From wafa.jaballah at gmail.com Mon Jul 5 09:12:38 2010 From: wafa.jaballah at gmail.com (wafa jaballah) Date: Mon, 5 Jul 2010 15:12:38 +0200 Subject: [Avispa-users] avispa: delay of messages Message-ID: Hello, I would like to know if AVISPA can model the delay of messages. If it is, what is the general method to do it. Thanks, -- Best Regards, Wafa Ben Jaballah -------------- next part -------------- An HTML attachment was scrubbed... URL: From David.von.Oheimb at siemens.com Mon Jul 5 09:20:24 2010 From: David.von.Oheimb at siemens.com (David von Oheimb) Date: Mon, 05 Jul 2010 15:20:24 +0200 Subject: [Avispa-users] avispa: delay of messages In-Reply-To: References: Message-ID: <4C31DC18.4010402@siemens.com> Hello Wafa, > I would like to know if AVISPA can model the delay of messages. > If it is, what is the general method to do it. as AVISPA does not support time, there is no way of explicitly modeling delay. In fact, the built-in usual Dolev-Yao intruder model implicitly incurs arbitrary delay (or even suppression) of message transmission. Best, David From jjnalli at gmail.com Tue Jul 6 05:37:59 2010 From: jjnalli at gmail.com (jjnalli at gmail.com) Date: 6 Jul 2010 15:07:59 +0530 Subject: [Avispa-users] Need your help Message-ID: <20100706093759.1789.qmail@greenpeace.in> Spam detection software, running on the system "leary2.csoft.net", has identified this incoming email as possible spam. The original message has been attached to this so you can view it (if it isn't spam) or label similar future email. If you have any questions, see https://csoft.net/contact.html for details. Content preview: Hi , This is exciting! Along with 187,759 people I signed a petition asking the Prime Minister to hold a public consultation before taking a decision on the nuclear liability bill. These petitions were delivered to the Standing Committee looking at the bill and now they have decided to hold a public consultation. [...] Content analysis details: (7.3 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 1.9 DATE_IN_PAST_06_12 Date: is 6 to 12 hours before Received: date 0.0 HTML_MESSAGE BODY: HTML included in message 1.7 MIME_HTML_ONLY BODY: Message only has text/html MIME parts 1.1 HTML_EXTRA_CLOSE BODY: HTML contains far too many close tags 1.5 NULL_IN_BODY FULL: Message has NUL (ASCII 0) byte in message 1.1 HTML_MIME_NO_HTML_TAG HTML-only message, but there is no HTML tag 0.1 RDNS_NONE Delivered to trusted network by a host with no rDNS The original message was not completely plain text, and may be unsafe to open with some email clients; in particular, it may contain a virus, or confirm that your address can receive spam. If you wish to view it, it may be safer to save it to a file and open it with an editor. -------------- next part -------------- An embedded message was scrubbed... From: Subject: Need your help Date: 6 Jul 2010 15:07:59 +0530 Size: 2226 URL: From wafa.jaballah at gmail.com Thu Jul 8 09:55:42 2010 From: wafa.jaballah at gmail.com (wafa jaballah) Date: Thu, 8 Jul 2010 15:55:42 +0200 Subject: [Avispa-users] specification in HLSPL Message-ID: Hello, Is this specification correct (the assigning of the image of H_1,H_2 and H_3) or should I prime them ? H_1,H_2,H_3 are hash function. state = 1 /\ RCV(Time) /\ K_prev_c_1 = F(K') /\ Time /= N =|> State':= 1 /\ M' := new() /\ *H_1(hash_(K',M')):= 1* * /\ H_2(hash_(K',M')) := 2 * * /\ H_3(hash_(K',M')) := 3* * /\ H_1(hash_(K_prev_c_1',M')): = 4 * * /\ H_2(hash_(K_prev_c_1',M')) := 5 * * /\ H_3(hash_(K_prev_c_1',M')) := 6* * * * * * * Your help is very appreciated, Thanks, -- Best Regards, Wafa Ben Jaballah -------------- next part -------------- An