce, now question is about the same variable (NewPaC_ID) in the following line (line 3) which has the value (NewPaC_ID(7)). is this a modified value by the intruder or new generated nonce by intruder? i really have confuse about its interpretation? may one help me! thanx Saleh From turuani at loria.fr Thu Feb 5 12:51:17 2009 From: turuani at loria.fr (Mathieu Turuani) Date: Thu, 05 Feb 2009 18:51:17 +0100 Subject: [Avispa-users] CL-AtSe trace? In-Reply-To: <498B0634.7050804@googlemail.com> References: <498B0634.7050804@googlemail.com> Message-ID: <498B2715.10902@loria.fr> Hi Saleh, The point is that when Cl-AtSe finds an attack, this attack is in fact a "template", i.e. it may not be instantiated completely. That is, some variables will get a "precise" value like n27(NewPaC_ID) which, as you said, represents a nonce (internal id n27) generated for the object NewPaC_ID. But other variables may still be free, in the sence that the attack will work independently of their value. One of them is NewPaC_ID(7), i.e. a variable (internal id 7) created to represent the variable NewPaC_ID in one of the sessions. This variable is still in the attack because CL-AtSe had no need to give it a value. Thus, you can replace it by anything, say for example the intruder's name of any atom known by all every agents at the start. Hope this helps, Mathieu Turuani SALEH AL-SHADLY wrote: > Dear All, > > used CL-AtSe back-end to analyze my model and it found an attack. a part > of its trace as follows: > > i -> (pac,9): start > > (pac,9) -> i: n27(NewPaC_ID).npaa_id > > i -> (npaa,4): NewPaC_ID(7).npaa_id > > (npaa,4) -> i: npaa_id.cpaa_id > > i -> (npaa,4): npaa_id.caaa_pk > > (npaa,4) -> i: n8(New_ns_id).n8(NnPAA) > > i -> (pac,3): start > > (pac,3) -> i: n1(NewPaC_ID).npaa_id > > .. > .. > .. > > so, if we look to the second line (n27(NewPaC_ID)) is a freshly > generated nonce, now question is about the same variable (NewPaC_ID) > in the following line (line 3) which has the value (NewPaC_ID(7)). is > this a modified value by the intruder or new generated nonce by intruder? > i really have confuse about its interpretation? > > may one help me! thanx > > Saleh > > > > _______________________________________________ > Avispa-users mailing list > Avispa-users at avispa-project.org > http://mail63.csoft.net/mailman/listinfo/avispa-users > From alshadly09 at googlemail.com Fri Feb 6 10:14:10 2009 From: alshadly09 at googlemail.com (SALEH AL-SHADLY) Date: Fri, 06 Feb 2009 16:14:10 +0100 Subject: [Avispa-users] integrity check in avispa Message-ID: <498C53C2.5040107@googlemail.com> Dear All, I d to know how to model and to set a appropriate goals of this case: i ve to parties A and B: 1) A ----> B: {text'. New_Key1_id'. Algo_id'}_New_Key2' A derives 2 keys New_Key1 and New_Key2 and computes and id for the New_Key1 and chooses a PRF and send a message as shown above the message is singed by the New_Key2. now when B will receive this message he will check its integrity using the PRF (Algo_id). and the will derive the keys and will compute the an id for the key1 and will send this message signed by the Key2 as: 2) B---->A: {text'.New_Key1_id}_New_Key2 hope i made the point!! regards Saleh From Thomas.Genet at irisa.fr Sun Feb 8 10:04:44 2009 From: Thomas.Genet at irisa.fr (Thomas Genet) Date: Sun, 08 Feb 2009 16:04:44 +0100 Subject: [Avispa-users] problems of security in Smart Card In-Reply-To: <909588.96912.qm@web27204.mail.ukl.yahoo.com> References: <909588.96912.qm@web27204.mail.ukl.yahoo.com> Message-ID: <498EF48C.8080806@irisa.fr> CHIKOUCHE Noureddine a ?crit : > Bonjour, > Autre question S.V.P > est-ce-que possible sp?cifie un protocole avec le langage HLPSL et > v?rifier par l'outil