role server (Ui,Sj: agent, | SKuisj: symmetric_key, | H : hash_func, | Snd,Rcv: channel(dy)) | played_by Sj | def= | local State : nat, | IDi, PWi, RPWi, BIOi, X, Ai, Bi, Ci, R1, Di, Ei, Fi, R2, Gi, Vi : text | const user_server_r1, server_user_r2, | subs1, subs2 : protocol_id | init State 0 | transition | %%%%% Registration phase | 1. State = 0 Rcv(IDi.H(PWi.H(BIOi)) _SKuisj) | State' 1 secret(, subs1, Sj) | secret(, subs2, Ui) | Snd(xor(H(xor(IDi, X)), H(IDi.H(PWi.H(BIOi)))).xor(H(xor(IDi, X).H(PWi.H(BIOi))), X) _SKuisj) | %%%%% Login phase | 2. State = 1 Rcv(xor(H(H(xor(IDi, X)).H(PWi.H(BIOi))), X).xor(IDi, R1').xor(IDi, H(H(xor(IDi, | X)).RPWi')).H(IDi.R1'.H(xor(IDi, X)))) | %%%%% Verification phase | State' 2 R2' new() | IDi' xor(xor(IDi, H(H(xor(IDi, X)).RPWi')), Ci', X) | R1' xor(xor(IDi, R1'), IDi) | Fi' H(IDi.R1'.H(xor(IDi, X))) | Gi' xor(R2', H(R1'.H(IDi.R1'.Ai'))) | Vi' H(H(R1'.R2'.H(xor(IDi, X)).IDi).R1'.R2') | Snd(Gi'.Vi') | witness(Sj, Ui, server_user_r2, R2') | request(Ui, Sj, user_server_r1, R1') | end role |
|