From jlopez.ha at gmail.com Mon Jan 5 13:49:05 2009 From: jlopez.ha at gmail.com (=?ISO-8859-1?Q?Jorge_L=F3pez?=) Date: Mon, 5 Jan 2009 19:49:05 +0100 Subject: [Avispa-users] Reply attacks Message-ID: Dear all, I've a doubt. Deliverable 6.1 "List of selected problems", located at AVISPA project Web page, defines several security goals, among which G1 Entity Authentication and G3 Reply Protection can be found. Both goals are linked somehow, since in both cases the data sent as an evidence must be fresh, that is, the usage of an old one must be detected by the other peer. Several protocols described in Deliverable 6.2 "Specification of the Problems in the High Level Specification Language" fulfill G1 and G3. I'd like to know which analysis scenarios should be tested in order to ascertain that a protocol fulfills these goals. I have tested ASW protocol (which supports G1 and G3, among others) using two parallel sessions session(o,r,t,vo,vr,vt,text1) /\ session(o,r,t,vo,vr,vt,text1) , and a "reply_protection_on_no" attack is found with OFMC and "Authentication attack on (r,o,no,n1(No).text1)" with CL-AtSe. Is this scenario a valid one?? What's wrong? Thanks in advance. Best, Jorge L. Hernandez-Ardieta -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail63.csoft.net/pipermail/avispa-users/attachments/20090105/0a90d692/attachment.html From laurent.vigneron at loria.fr Wed Jan 7 04:57:37 2009 From: laurent.vigneron at loria.fr (Laurent Vigneron) Date: Wed, 07 Jan 2009 10:57:37 +0100 Subject: [Avispa-users] Reply attacks In-Reply-To: References: Message-ID: <49647C91.40705@loria.fr> Hi Jorge, For the property of replay protection, this means that you have to consider strong authententication and not weak authentication. The scenario that you consider is a classical one, for texting replay protection. Did you study the attacks to see if they are correct wrt. the protocol objectives? By the way, did you use the ASW spec of the AVISPA library? If so, did you use one copy of the server role? I ask this because this role is stronly limited: only one transition can be applied; for more transitions, you have to modify the initial value of variable Count (succ(succ(succ(t))) would mean 3 transitions). Best, Laurent. Jorge L?pez a ?crit : > Dear all, > > I've a doubt. Deliverable 6.1 "List of selected problems", located at > AVISPA project Web page, defines several security goals, among which G1 > Entity Authentication and G3 Reply Protection can be found. Both goals > are linked somehow, since in both cases the data sent as an evidence > must be fresh, that is, the usage of an old one must be detected by the > other peer. Several protocols described in Deliverable 6.2 > "Specification of the Problems in the High Level Specification Language" > fulfill G1 and G3. > > I'd like to know which analysis scenarios should be tested in order to > ascertain that a protocol fulfills these goals. I have tested ASW > protocol (which supports G1 and G3, among others) using two parallel > sessions > > session(o,r,t,vo,vr,vt,text1) /\ session(o,r,t,vo,vr,vt,text1) > > , and a "reply_protection_on_no" attack is found with OFMC and > "Authentication attack on (r,o,no,n1(No).text1)" with CL-AtSe. Is this > scenario a valid one?? What's wrong? > > Thanks in advance. > > Best, > > Jorge L. Hernandez-Ardieta From jlopez.ha at gmail.com Wed Jan 7 06:41:57 2009 From: jlopez.ha at gmail.com (=?ISO-8859-1?Q?Jorge_L=F3pez?=) Date: Wed, 7 Jan 2009 12:41:57 +0100 Subject: [Avispa-users] Reply attacks In-Reply-To: <49647C91.40705@loria.fr> References: <49647C91.40705@loria.fr> Message-ID: Hi Laurent, Yes, I used the ASW spec from the AVISPA library. I have modified Count as follows: Count := succ(succ(t)), using the same session configuration as before (2 parallel sessions and just one instance of the server role), and it seems that OFMC loops (no response in more than 12 minutes...) In relation to study the attacks respecting the protocol objectives: Is it possible that an attack found is irrelevant, maybe because the scenario was not properly set? Are not every attacks relevant? Thanks again. Jorge L. Hernandez-Ardieta PD: BTW, I posted a long mail few days ago. I don't know if it is still waiting for the moderator approval... 