Weak Authentication Sample Clauses

Weak Authentication. We define a logic type key prop that is used to attach a property to the key and the text. An Entry constructor requires key prop to hold on k and t before the entry can be created. Finally, we define a log that is used for checking our cryptographic assumption. type key prop : key → text → Type type pkey (p:(text → Type)) = k:key{key prop k == p} = [] type entry = | Entry : k:key → t:text{key prop k t} → m:tag → entry let log m ref Next we define the types for MACing: keygen attaches the property p to the new key. Our type signatures have been adapted from [4] to fit in the state monad ST, which we require for verifying our protocol. The function mac requires that the attached key prop holds on k and t, while verify ensures that key prop holds if the verification succeeds. val keygen: p:(text → Type) → pkey p val mac: k:key → t:text{key prop k t} → ST tag (requires (fun h → True)) (ensures (fun h x h’ → True)) (modifies (a ref log m)) val verify: k:key → t:text → tag → ST (b:bool{b =⇒ key prop k t}) (requires (fun h → True)) (ensures (fun h x h’ → True)) (modifies (no refs)) Intuitively, the MAC interface requires that a property holds before a MAC code is created, and ensures that the same property holds if the MAC code passes verification. The property sig prop attached to our protocol requires that the signed message is tagged and distinct from others, and that Signal s c has been assumed, therefore the MAC is not forged by an adversary. logic type Signal : uint32 → uint16 → Type logic type sig prop (msg:message) = (∃ s c. msg = Format.signal s c ∧ Signal s c) This property is attached to the key k when it is generated, and this allows us to verify the weak agreement condition.