TPTP Problem File: SWV018+1.p
View Solutions
- Solve Problem
%--------------------------------------------------------------------------
% File : SWV018+1 : TPTP v9.0.0. Released v2.4.0.
% Domain : Software Verification
% Problem : Fact 8 of the Neumann-Stubblebine analysis
% Version : [Wei99] axioms.
% English :
% Refs : [Wei99] Weidenbach (1999), Towards and Automatic Analysis of S
% [Bau99] Baumgartner (1999), FTP'2000 - Problem Sets
% Source : [Bau99]
% Names : Fact 8 [Wei99]
% Status : CounterSatisfiable
% Rating : 0.00 v9.0.0, 0.33 v8.2.0, 0.00 v7.0.0, 0.33 v6.4.0, 0.00 v6.2.0, 0.11 v6.1.0, 0.10 v6.0.0, 0.00 v5.5.0, 0.14 v5.4.0, 0.47 v5.3.0, 0.38 v5.2.0, 0.25 v5.0.0, 0.11 v4.1.0, 0.17 v4.0.1, 0.33 v3.7.0, 0.00 v3.4.0, 0.50 v3.3.0, 0.00 v3.1.0, 0.50 v2.7.0, 0.33 v2.6.0, 0.75 v2.5.0, 0.67 v2.4.0
% Syntax : Number of formulae : 34 ( 14 unt; 0 def)
% Number of atoms : 83 ( 0 equ)
% Maximal formula atoms : 5 ( 2 avg)
% Number of connectives : 51 ( 2 ~; 0 |; 32 &)
% ( 0 <=>; 17 =>; 0 <=; 0 <~>)
% Maximal formula depth : 12 ( 4 avg)
% Maximal term depth : 6 ( 2 avg)
% Number of predicates : 13 ( 13 usr; 0 prp; 1-1 aty)
% Number of functors : 17 ( 17 usr; 7 con; 0-4 aty)
% Number of variables : 59 ( 56 !; 3 ?)
% SPC : FOF_CSA_RFO_NEQ
% Comments :
%--------------------------------------------------------------------------
fof(a_holds_key_at_for_t,axiom,
a_holds(key(at,t)) ).
fof(a_is_party_of_protocol,axiom,
party_of_protocol(a) ).
fof(a_sent_message_i_to_b,axiom,
message(sent(a,b,pair(a,an_a_nonce))) ).
fof(a_stored_message_i,axiom,
a_stored(pair(b,an_a_nonce)) ).
fof(a_forwards_secure,axiom,
! [U,V,W,X,Y,Z] :
( ( message(sent(t,a,triple(encrypt(quadruple(Y,Z,W,V),at),X,U)))
& a_stored(pair(Y,Z)) )
=> ( message(sent(a,Y,pair(X,encrypt(U,W))))
& a_holds(key(W,Y)) ) ) ).
fof(b_hold_key_bt_for_t,axiom,
b_holds(key(bt,t)) ).
fof(b_is_party_of_protocol,axiom,
party_of_protocol(b) ).
fof(nonce_a_is_fresh_to_b,axiom,
fresh_to_b(an_a_nonce) ).
fof(b_creates_freash_nonces_in_time,axiom,
! [U,V] :
( ( message(sent(U,b,pair(U,V)))
& fresh_to_b(V) )
=> ( message(sent(b,t,triple(b,generate_b_nonce(V),encrypt(triple(U,V,generate_expiration_time(V)),bt))))
& b_stored(pair(U,V)) ) ) ).
fof(b_accepts_secure_session_key,axiom,
! [V,X,Y] :
( ( message(sent(X,b,pair(encrypt(triple(X,V,generate_expiration_time(Y)),bt),encrypt(generate_b_nonce(Y),V))))
& a_key(V)
& b_stored(pair(X,Y)) )
=> b_holds(key(V,X)) ) ).
fof(t_holds_key_at_for_a,axiom,
t_holds(key(at,a)) ).
fof(t_holds_key_bt_for_b,axiom,
t_holds(key(bt,b)) ).
fof(t_is_party_of_protocol,axiom,
party_of_protocol(t) ).