2009/1/7 Laurent Vigneron > > Hi Jorge, > > For the property of replay protection, this means that you have to consider > strong authententication and not weak authentication. > > The scenario that you consider is a classical one, for texting replay > protection. > Did you study the attacks to see if they are correct wrt. the protocol > objectives? > > By the way, did you use the ASW spec of the AVISPA library? > If so, did you use one copy of the server role? > I ask this because this role is stronly limited: only one transition can be > applied; for more transitions, you have to modify the initial value of > variable Count (succ(succ(succ(t))) would mean 3 transitions). > > Best, > Laurent. > > > Jorge L?pez a ?crit : > > Dear all, >> >> I've a doubt. Deliverable 6.1 "List of selected problems", located at >> AVISPA project Web page, defines several security goals, among which G1 >> Entity Authentication and G3 Reply Protection can be found. Both goals are >> linked somehow, since in both cases the data sent as an evidence must be >> fresh, that is, the usage of an old one must be detected by the other peer. >> Several protocols described in Deliverable 6.2 "Specification of the >> Problems in the High Level Specification Language" fulfill G1 and G3. >> I'd like to know which analysis scenarios should be tested in order to >> ascertain that a protocol fulfills these goals. I have tested ASW protocol >> (which supports G1 and G3, among others) using two parallel sessions >> session(o,r,t,vo,vr,vt,text1) /\ session(o,r,t,vo,vr,vt,text1) >> >> , and a "reply_protection_on_no" attack is found with OFMC and >> "Authentication attack on (r,o,no,n1(No).text1)" with CL-AtSe. Is this >> scenario a valid one?? What's wrong? >> >> Thanks in advance. >> >> Best, >> >> Jorge L. Hernandez-Ardieta >> > > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail63.csoft.net/pipermail/avispa-users/attachments/20090107/caeb95e9/attachment.html From jlopez.ha at gmail.com Fri Jan 9 09:30:21 2009 From: jlopez.ha at gmail.com (=?ISO-8859-1?Q?Jorge_L=F3pez?=) Date: Fri, 9 Jan 2009 15:30:21 +0100 Subject: [Avispa-users] Increasing memory assigned to AVISPA-SPAN Message-ID: Does anybody know how to do it? I receive next message in some tests... ----- Output error of if translator : %% Translation of D:/ThesisFramework/OFEPSPv7.0.hlpsl ----- Output error of OFMC : Heap exhausted; Current maximum heap size is 268435456 bytes (256 Mb); use `+RTS -M' to increase it. Thanks a lot in advance, Kind regards, Jorge L. Hernandez-Ardieta -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail63.csoft.net/pipermail/avispa-users/attachments/20090109/4a2b88e5/attachment.html From Thomas.Genet at irisa.fr Mon Jan 12 05:11:25 2009 From: Thomas.Genet at irisa.fr (Thomas Genet) Date: Mon, 12 Jan 2009 11:11:25 +0100 Subject: [Avispa-users] Increasing memory assigned to AVISPA-SPAN In-Reply-To: References: Message-ID: <496B174D.6090306@irisa.fr> Hi, it seems that it is an ofmc option... I tried to toggle this option by direct call to ofmc... however I did not manage... The option seems to be known by ofmc but the size increase of the heap does not seem to work.... If an ofmc guy can help... then in SPAN we can provide such an option... Best, Jorge L?pez a ?crit : > Does anybody know how to do it? > > I receive next message in some tests... > > ----- Output error of if translator : > > > %% Translation of D:/ThesisFramework/OFEPSPv7.0.hlpsl > > > ----- Output error of OFMC : > > > Heap exhausted; > Current maximum heap size is 268435456 bytes (256 Mb); > use `+RTS -M' to increase it. > > Thanks a lot in advance, > > Kind regards, > > Jorge L. Hernandez-Ardieta > > > ------------------------------------------------------------------------ > > _______________________________________________ > Avispa-users mailing list > Avispa-users at avispa-project.org > http://mail63.csoft.net/mailman/listinfo/avispa-users -- Thomas Genet - IFSIC/IRISA Campus de Beaulieu, 35042 Rennes cedex, France T?l: +33 (0) 2 99 84 73 44 E-mail: genet at irisa.fr http://www.irisa.fr/lande/genet From luca.vigano at univr.it Mon Jan 12 11:44:10 2009 From: luca.vigano at univr.it (Luca Vigano`) Date: Mon, 12 Jan 2009 17:44:10 +0100 Subject: [Avispa-users] Increasing memory assigned to AVISPA-SPAN In-Reply-To: <496B174D.6090306@irisa.fr> References: <496B174D.6090306@irisa.fr> Message-ID: Hi Jorge and Thomas here is a reply from Sebastian (and myself --- Sebastian is having troubles receiving the mails to the mailing list due to some filters, so I put him in cc explicitly). ciao. luca. ================ Sorry, this use `+RTS -M' to increase it. comes from the Haskell-Compiler --- i.e. you can increase the heap size of OFMC when compiling it with ghc. However, I do not recommend that: when you have a large memory consumption, it is better to call OFMC with the option " -d " where the is a bound for the depth of the search. Selecting 10000 or so should be on the safe side (depending on how many sessions you use ;-) Sorry, this is because of the search strategy which by default starts with breadth first, and using the option you can enforce depth-first. On Jan 12, 2009, at 11:11 , Thomas Genet wrote: > > Hi, > > it seems that it is an ofmc option... I tried to toggle this option by > direct call to ofmc... however I did not manage... The option seems to > be known by ofmc but the size increase of the heap does not seem to > work.... > > If an ofmc guy can help... then in SPAN we can provide such an > option... > > Best, > > Jorge L?pez a ?crit : >> Does anybody know how to do it? >> >> I receive next message in some tests... >> >> ----- Output error of if translator : >> >> >> %% Translation of D:/ThesisFramework/OFEPSPv7.0.hlpsl >> >> >> ----- Output error of OFMC : >> >> >> Heap exhausted; >> Current maximum heap size is 268435456 bytes (256 Mb); >> use `+RTS -M' to increase it. >> >> Thanks a lot in advance, >> >> Kind regards, >> >> Jorge L. Hernandez-Ardieta >> >> >> ------------------------------------------------------------------------ >> >> _______________________________________________ >> Avispa-users mailing list >> Avispa-users at avispa-project.org >> http://mail63.csoft.net/mailman/listinfo/avispa-users > > -- > Thomas Genet - IFSIC/IRISA > Campus de Beaulieu, 35042 Rennes cedex, France > T?l: +33 (0) 2 99 84 73 44 E-mail: genet at irisa.fr > http://www.irisa.fr/lande/genet > _______________________________________________ > Avispa-users mailing list > Avispa-users at avispa-project.org > http://mail63.csoft.net/mailman/listinfo/avispa-users -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail63.csoft.net/pipermail/avispa-users/attachments/20090112/231731dd/attachment.html From jlopez.ha at gmail.com Mon Jan 12 12:25:09 2009 From: jlopez.ha at gmail.com (=?ISO-8859-1?Q?Jorge_L=F3pez?=) Date: Mon, 12 Jan 2009 18:25:09 +0100 Subject: [Avispa-users] Increasing memory assigned to AVISPA-SPAN In-Reply-To: References: <496B174D.6090306@irisa.fr> Message-ID: Hi all, Thanks for your responses. 10.000?? I've established 17 as the maximum search depth for my protocol when using two parallel sessions, and it lasted around 10-15 minutes. I know that my protocol is a bit tough and complex, but I can't even imagine with 10.000... On the other hand, I'd like to know if it is possible to do it in SPAN. I guess it is not possible... During the testing stage, I realized that, for the same protocol and scenario conditions, OFMC in a command-line environment could not reach a result while with SPAN it lasted just two minutes... Why can it be? I am using SPAN 1.5 and AVISPA 1.1... Finally, as the error message indicates the amount of memory assigned to the process, I could check that passing +RTS -MXXm (XX for instance 1024) as an argument to ofmc (e.g. ofmc OFEPSP+_parallel.if +RTS -M1024m) actually worked...but ofmc still couldn't reach a result...with 1GB of memory. Thanks