[Verifpal] Crash when sending an already known value within concat and checking it with assert
friedrich.wiemer at rub.de
Wed Oct 21 22:18:45 CEST 2020
Here is another crashing model:
pkc = G^skc
pks = G^sks
Server -> Client: [pks]
mcs = CONCAT(pkc, nc, pks)
Client -> Server: pkc, mcs
pkc_recv, nc_recv, pks_recv = SPLIT(mcs)
_ = ASSERT(pks, pks_recv)?
Server -> Client: ns
principal Client[ kcs = HASH(ns) ]
authentication? Client -> Server: mcs
authentication? Server -> Client: ns
This seems to be related to sending the already known value 'pkS' to the server and then having the server check 'ASSERT(pks, pks_recv)'. Note that sending the already known value only works, because its "hidden" inside the concat. Maybe this should be handled similarly to sending the values directly, or does that not make sense?
Dr. Friedrich Wiemer,
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Verifpal