HTML attachment was scrubbed... URL: From wafa.jaballah at gmail.com Fri Jul 9 09:43:33 2010 From: wafa.jaballah at gmail.com (wafa jaballah) Date: Fri, 9 Jul 2010 15:43:33 +0200 Subject: [Avispa-users] set or array in HLPSL Message-ID: Hello, How we can manage set or array of elements in HLPSL? I want to know how could I access an element in a set. For example, Filter1' := {X_1', X_2', X_3', X_4', X_5', X_6'} Thanks, -- Best Regards, Wafa Ben Jaballah -------------- next part -------------- An HTML attachment was scrubbed... URL: From wafa.jaballah at gmail.com Tue Jul 13 11:28:51 2010 From: wafa.jaballah at gmail.com (wafa jaballah) Date: Tue, 13 Jul 2010 17:28:51 +0200 Subject: [Avispa-users] initialising an empty set Message-ID: Hello, Please could someone tell me what is the correct initialisation of an empty set. I try doing this: local State: nat, *Filter1 : text set* const k_N,k_N1: symmetric_key init *Filter1:= { }*, State := 0 transition // code hlpsl I have the following error in this line of code : init *Filter1:= { }*, State := 0 The error is : Syntax error: Line 16, Col 22 (offset 510-510, string ",") %% Syn.Err(8): missing "}" I think that I'm correct because I follow the code in hlspl tutorial. So, what is wrong? Thanks, -- Best Regards, Wafa Ben Jaballah -------------- next part -------------- An HTML attachment was scrubbed... URL: From Tigran.Avanesov at loria.fr Tue Jul 13 14:36:54 2010 From: Tigran.Avanesov at loria.fr (Tigran.Avanesov at loria.fr) Date: Tue, 13 Jul 2010 20:36:54 +0200 Subject: [Avispa-users] initialising an empty set In-Reply-To: References: Message-ID: <20100713203654.56646es969p0leti@webmail.loria.fr> You use wrong syntax for init: if you want to instantiate several variables, you should use '/\' and in your spec ',' is used. For your example: init Filter1:= {} /\ State := 0 wafa jaballah : > Hello, > > Please could someone tell me what is the correct initialisation of an empty > set. > > I try doing this: > > > local State: nat, > > *Filter1 : text set* > > > const k_N,k_N1: symmetric_key > > init *Filter1:= { }*, State := 0 > > transition > > // code hlpsl > > I have the following error in this line of code : init *Filter1:= > { }*, State := 0 > > The error is : > Syntax error: Line 16, Col 22 (offset 510-510, string ",") > %% Syn.Err(8): missing "}" > > I think that I'm correct because I follow the code in hlspl tutorial. So, > what is wrong? > > Thanks, > > > > > > -- > > Best Regards, > Wafa Ben Jaballah > From jwang at whu.edu.cn Tue Jul 13 15:27:08 2010 From: jwang at whu.edu.cn (jwang whu.edu.cn (jwang)) Date: Tue, 13 Jul 2010 12:27:08 -0700 Subject: [Avispa-users] why the specification can not executed by ATSE Message-ID: Hi,Everybody, Now I model a protocol in HLPSL, but the specification is executed only by OFMC, ATSE can not execute it and all its statistics states are 0. I do not know why it is? Is my protocol specification not right? Looking forward to your reply as soon as possible. Thank you. Juan From jwang at whu.edu.cn Tue Jul 13 15:28:25 2010 From: jwang at whu.edu.cn (jwang whu.edu.cn (jwang)) Date: Tue, 13 Jul 2010 12:28:25 -0700 Subject: [Avispa-users] How AVISPA verifies the freshness of message Message-ID: Hi, I have found an reply attack to a protocol because the protocol lacks freshness number. So I added timestamps in the protocol. Then I run the protocol in OFMC, I can not find the replay attack.It is a miracle. I can not believe the result. I want to know how AVISPA verifies the freshness of message. Looking forward to your reply. Juan From wafa.jaballah at gmail.com Wed Jul 14 11:19:32 2010 From: wafa.jaballah at gmail.com (wafa jaballah) Date: Wed, 14 Jul 2010 17:19:32 +0200 Subject: [Avispa-users] array in avispa Message-ID: Hello, Could Avispa support array (or vector manipulation)? How to declare an array in avispa? I know that set and collection are supported but for array I don't know Your help is very appreciated. Thanks, -- Best Regards, Wafa Ben Jaballah -------------- next part -------------- An HTML attachment was scrubbed... URL: From wafa.jaballah at gmail.com Thu Jul 15 08:53:32 2010 From: wafa.jaballah at gmail.com (wafa jaballah) Date: Thu, 15 Jul 2010 14:53:32 +0200 Subject: [Avispa-users] ofmc.exe: Parse error Message-ID: Hello, I have written this following hlspl code : role sender (.................) %%%%%%some code played_by S def= local State: nat, Time, N, N1: message, % current time and final time, should be: text, *Filter1, Filter2 : (message) set,* * FilterLogic : (message) set,* K_commit_pub, K_prevcdm, K_prev, K_prev_c_1, K_prev_c_2, K,K1,X_1,X_2,X_3,X_4,X_5,X_6,Y_1,Y_2: message, % should be: symmetric_key, M: text const k_N,k_N1: symmetric_key init Filter1:= { } /\ State := 0 /\ Filter2 :={1,1,1,1,1,1,0,0} transition 0. State = 0 /\ RCV(start) =|> State':= 1 /\ // rest of code 1. State = 1 /\ RCV(Time) /\ K_prev_c_1 = F(K') /\ Time /= N =|> State':= 1 /\ M' := new() /\ Y_1':= hash_(K',M') /\ Y_2':= hash_(K_prev_c_1', M') /\ X_1':= H_1 (Y_1') /\ X_2':= H_2 (Y_1') /\ X_3':= H_3 (Y_1') /\ X_4':= H_1 (Y_2') /\ X_5':= H_2 (Y_2') /\ X_6':= H_3 (Y_2') /\ Filter1':= cons(X_6', cons(X_5', cons (X_4', cons( X_3', cons(X_2', cons(X_1', Filter1)))))) /\ Filter2':= delete ( X_6 , delete ( X_5 , delete ( X_4 , delete ( X_3 ,delete ( X_2 ,delete (X_1,Filter1')))))) /\ FilterLogic' := {1,1,1,1,1,1,0,0,0,0} /\ SND(M'.Filter2'. FilterLogic'.F(F(K')) ) /\ K_prev_c_1' := K' /\ Time' := tick(Time) /\ witness(S,S,sender_msgstream,M') %msgstream should be: tick(Time) end role role receiver(R, S: agent, SYNC, RCV: channel(dy), F,F01,H_1,H_2,H_3: hash_func, K_S: symmetric_key) played_by R def= local State: nat, Time, N,N1: message, % should be: text, * Filter1, Filter_prev, FilterLogic1, FilterLogic_prev : (message) set* % some receiver code compare_and_buffer. RCV(start) /\ State = 5 /\ Compare = true /\ Gap2 = Gap /\ in (H_1( hash_(K_prev2,M_prev)), Filter_prev) /\ in (H_2( hash_(K_prev2,M_prev)), Filter_prev) /\ in (H_3( hash_(K_prev2,M_prev)), Filter_prev) /\ in (H_1(hash_(K_prev_c_1,M_prev)), Filter_prev) /\ in (H_2(hash_(K_prev_c_1,M_prev)), Filter_prev) /\ in (H_3(hash_(K_prev_c_1,M_prev)), Filter_prev) /\ in (1, FilterLogic_prev) /\ K_prev_c_1 = F(K_prev2) =|> State':= 4 /\ K_prev_c_1':= F(K_published) /\ M_prev':= M1 /\ Filter_prev':= Filter1 /\ T_prev':= tick(Time) /\ Compare':= true /\ Gap':= zero /\ Time':= tick(Time) /\ SYNC(Time'.compared_and_buffered) /\ request(S,S,sender_msgstream,M_prev) end role Then,I have the following error when running OFMC ---- Output error of if translator : %% Translation of C:/Users/wafa/Desktop/version2BF.hlpsl ----- Output error of OFMC : ofmc.exe: Parse error at line 92, column 14 The error is related to : * Filter1, Filter_prev, FilterLogic1, FilterLogic_prev : (message) set. * * * I have chosen type message which is a general type of message contents. But I still have this error. Thanks, -- Best Regards, Wafa Ben Jaballah -------------- next part -------------- An HTML attachment was scrubbed... URL: From enis01amor at yahoo.fr Fri Jul 16 05:18:55 2010 From: enis01amor at yahoo.fr (Omar Cheikhrouhou (yahoo)) Date: Fri, 16 Jul 2010 10:18:55 +0100 Subject: [Avispa-users] concatenation and mac Message-ID: <001301cb24c7$ef108440$cd318cc0$@yahoo.fr> Does this statement