again. Best, Jorge L. Hernandez-Ardieta 2009/1/12 Luca Vigano` > Hi Jorge and Thomas > here is a reply from Sebastian (and myself --- Sebastian is having troubles > receiving the mails to the mailing list due to some filters, so I put him in > cc explicitly). > > ciao. > luca. > > ================ > > Sorry, this > > use `+RTS -M' to increase it. > > comes from the Haskell-Compiler --- i.e. you can increase the heap size of > OFMC when compiling it with ghc. > However, I do not recommend that: when you have a large memory consumption, > it is better to call OFMC with the option " -d " > where the is a bound for the depth of the search. Selecting 10000 or > so should be on the safe side (depending on how many > sessions you use ;-) Sorry, this is because of the search strategy which > by default starts with breadth first, and using the option you > can enforce depth-first. > > > > On Jan 12, 2009, at 11:11 , Thomas Genet wrote: > > > Hi, > > it seems that it is an ofmc option... I tried to toggle this option by > direct call to ofmc... however I did not manage... The option seems to > be known by ofmc but the size increase of the heap does not seem to > work.... > > If an ofmc guy can help... then in SPAN we can provide such an option... > > Best, > > Jorge L?pez a ?crit : > > Does anybody know how to do it? > > > I receive next message in some tests... > > > ----- Output error of if translator : > > > > %% Translation of D:/ThesisFramework/OFEPSPv7.0.hlpsl > > > > ----- Output error of OFMC : > > > > Heap exhausted; > > Current maximum heap size is 268435456 bytes (256 Mb); > > use `+RTS -M' to increase it. > > > Thanks a lot in advance, > > > Kind regards, > > > Jorge L. Hernandez-Ardieta > > > > ------------------------------------------------------------------------ > > > _______________________________________________ > > Avispa-users mailing list > > Avispa-users at avispa-project.org > > http://mail63.csoft.net/mailman/listinfo/avispa-users > > > -- > Thomas Genet - IFSIC/IRISA > Campus de Beaulieu, 35042 Rennes cedex, France > T?l: +33 (0) 2 99 84 73 44 E-mail: genet at irisa.fr > http://www.irisa.fr/lande/genet > _______________________________________________ > Avispa-users mailing list > Avispa-users at avispa-project.org > http://mail63.csoft.net/mailman/listinfo/avispa-users > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail63.csoft.net/pipermail/avispa-users/attachments/20090112/3604c26b/attachment.html From Thomas.Genet at irisa.fr Tue Jan 13 03:24:57 2009 From: Thomas.Genet at irisa.fr (Thomas Genet) Date: Tue, 13 Jan 2009 09:24:57 +0100 Subject: [Avispa-users] Increasing memory assigned to AVISPA-SPAN In-Reply-To: References: <496B174D.6090306@irisa.fr> Message-ID: <496C4FD9.30601@irisa.fr> Hi to you all, Jorge L?pez a ?crit : > On the other hand, I'd like to know if it is possible to do it in SPAN. > I guess it is not possible... During the testing stage, I realized that, > for the same protocol and scenario conditions, OFMC in a command-line > environment could not reach a result while with SPAN it lasted just two > minutes... Why can it be? I am using SPAN 1.5 and AVISPA 1.1... In the current version of span not **all** options filled in the main interface are taken into account for verification (this is the case for the "untyped" option of cl-atse for instance)... this was pointed out by a user and it is corrected in the version 1.6 to be available soon. However, I looked to the 1.5 sources and it seems that Depth **is** already taken into account... Did you try to use ofmc and span with the same depth option? -- Thomas Genet - IFSIC/IRISA Campus de Beaulieu, 35042 Rennes cedex, France T?l: +33 (0) 2 99 84 73 44 E-mail: genet at irisa.fr http://www.irisa.fr/lande/genet From jlopez.ha at gmail.com Tue Jan 13 03:50:24 2009 From: jlopez.ha at gmail.com (=?ISO-8859-1?Q?Jorge_L=F3pez?