fof(server_t_generates_key,axiom,
! [U,V,W,X,Y,Z,X1] :
( ( message(sent(U,t,triple(U,V,encrypt(triple(W,X,Y),Z))))
& t_holds(key(Z,U))
& t_holds(key(X1,W))
& a_nonce(X) )
=> message(sent(t,W,triple(encrypt(quadruple(U,X,generate_key(X),Y),X1),encrypt(triple(W,generate_key(X),Y),Z),V))) ) ).
fof(intruder_can_record,axiom,
! [U,V,W] :
( message(sent(U,V,W))
=> intruder_message(W) ) ).
fof(intruder_decomposes_pairs,axiom,
! [U,V] :
( intruder_message(pair(U,V))
=> ( intruder_message(U)
& intruder_message(V) ) ) ).
fof(intruder_decomposes_triples,axiom,
! [U,V,W] :
( intruder_message(triple(U,V,W))
=> ( intruder_message(U)
& intruder_message(V)
& intruder_message(W) ) ) ).
fof(intruder_decomposes_quadruples,axiom,
! [U,V,W,X] :
( intruder_message(quadruple(U,V,W,X))
=> ( intruder_message(U)
& intruder_message(V)
& intruder_message(W)
& intruder_message(X) ) ) ).
fof(intruder_composes_pairs,axiom,
! [U,V] :
( ( intruder_message(U)
& intruder_message(V) )
=> intruder_message(pair(U,V)) ) ).
fof(intruder_composes_triples,axiom,
! [U,V,W] :
( ( intruder_message(U)
& intruder_message(V)
& intruder_message(W) )
=> intruder_message(triple(U,V,W)) ) ).
fof(intruder_composes_quadruples,axiom,
! [U,V,W,X] :
( ( intruder_message(U)
& intruder_message(V)
& intruder_message(W)
& intruder_message(X) )
=> intruder_message(quadruple(U,V,W,X)) ) ).
fof(intruder_interception,axiom,
! [U,V,W] :
( ( intruder_message(encrypt(U,V))
& intruder_holds(key(V,W))
& party_of_protocol(W) )
=> intruder_message(V) ) ).
fof(intruder_message_sent,axiom,
! [U,V,W] :
( ( intruder_message(U)
& party_of_protocol(V)
& party_of_protocol(W) )
=> message(sent(V,W,U)) ) ).
fof(intruder_holds_key,axiom,
! [V,W] :
( ( intruder_message(V)
& party_of_protocol(W) )
=> intruder_holds(key(V,W)) ) ).
fof(intruder_key_encrypts,axiom,
! [U,V,W] :
( ( intruder_message(U)
& intruder_holds(key(V,W))
& party_of_protocol(W) )
=> intruder_message(encrypt(U,V)) ) ).
fof(an_a_nonce_is_a_nonce,axiom,
a_nonce(an_a_nonce) ).
fof(generated_keys_are_not_nonces,axiom,
! [U] : ~ a_nonce(generate_key(U)) ).
fof(generated_times_and_nonces_are_nonces,axiom,
! [U] :
( a_nonce(generate_expiration_time(U))
& a_nonce(generate_b_nonce(U)) ) ).
fof(nothing_is_a_nonce_and_a_key,axiom,
! [U] :
~ ( a_key(U)
& a_nonce(U) ) ).
fof(generated_keys_are_keys,axiom,
! [U] : a_key(generate_key(U)) ).
fof(an_intruder_nonce_is_a_fresh_intruder_nonce,axiom,
fresh_intruder_nonce(an_intruder_nonce) ).
fof(can_generate_more_fresh_intruder_nonces,axiom,
! [U] :
( fresh_intruder_nonce(U)
=> fresh_intruder_nonce(generate_intruder_nonce(U)) ) ).
fof(fresh_intruder_nonces_are_fresh_to_b,axiom,
! [U] :
( fresh_intruder_nonce(U)
=> ( fresh_to_b(U)
& intruder_message(U) ) ) ).
fof(co1,conjecture,
? [X,Y,Z] :
( intruder_holds(key(X,Y))
& b_holds(key(X,Z)) ) ).
%--------------------------------------------------------------------------