SND(Ni. Gid.T3'. MAC(Ni. Gid. T3', K) Means sending a message containing Ni, Gid, T3' and protected by a MAC() with key k? How to make concatenation in hlpsl? Thanks for help -------------- next part -------------- An HTML attachment was scrubbed... URL: From nerea.toledo at ehu.es Fri Jul 16 05:29:40 2010 From: nerea.toledo at ehu.es (Nerea Toledo Gandarias) Date: Fri, 16 Jul 2010 11:29:40 +0200 Subject: [Avispa-users] simulation performance Message-ID: <4C402684.5010009@ehu.es> Hi all, I'm facing some problems when verifying the security of my protocol. I have checked its executability, and everything goes OK. However, when verifying its security it spends loads of time (even hours!) to provide me an output, specially if I include several sessions where intruders are placed (hopefully it says that it is safe!). I've tried both, CL-ATSE and OFMC backends. The problem persists regardless doing it in the command window or with the SPAN tool. The protocol uses both, symmetric and asymmetric cryptography, but I don't define symmetric_key type parameters, as encryption keys are derived from the protocol itself (Diffie-Hellman alike), and are further utilized for encrypting several parameters. This is driving me mad, so I would really appreciate some insight. Thanks in advance, Nerea -- From enis01amor at yahoo.fr Fri Jul 16 05:56:34 2010 From: enis01amor at yahoo.fr (Omar Cheikhrouhou (yahoo)) Date: Fri, 16 Jul 2010 10:56:34 +0100 Subject: [Avispa-users] message delay Message-ID: <002a01cb24cd$2d25aad0$87710070$@yahoo.fr> I use timestamp to provide freshness of message. How, can I model that the received time is not too late per report the local time? how to verify the validity of time (T of receive is not too late than time of send) -------------- next part -------------- An HTML attachment was scrubbed... URL: From enis01amor at yahoo.fr Fri Jul 16 13:59:45 2010 From: enis01amor at yahoo.fr (Omar Cheikhrouhou (yahoo)) Date: Fri, 16 Jul 2010 18:59:45 +0100 Subject: [Avispa-users] protocol simulation Message-ID: <005501cb2510$ae2759b0$0a760d10$@yahoo.fr> HELLO, WHEN I clik on < protocol simulation" botton of span I do not see any message What are the possible reason and how to see message exchange of my protocol? Thanks for help -------------- next part -------------- An HTML attachment was scrubbed... URL: From wafa.jaballah at gmail.com Sat Jul 17 11:23:49 2010 From: wafa.jaballah at gmail.com (wafa jaballah) Date: Sat, 17 Jul 2010 17:23:49 +0200 Subject: [Avispa-users] ouptut : explanantion Message-ID: Hello I have executed my protocol using OFMC. 1) First, without session compilation option and without an intruder session , it gives me that the protocol is SAFE . 2) Second, without session compilation option and with an intruder session, it gives me that the protocol is SAFE 3) Third, with the session compilation option and without an intruder session, it gives me that the protocol is also SAFE. 4) Fourth, with the session compilation option and with an intruder session, it gives me the following output: Output error of if translator : %% Translation of C:/Users/Wafa/Desktop/protocolauthfilter.hlpsl ----- Output error of OFMC : ofmc.exe: OFMC can't see how the protocol can be executed. See manual for more information. When using the session compilation option, OFMC will first perform a search with a passive intruder to check whether the honest agents can execute the protocol, and then give the intruder the knowledge of some ?normal? sessions between honest agents. In the case certain steps cannot be executed by any honest agent, OFMC reports that the protocol is not executable and stops. Is this indicates that there is an error in the specification? Thanks, -- Best Regards, Wafa Ben Jaballah -------------- next part -------------- An HTML attachment was scrubbed... URL: From zahisalima at yahoo.fr Mon Jul 19 07:44:07 2010 From: zahisalima at yahoo.fr (Zahi Salima) Date: Mon, 19 Jul 2010 11:44:07 +0000 (GMT) Subject: [Avispa-users] =?iso-8859-1?q?Probl=E9me_dans_web_Interface_de_AV?