=) Date: Tue, 13 Jan 2009 09:50:24 +0100 Subject: [Avispa-users] Increasing memory assigned to AVISPA-SPAN In-Reply-To: <496C4FD9.30601@irisa.fr> References: <496B174D.6090306@irisa.fr> <496C4FD9.30601@irisa.fr> Message-ID: Hi Thomas, Yes, respecting -d option, in both environments worked. What surprised me is that certain analysis scenarios worked with OFMC (SPAN) - in Windows Vista - (it finished with SAFE conclusion) but with OFMC (Command line) -in a vitualized Ubuntu-, it didn't. BTW, How much does -d option decrease the level of assurance respecting a SAFE conclusion?? In my case, I selected maximum depth of 17... Thanks. Jorge L. Hernandez-Ardieta 2009/1/13 Thomas Genet > > > Hi to you all, > > > Jorge L?pez a ?crit : > >> On the other hand, I'd like to know if it is possible to do it in SPAN. I >> guess it is not possible... During the testing stage, I realized that, for >> the same protocol and scenario conditions, OFMC in a command-line >> environment could not reach a result while with SPAN it lasted just two >> minutes... Why can it be? I am using SPAN 1.5 and AVISPA 1.1... >> > > In the current version of span not **all** options filled in the > main interface > are taken into account for verification (this is the case for the "untyped" > option of cl-atse for > instance)... this was pointed out by a user and it is corrected in the > version 1.6 to be available soon. > > However, I looked to the 1.5 sources and it seems that Depth **is** > already taken into account... > Did you try to use ofmc and span with the same depth option? > > > -- > Thomas Genet - IFSIC/IRISA > Campus de Beaulieu, 35042 Rennes cedex, France > T?l: +33 (0) 2 99 84 73 44 E-mail: genet at irisa.fr > http://www.irisa.fr/lande/genet > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail63.csoft.net/pipermail/avispa-users/attachments/20090113/a74d6cf8/attachment.html From Thomas.Genet at irisa.fr Tue Jan 13 07:08:59 2009 From: Thomas.Genet at irisa.fr (Thomas Genet) Date: Tue, 13 Jan 2009 13:08:59 +0100 Subject: [Avispa-users] Increasing memory assigned to AVISPA-SPAN In-Reply-To: References: <496B174D.6090306@irisa.fr> <496C4FD9.30601@irisa.fr> Message-ID: <496C845B.3010600@irisa.fr> Jorge L?pez a ?crit : > Hi Thomas, > > Yes, respecting -d option, in both environments worked. What surprised > me is that certain analysis scenarios worked with OFMC (SPAN) - in > Windows Vista - (it finished with SAFE conclusion) but with OFMC > (Command line) -in a vitualized Ubuntu-, it didn't. Do you mean that in virtualized Ubuntu it did not terminate at all? Having experienced both OS I can say that AVISPA and SPAN are (surprisingly) much faster under windows (XP) than under linux and MacOs. In virtualized mode I can imagine that the difference is even worse! But this may justify a speed difference not a full different behavior. Thomas -- Thomas Genet - IFSIC/IRISA Campus de Beaulieu, 35042 Rennes cedex, France T?l: +33 (0) 2 99 84 73 44 E-mail: genet at irisa.fr http://www.irisa.fr/lande/genet From jlopez.ha at gmail.com Tue Jan 13 07:33:27 2009 From: jlopez.ha at gmail.com (=?ISO-8859-1?Q?Jorge_L=F3pez?=) Date: Tue, 13 Jan 2009 13:33:27 +0100 Subject: [Avispa-users] Increasing memory assigned to AVISPA-SPAN In-Reply-To: <496C845B.3010600@irisa.fr> References: <496B174D.6090306@irisa.fr> <496C4FD9.30601@irisa.fr> <496C845B.3010600@irisa.fr> Message-ID: Well, I didn't wait too much time, but the difference was quite important. I haven't got the tests results right now (I'll check them at night), but they were around few minutes (115 secs) with SPAN in Windows Vista and, on the other hand, with a virtualized Ubuntu, and command-line environment, no result in a long time (more than 15 minutes waiting). I don't know if AVISPA process was working on it or it got frozen, but in any case the time difference seems to be huge! Regards, Jorge L. Hernandez-Ardieta 2009/1/13 Thomas Genet > > > > Jorge L?pez a ?crit : > >> Hi Thomas, >> >> Yes, respecting -d option, in both environments worked. What surprised me >> is that certain analysis scenarios worked with OFMC (SPAN) - in Windows >> Vista - (it finished with SAFE conclusion) but with OFMC (Command line) -in >> a vitualized Ubuntu-, it didn't. >> > > Do you mean that in