SPAN si le nombre de communicants dans le protocole > est sup?rieur de deux (dans les exemple Alice et Bob ici deux ), si non > est-ce-qu'il faut d?composer le protocole en phases et chaque phase > contient au maximum deux communicant seulement. Il peut y avoir autant de participants que vous le souhaitez... Apr?s pour toute question concernant la mod?lisation du protocole, je vous conseille de poster dans la liste avispa Des utilisateurs d'avispa... Cordialement, Thomas Genet... > > Cordialement. > > --- En date de : *Dim 8.2.09, Thomas Genet //* a > ?crit : > > De: Thomas Genet > Objet: Re: problems of security in Smart Card > ?: chiknour28 at yahoo.fr > Date: Dimanche 8 F?vrier 2009, 12h43 > > > Bonjour, > > > CHIKOUCHE Noureddine a ?crit : > > je veux demande envoyer moi s.v.p votre article que sous titre : > "Votre protocole est-il v?rifi??" , parce que est mauvaise qualit? > quand t?l?charg? a partie : MISC 39 , > > je suis d?sol? mais dans la mesure o? cet article est paru dans une revue > payante (MISC), > je n'ai pas le droit de vous donner une copie .pdf de l'article tel > quel. Par contre je joins au mail > une version similaire que je peux diffuser plus facilement. > > > > et est ce que > possible envoy? moi le manuel de *HLPSL. > > je le joins ?galement... > -- Thomas Genet - IFSIC/IRISA > Campus de Beaulieu, 35042 Rennes cedex, France > T?l: +33 (0) 2 99 84 73 44 E-mail: genet at irisa.fr > http://www.irisa.fr/lande/genet > > > ------------------------------------------------------------------------ > Ne pleurez pas si votre Webmail ferme. R?cup?rez votre historique sur > Yahoo! Mail > > -- Thomas Genet - IFSIC/IRISA Campus de Beaulieu, 35042 Rennes cedex, France T?l: +33 (0) 2 99 84 73 44 E-mail: genet at irisa.fr http://www.irisa.fr/lande/genet From alshadly09 at googlemail.com Tue Feb 10 05:34:43 2009 From: alshadly09 at googlemail.com (SALEH AL-SHADLY) Date: Tue, 10 Feb 2009 11:34:43 +0100 Subject: [Avispa-users] signed and encrypted Msg.s Message-ID: <49915843.5080007@googlemail.com> Dear all, is the modeling of singed messages and encrypted ones similar in AVISPA? or not? i mean we use the notation: {Msg}_Key for both case? regrads Saleh From laptopcss at gmx.de Tue Feb 10 06:11:27 2009 From: laptopcss at gmx.de (laptopcss at gmx.de) Date: Tue, 10 Feb 2009 12:11:27 +0100 Subject: [Avispa-users] AVISPA under windows vista Message-ID: <20090210111127.13950@gmx.net> Hello, I just started with modell checking. I want to install AVISPA on a windows vista OS. Can anyone tell me if it works and where I can find the corresponding download. In the tutorial on the homepage a discription for LINUX can be found. Thanks. -- Jetzt 1 Monat kostenlos! GMX FreeDSL - Telefonanschluss + DSL f?r nur 17,95 Euro/mtl.!* http://dsl.gmx.de/?ac=OM.AD.PD003K11308T4569a From Thomas.Genet at irisa.fr Tue Feb 10 07:10:29 2009 From: Thomas.Genet at irisa.fr (Thomas Genet) Date: Tue, 10 Feb 2009 13:10:29 +0100 Subject: [Avispa-users] AVISPA under windows vista In-Reply-To: <20090210111127.13950@gmx.net> References: <20090210111127.13950@gmx.net> Message-ID: <49916EB5.8000601@irisa.fr> Hi, you can use the SPAN distribution that includes AVISPA and that exists for windows... www.irisa.fr/lande/genet/span Best regards, Thomas laptopcss at gmx.de a ?crit : > Hello, > > I just started with modell checking. I want to install AVISPA on a windows vista OS. Can anyone tell me if it works and where I can find the corresponding download. > In the tutorial on the homepage a discription for LINUX can be found. > > Thanks. -- Thomas Genet - IFSIC/IRISA Campus de Beaulieu, 35042 Rennes cedex, France T?l: +33 (0) 2 99 84 73 44 E-mail: genet at irisa.fr http://www.irisa.fr/lande/genet