= =?iso-8859-1?q?ISPA?= Message-ID: <108724.11589.qm@web24808.mail.ird.yahoo.com> Salut, J'ai trouve des probl?mes apr?s d'installation l'interface web du plateforme AVISPA (http://www.avispa-project.org/web_interface.tgz) sur mon PC. je mentionn? que le systeme d'explotation est Windowd XP et d?ja install? EasyPHP (inclut Appache). Apr?s lancement le site (http://127.0.0.1/web_interface/), les messages d'erreur sont: Notice: Undefined index: aol in C:\Program Files\EasyPHP5.2.10\www\web_interface\include\browser.php on line 257 Notice: Undefined variable: save_file_x in C:\Program Files\EasyPHP5..2.10\www\web_interface\index.php on line 40 Notice: Undefined variable: user_file in C:\Program Files\EasyPHP5.2..10\www\web_interface\index.php on line 75 Notice: Undefined variable: test_file in C:\Program Files\EasyPHP5.2..10\www\web_interface\index.php on line 76 Notice: Undefined variable: edit_file_x in C:\Program Files\EasyPHP5..2.10\www\web_interface\index.php on line 77 Notice: Undefined variable: save_file_x in C:\Program Files\EasyPHP5..2.10\www\web_interface\index.php on line 78 et d'autres message de m?me type. J'attends votre r?ponse Bien cordialement -------------- next part -------------- An HTML attachment was scrubbed... URL: From enis01amor at yahoo.fr Tue Jul 20 06:12:02 2010 From: enis01amor at yahoo.fr (Omar Cheikhrouhou (yahoo)) Date: Tue, 20 Jul 2010 11:12:02 +0100 Subject: [Avispa-users] simulation error Message-ID: <019401cb27f3$ffccd020$ff667060$@yahoo.fr> I use SPAN to simulate my protocol. However, when press the botton "protocol simulation" I get the following error: ----- Output error of protocol simulation : %% Fatal error: exception Failure("lexing: empty token") Does anybody know the possible cause of this problem and how to resolve it? Tanks in advance, -------------- next part -------------- An HTML attachment was scrubbed... URL: From enis01amor at yahoo.fr Tue Jul 20 07:41:21 2010 From: enis01amor at yahoo.fr (chikh omar) Date: Tue, 20 Jul 2010 04:41:21 -0700 (PDT) Subject: [Avispa-users] Re : ouptut : explanantion In-Reply-To: References: Message-ID: <702497.73419.qm@web26005.mail.ukl.yahoo.com> hello, what do you think about ?this tools of specification: http://www.tlaplus.net/tools/tla-toolbox/ Best regards, ********************************************** Omar Cheikhrouhou Engineer & Researcher @SENS Lab (Software Engineering and Network Security) Higher Institute of Technological Studies - Address : Mahdia's road Km 2.5 Sfax. BP 88 A - 3099 El Bustan Sfax Telephone : (+216)74 237425 Poste : 437?Fax: : (+216)74?431?386 Ph.D @ CES Lab (Computer and Embedded System)-University of Sfax, National School of Engineers BP W, Sfax, 3038, Tunisia , Fax:(+216)74665369 Home page: http://www.ceslab.org/eng/perso.php?id=46 Coordinator C2i @ ISET Sfax (Certified C2i since 2008) ________________________________ De : wafa jaballah ? : avispa-users at avispa-project.org Envoy? le : Sam 17 juillet 2010, 16h 23min 49s Objet?: [Avispa-users] ouptut : explanantion Hello I have executed my protocol using OFMC. 1) First, without session compilation option ?and ?without an intruder session , it gives me that the protocol is SAFE . 