virtualized Ubuntu it did not terminate at all? > > Having experienced both OS I can say that AVISPA and SPAN are > (surprisingly) > much faster under windows (XP) than under linux and MacOs. In virtualized > mode I > can imagine that the difference is even worse! But this may justify a speed > difference not > a full different behavior. > > Thomas > > -- > Thomas Genet - IFSIC/IRISA > Campus de Beaulieu, 35042 Rennes cedex, France > T?l: +33 (0) 2 99 84 73 44 E-mail: genet at irisa.fr > http://www.irisa.fr/lande/genet > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail63.csoft.net/pipermail/avispa-users/attachments/20090113/48e26f9f/attachment-0001.html From lotustomal at yahoo.com Wed Jan 14 13:37:29 2009 From: lotustomal at yahoo.com (alinur noman) Date: Wed, 14 Jan 2009 10:37:29 -0800 (PST) Subject: [Avispa-users] Need to Know: Is integrity checking possible in AVISPA ? Message-ID: <472001.88081.qm@web33205.mail.mud.yahoo.com> Dear all, I did several works in Avispa few months back. In that time, avispa facilitates only authentication and secrecy goal. Does it support now integrity goal? Actually now I have been given a work where I have to check the integrity. I need to know one more thing. What are the advantages of using span? I never used it. I would appreciate your prompt response. Best Regards Noman -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail63.csoft.net/pipermail/avispa-users/attachments/20090114/41d82ee0/attachment.html From jlopez.ha at gmail.com Wed Jan 14 14:19:49 2009 From: jlopez.ha at gmail.com (=?ISO-8859-1?Q?Jorge_L=F3pez?=) Date: Wed, 14 Jan 2009 20:19:49 +0100 Subject: [Avispa-users] Need to Know: Is integrity checking possible in AVISPA ? In-Reply-To: <472001.88081.qm@web33205.mail.mud.yahoo.com> References: <472001.88081.qm@web33205.mail.mud.yahoo.com> Message-ID: Dear Noman, To the best of my knowledge, authentication goal (both strong and weak) includes integrity attack detections, as described in G2 - Message authentication security goal. Goals description are given in Deliverable 6.1 "List of selected problems" in AVISPA project web page, "Papers and documentation section". Regards, Jorge L. Hernandez-Ardieta 2009/1/14 alinur noman > Dear all, > > I did several works in Avispa few months back. In that time, avispa > facilitates only authentication and secrecy goal. Does it support now > integrity goal? Actually now I have been given a work where I have to check > the integrity. > > I need to know one more thing. What are the advantages of using span? I > never used it. > > I would appreciate your prompt response. > > Best Regards > Noman > > > _______________________________________________ > Avispa-users mailing list > Avispa-users at avispa-project.org > http://mail63.csoft.net/mailman/listinfo/avispa-users > > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail63.csoft.net/pipermail/avispa-users/attachments/20090114/58d5b4a4/attachment.html From Thomas.Genet at irisa.fr Thu Jan 15 07:10:57 2009 From: Thomas.Genet at irisa.fr (Thomas Genet) Date: Thu, 15 Jan 2009 13:10:57 +0100 Subject: [Avispa-users] Need to Know: Is integrity checking possible in AVISPA ? In-Reply-To: <472001.88081.qm@web33205.mail.mud.yahoo.com> References: <472001.88081.qm@web33205.mail.mud.yahoo.com> Message-ID: <496F27D1.4070207@irisa.fr> Hi, alinur noman a ?crit : > Dear all, > > I did several works in Avispa few months back. In that time, avispa > facilitates only authentication and secrecy goal. Does it support now > integrity goal? Actually now I have been given a work where I have to > check the integrity. > > I need to know one more thing. What are the advantages of using span? I > never used it. SPAN is a local (binary) version of the verification tools of AVISPA plus an interface for simulating HLPSL specifications. This makes HLPSL specification debugging more easy... Give it a try and you'll see... http://www.irisa.fr/lande/genet/span Thomas -- Thomas Genet - IFSIC/IRISA Campus de Beaulieu, 35042 Rennes cedex, France T?l: +33 (0) 2 99 84 73 44 E-mail: genet at irisa.fr http://www.irisa.fr/lande/genet From enis01amor at yahoo.fr Fri Jan 30 03:22:19 2009 From: enis01amor at yahoo.fr (chikh omar) Date: Fri, 30 Jan 2009 08:22:19 +0000 (GMT) Subject: [Avispa-users] pairing function Message-ID: <525808.6985.qm@web26008.mail.ukl.yahoo.com> Hello, Did avispa support pairing function of cryptography? ? Best regards, ********************************************** Omar Cheikhrouhou Engineer & Researcher @SENS Lab (Software Engineering and Network Security) Higher Institute of Technological Studies - Address : Mahdia's road Km 2.5 Sfax. BP 88 A - 3099 El Bustan Sfax Telephone : (+216)74 237425 Poste : 437?Fax: : (+216)74?431?386 Ph.D @ CES Lab (Computer and Embedded System)-University of Sfax, National School of Engineers BP W, Sfax, 3038, Tunisia , Fax:(+216)74665369?? Coordinator C2i @ ISET Sfax (Certified C2i since 2008) -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail63.csoft.net/pipermail/avispa-users/attachments/20090130/a25b3f16/attachment.html From Thomas.Genet at irisa.fr Fri Jan 30 06:40:00 2009 From: Thomas.Genet at irisa.fr (Thomas Genet) Date: Fri, 30 Jan 2009 12:40:00 +0100 Subject: [Avispa-users] need help In-Reply-To: <4982CE85.3020006@googlemail.com> References: <4982CE85.3020006@googlemail.com> Message-ID: <4982E710.9080703@irisa.fr> Dear Mr. AL-SHADLY, I do not do the support for the whole AVISPA software but only for the SPAN MSC drawing tool... Please send your question to the AVISPA mailing list: avispa-users at avispa-project.org Best, Thomas SALEH AL-SHADLY a ?crit : > Dear Mr. Thomas, > since few months am using AVISPA. My main work is to model a specific > protocol for PANA fast re-authentication using context transfer. > am attaching my HLPSL model and also the relevant paper. > > regarding this i ve some questions: > I test my model in many scenarios. Some of them show an attack. I list > all the scenarios here and i ll point where was the attack: > > 1) i test a singal session of the protocol > session(pac, npaa, cpaa, caaa, naaa) > there was no attack. > > 2) 2 sessions like: > a) session(pac, npaa, cpaa, caaa, naaa) > /\ session(i, npaa, cpaa, caaa, naaa) > b) session(pac, npaa, cpaa, caaa, naaa) > /\ session(pac, npaa, i, caaa, naaa) > > c) session(pac, npaa, cpaa, caaa, naaa) > /\ session(pac, npaa, cpaa, i, naaa) > > d) session(pac, npaa, cpaa, caaa, naaa) > /\ session(pac, npaa, cpaa, caaa, i) > > e) session(pac, npaa, cpaa, caaa, naaa) > /\ session(pac, npaa, cpaa, caaa, naaa) % 2 similar sessions > > in all the above scenarios (2.a - 2.d) there was no attack found. > > f) session(pac, npaa, cpaa, caaa, naaa) > /\ session(pac, i, cpaa, caaa, naaa) > > g) session(pac, npaa, cpaa, caaa, naaa) > /\ session(pac, cpaa, npaa, caaa, naaa) % replacing npaa and > cpaa with each other > > in the scenarios 2.f and 2.g there was an attack found and by using > the -short option of the CL-AtSe shown to have a similar trace. > see the attached file named "attack.txt" > > 3) 4 sessions: > session(pac, npaa, cpaa, caaa, naaa) > /\ session(i, npaa, cpaa, caaa, naaa) > /\session(pac, i, cpaa, caaa, naaa) > /\ session(pac, npaa, i, caaa, naaa) > > in this scenario also there is an attack found. see the "attack.txt" > > othere thing when i ve used OFMC to check this scenario 2.b i found a > strange (for me) result, see the file "strange.txt". > it shows zero node are visited and 1000000 plies depth. > > sorry for this long letter and many attachments. > > with many regards > yours > Saleh > -- Thomas Genet - IFSIC/IRISA Campus de Beaulieu, 35042 Rennes cedex, France T?l: +33 (0) 2 99 84 73 44 E-mail: genet at irisa.fr http://www.irisa.fr/lande/genet From SMO at zurich.ibm.com Fri Jan 30 07:36:28 2009 From: SMO at zurich.ibm.com (Sebastian Moedersheim) Date: Fri, 30 Jan 2009 13:36:28 +0100 Subject: [Avispa-users] need help In-Reply-To: <4982E710.9080703@irisa.fr> References: <4982CE85.3020006@googlemail.com> <4982E710.9080703@irisa.fr> Message-ID: Hi, > > regarding this i ve some questions: > > I test my model in many scenarios. Some of them show an attack. I list > > all the scenarios here and i ll point where was the attack: > > > > 1) i test a singal session of the protocol > > session(pac, npaa, cpaa, caaa, naaa) > > there was no attack. .... > > in this scenario also there is an attack found. see the "attack.txt" What is the question to these attacks/results? > > othere thing when i ve used OFMC to check this scenario 2.b i found a > > strange (for me) result, see the file "strange.txt". > > it shows zero node are visited and 1000000 plies depth. Sorry that is just a bug in OFMC's output, but assuming all legal issues can be cleared (as I am now working for IBM, I need to be careful about giving out programs/source code :-) there should be a new version available soon that gives you the correct number of nodes and depth. Cheers, Sebastian -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail63.csoft.net/pipermail/avispa-users/attachments/20090130/f8c90bfb/attachment.html From SMO at zurich.ibm.com Fri Jan 30 07:48:27 2009 From: SMO at zurich.ibm.com (Sebastian Moedersheim) Date: Fri, 30 Jan 2009 13:48:27 +0100 Subject: [Avispa-users] pairing function In-Reply-To: <525808.6985.qm@web26008.mail.ukl.yahoo.com> References: <525808.6985.qm@web26008.mail.ukl.yahoo.com> Message-ID: Hi, > Did avispa support pairing function of cryptography? I assume you do not mean pairing/concatenation of messages (which is of course no problem) but pairing-based encryption? In this case the answer is that we cannot model the real cryptography, but one can design formal black-box models of such primitives that may be sufficient for many applications. This is however not a trivial task and the models may require some algebraic properties that few or no backends of AVISPA can support. We are, however, working on a similar problem, and let you know when finished! Cheers, Sebastian -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail63.csoft.net/pipermail/avispa-users/attachments/20090130/a4273d53/attachment.html From alshadly09 at googlemail.com Fri Jan 30 10:00:11 2009 From: alshadly09 at googlemail.com (SALEH AL-SHADLY) Date: Fri, 30 Jan 2009 16:00:11 +0100 Subject: [Avispa-users] I need a help Message-ID: <498315FB.6070506@googlemail.com> Hi All, since few months am using AVISPA. My main work is to model a specific protocol for PANA fast re-authentication using context transfer. am attaching my HLPSL model and also the relevant paper. regarding this i ve some questions: I test my model in many scenarios. Some of them show an attack. I list all the scenarios here and i ll point where was the attack: 1) i test a singal session of the protocol session(pac, npaa, cpaa, caaa, naaa) there was no attack. 2) 2 sessions like: a) session(pac, npaa, cpaa, caaa, naaa) /\ session(i, npaa, cpaa, caaa, naaa) b) session(pac, npaa, cpaa, caaa, naaa) /\ session(pac, npaa, i, caaa, naaa) c) session(pac, npaa, cpaa, caaa, naaa) /\ session(pac, npaa, cpaa, i, naaa) d) session(pac, npaa, cpaa, caaa, naaa) /\ session(pac, npaa, cpaa, caaa, i) e) session(pac, npaa, cpaa, caaa, naaa) /\ session(pac, npaa, cpaa, caaa, naaa) % 2 similar sessions in all the above scenarios (2.a - 2.d) there was no attack found. f) session(pac, npaa, cpaa, caaa, naaa) /\ session(pac, i, cpaa, caaa, naaa) g) session(pac, npaa, cpaa, caaa, naaa) /\ session(pac, cpaa, npaa, caaa, naaa) % replacing npaa and cpaa with each other in the scenarios 2.f and 2.g there was an attack found and by using the -short option of the CL-AtSe shown to have a similar trace. see the attached file named "attack.txt" 3) 4 sessions: session(pac, npaa, cpaa, caaa, naaa) /\ session(i, npaa, cpaa, caaa, naaa) /\session(pac, i, cpaa, caaa, naaa) /\ session(pac, npaa, i, caaa, naaa) in this scenario also there is an attack found. see the "attack.txt" othere thing when i ve used OFMC to check this scenario 2.b i found a strange (for me) result, see the file "strange.txt". it shows zero node are visited and 1000000 plies depth. sorry for this long letter and many attachments. and thanx in advance.. with many regards yours Saleh