2) ?Second, without session compilation option and with an intruder session, it gives me that the protocol is SAFE 3) Third, with the session ?compilation option and without an intruder session, it gives me that the protocol is also SAFE. 4) Fourth, with the session compilation option and ?with an intruder session, it gives me the following output:? Output error of if translator : %% Translation of C:/Users/Wafa/Desktop/protocolauthfilter.hlpsl ----- Output error of OFMC : ofmc.exe: OFMC can't see how the protocol can be executed. See manual for more information. When using the ?session compilation option, OFMC will first perform a search with a passive intruder to check whether the honest agents can execute the protocol, and then give the intruder the knowledge of some ?normal? sessions between honest agents. In the case certain steps cannot be executed by any honest agent, OFMC reports that the protocol is not executable and stops.? Is this indicates that there is an error in the ?specification? Thanks, -- Best Regards, Wafa Ben Jaballah -------------- next part -------------- An HTML attachment was scrubbed... URL: From wafa.jaballah at gmail.com Thu Jul 22 05:10:31 2010 From: wafa.jaballah at gmail.com (wafa jaballah) Date: Thu, 22 Jul 2010 11:10:31 +0200 Subject: [Avispa-users] attacks Message-ID: Hello, Is there a difference between parallel session attack in avispa and replay attacks? Thanks, -- Best Regards, Wafa Ben Jaballah -------------- next part -------------- An HTML attachment was scrubbed... URL: From laurent.vigneron at loria.fr Thu Jul 22 05:18:53 2010 From: laurent.vigneron at loria.fr (Laurent Vigneron) Date: Thu, 22 Jul 2010 11:18:53 +0200 Subject: [Avispa-users] attacks In-Reply-To: References: Message-ID: <4C480CFD.7070105@loria.fr> Dear Wafa, Both are related: a replay attack is the use in a new session of some information (in general an entire message) of an old session; so in general, this is possible thanks to the specification of "parallel" sessions in the scenario ("parallel" in quotes because sessions are often sequential in fact). But parallel sessions may generate other kinds of attacks. Laurent. Le 22/07/2010 11:10, wafa jaballah a ?crit : > Hello, > > Is there a difference between parallel session attack in avispa and > replay attacks? > > Thanks, > > -- > > Best Regards, > Wafa Ben Jaballah From wafa.jaballah at gmail.com Thu Jul 22 05:32:58 2010 From: wafa.jaballah at gmail.com (wafa jaballah) Date: Thu, 22 Jul 2010 11:32:58 +0200 Subject: [Avispa-users] attacks In-Reply-To: <4C480CFD.7070105@loria.fr> References: <4C480CFD.7070105@loria.fr> Message-ID: Thanks Laurent. So in avispa I can model some attacks like parallel session , sequential session and replay attacks,. But I don't know how I can model DoS attacks? I treat all the cases but I can't find how to achieve the DoS attack. I'm sure that there is a method to detect this but I can't find it. Is there a specification that model this attack ? Can it be modeled by AVISPA? Your help is very appreciated, Thanks, 2010/7/22 Laurent Vigneron > Dear Wafa, > > Both are related: a replay attack is the use in a new session of some > information (in general an entire message) of an old session; so in general, > this is possible thanks to the specification of "parallel" sessions in the > scenario ("parallel" in quotes because sessions are often sequential in > fact). > But parallel sessions may generate other kinds of attacks. > > Laurent. > > > Le 22/07/2010 11:10, wafa jaballah a ?crit : > > Hello, >> >> Is there a difference between parallel session attack in avispa and >> replay attacks? >> >> Thanks, >> >> -- >> >> Best Regards, >> Wafa Ben Jaballah >> > -- Best Regards, Wafa Ben Jaballah -------------- next part -------------- An HTML attachment was scrubbed... URL: From rtanner1 at trinity.edu Thu Jul 22 16:13:10 2010 From: rtanner1 at trinity.edu (Ryan Tanner) Date: Thu, 22 Jul 2010 15:13:10 -0500 Subject: [Avispa-users] Using a hash function as a key? Message-ID: <1C7014B6-5388-433F-A412-441CD4EC3454@trinity.edu> Hello all, I'm trying to use a hash of a nonce and a symmetric key as a key. This should be possible, but I can't get it to work. Using --ofmc -sessco always returns with "can't see how this could be executed." I'm looking at the test suite included with AVISPA and I see a few protocols that do just this (EKE, IKEv2-MAC) and they run with those options, but I can't figure out what I'm doing differently. Any caveats or common mistakes I'm just not aware of when doing this? Thanks, Ryan Tanner From laurent.vigneron at loria.fr Fri Jul 23 02:50:23 2010 From: laurent.vigneron at loria.fr (Laurent Vigneron) Date: Fri, 23 Jul 2010 08:50:23 +0200 Subject: [Avispa-users] Using a hash function as a key? In-Reply-To: <1C7014B6-5388-433F-A412-441CD4EC3454@trinity.edu> References: <1C7014B6-5388-433F-A412-441CD4EC3454@trinity.edu> Message-ID: <4C493BAF.1050404@loria.fr> Hello Ryan, You can use any message as a symmetric key, including the hash of a nonce. But you have pay attention to the reception. For example, if you send {M}_H(N), the receiver will get : - either X', if he does not know H(N) - or {M'}_H(N) if he knows H and N (but not M) - or {M'}_HN if he knows HN (but not M) that is supposed to be the value of H(N); then, HN has to be of type message or hash(text). Laurent. Le 22/07/2010 22:13, Ryan Tanner a ?crit : > Hello all, > > I'm trying to use a hash of a nonce and a symmetric key as a key. This should be possible, but I can't get it to work. Using --ofmc -sessco always returns with "can't see how this could be executed." I'm looking at the test suite included with AVISPA and I see a few protocols that do just this (EKE, IKEv2-MAC) and they run with those options, but I can't figure out what I'm doing differently. Any caveats or common mistakes I'm just not aware of when doing this? > > Thanks, > Ryan Tanner From enis01amor at yahoo.fr Fri Jul 23 05:48:08 2010 From: enis01amor at yahoo.fr (Omar Cheikhrouhou (yahoo)) Date: Fri, 23 Jul 2010 10:48:08 +0100 Subject: [Avispa-users] list of security services that we can specify Message-ID: <00b101cb2a4c$57a826f0$06f874d0$@yahoo.fr> I would like to know the (exhaustive) security services that we can specify in avispa ? Thanks for clarification ********************************************** Omar Cheikhrouhou Engineer & Researcher @SENS Lab (Software Engineering and Network Security) Higher Institute of Technological Studies - Address : Mahdia's road Km 2.5 Sfax. BP 88 A - 3099 El Bustan Sfax Telephone : (+216)74 237425 Poste : 437 Fax: : (+216)74 431 386 Ph.D @ CES Lab (Computer and Embedded System)-University of Sfax, National School of Engineers BP W, Sfax, 3038, Tunisia , Fax:(+216)74665369 Home page: http://www.ceslab.org/eng/perso.php?id=46 Coordinator C2i @ ISET Sfax (Certified C2i since 2008) -------------- next part -------------- An HTML attachment was scrubbed... URL: From enis01amor at yahoo.fr Fri Jul 23 06:36:12 2010 From: enis01amor at yahoo.fr (chikh omar) Date: Fri, 23 Jul 2010 10:36:12 +0000 (GMT) Subject: [Avispa-users] Re : list of security services that we can specify In-Reply-To: <4C49664B.9070807@loria.fr> References: <00b101cb2a4c$57a826f0$06f874d0$@yahoo.fr> <4C49664B.9070807@loria.fr> Message-ID: <433478.91221.qm@web26002.mail.ukl.yahoo.com> ?how to verify replay attack? My protocol specification is attached. Please take a look and give me your feed back. thanks a lot for help ________________________________ De : Laurent Vigneron ? : Omar Cheikhrouhou (yahoo) Envoy? le : Ven 23 juillet 2010, 10h 52min 11s Objet?: Re: [Avispa-users] list of security services that we can specify Hum... a short answer would be: look in the documentation... :) The main properties that can be studied are secrecy and authentication (weak or strong). Laurent. Le 23/07/2010 11:48, Omar Cheikhrouhou (yahoo) a ?crit : > I would like to know the (exhaustive) security services that we can > specify in avispa ? > > Thanks for clarification > > *********************************************** > Omar Cheikhrouhou -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: riseg_group_creation.hlpsl Type: application/octet-stream Size: 2663 bytes Desc: not available URL: From enis01amor at yahoo.fr Fri Jul 23 06:44:37 2010 From: enis01amor at yahoo.fr (chikh omar) Date: Fri, 23 Jul 2010 10:44:37 +0000 (GMT) Subject: [Avispa-users] Re : list of security services that we can specify In-Reply-To: <4C49664B.9070807@loria.fr> References: <00b101cb2a4c$57a826f0$06f874d0$@yahoo.fr> <4C49664B.9070807@loria.fr> Message-ID: <1380.10630.qm@web26008.mail.ukl.yahoo.com> when i use span to simulate my protocol i do notr view the list of message exchanged. what are the possible reson of this problem? ? thanks for help? ********************************************** Omar Cheikhrouhou Engineer & Researcher @SENS Lab (Software Engineering and Network Security) Higher Institute of Technological Studies - Address : Mahdia's road Km 2.5 Sfax. BP 88 A - 3099 El Bustan Sfax Telephone : (+216)74 237425 Poste : 437?Fax: : (+216)74?431?386 Ph.D @ CES Lab (Computer and Embedded System)-University of Sfax, National School of Engineers BP W, Sfax, 3038, Tunisia , Fax:(+216)74665369 Home page: http://www..ceslab.org/eng/perso.php?id=46 Coordinator C2i @ ISET Sfax (Certified C2i since 2008) ________________________________ De : Laurent Vigneron ? : Omar Cheikhrouhou (yahoo) Envoy? le : Ven 23 juillet 2010, 10h 52min 11s Objet?: Re: [Avispa-users] list of security services that we can specify Hum... a short answer would be: look in the documentation... :) The main properties that can be studied are secrecy and authentication (weak or strong). Laurent. Le 23/07/2010 11:48, Omar Cheikhrouhou (yahoo) a ?crit : > I would like to know the (exhaustive) security services that we can > specify in avispa ? > > Thanks for clarification > > *********************************************** > Omar Cheikhrouhou -------------- next part -------------- An HTML attachment was scrubbed... URL: From enis01amor at yahoo.fr Fri Jul 23 06:54:05 2010 From: enis01amor at yahoo.fr (chikh omar) Date: Fri, 23 Jul 2010 10:54:05 +0000 (GMT) Subject: [Avispa-users] how to specify Message-ID: <680175.44514.qm@web26004.mail.ukl.yahoo.com> how to specify the following?services ?? Robustness against impersonation attack: ? Robustness against replay attack: thanks for help ********************************************** Omar Cheikhrouhou Engineer & Researcher @SENS Lab (Software Engineering and Network Security) Higher Institute of Technological Studies - Address : Mahdia's road Km 2.5 Sfax. BP 88 A - 3099 El Bustan Sfax Telephone : (+216)74 237425 Poste : 437?Fax: : (+216)74?431?386 Ph.D @ CES Lab (Computer and Embedded System)-University of Sfax, National School of Engineers BP W, Sfax, 3038, Tunisia , Fax:(+216)74665369 Home page: http://www.ceslab.org/eng/perso.php?id=46 Coordinator C2i @ ISET Sfax (Certified C2i since 2008) -------------- next part -------------- An HTML attachment was scrubbed... URL: