Commit 18e5f126 authored by Paul Fiterau Brostean's avatar Paul Fiterau Brostean

Updated results

parent d0d395f5
......@@ -55,7 +55,7 @@ Table~\ref{tab:experiments} describes the exact versions of the systems analyzed
{\centering{\textbf{SUT}}} & \textbf{States} & \textbf{Hypotheses } & \textbf{Mem. Q.} & \textbf{Test Q.}\\ \hline %& \textbf{Tests to last Hyp.} & \textbf{Tests on last Hyp.} \\ \hline
OpenSSH 6.9p1-2 & 31 & 4 & 19836 & 76418 \\ %& 1322 & 50243 \\
BitVise 7.23 & 65 & 15 & 24996 & 58423 \\ %& 9549 & 65040 \\
DropBear v2014.65 & 17 & 2 & 19863 & 76418 \\ \hline %& 15268 & 56174 \\
DropBear v2014.65 & 29 & 8 & 8357 & 64478 \\ \hline %& 15268 & 56174 \\
\end{tabular}
\caption{Statistics for learning experiments}
\label{tab:experiments}
......
This diff is collapsed.
This diff is collapsed.
......@@ -347,8 +347,8 @@ In particular, we used {\dvauth} instead of \textit{out=UA\_SUCCESS} to suggest
& Prop.~\ref{prop:trans-kexinit} & MUST & \dt & \dt & \dt \\ \cline{3-6}
& Prop.~\ref{prop:trans-sr} & MUST & \dfce{sends unimpl}* & \dfce{kex no resp} & \dt \\ \cline{3-6}
& Prop.~\ref{prop:auth-pre-ua} & MUST & \dt & \dt & \dt \\ \cline{3-6}
& Prop.~\ref{prop:auth-post-ua-strong} & MUST & \dt & \dt & \dfce{can recon after rekey} \\ \cline{3-6}
& Prop.~\ref{prop:auth-post-ua} & SHOULD & \dfce{sends unimpl}* & \dfce{sends unimpl}* & \df \\ \cline{3-6}
& Prop.~\ref{prop:auth-post-ua-strong} & MUST & \dt & \dt & \dt \\ \cline{3-6}
& Prop.~\ref{prop:auth-post-ua} & SHOULD & \dfce{sends unimpl}* & \dfce{sends unimpl}* & \dt \\ \cline{3-6}
& Prop.~\ref{prop:conn-close} & MUST & \dt & \dt & \dfce{sends CH\_EOF} \\ \hline
\end{tabular}
\caption{Model checking results}
......@@ -363,8 +363,8 @@ Property~\ref{prop:auth-post-ua}. Whether the alternative behavior adapted is ac
does leave room for interpretation of the \textsc{unimpl} message.
DropBear is the only implementation that allows rekey in both general states of the protocol. DropBear also satisfies all Transport layer specifications, however,
problematically, it violates properties of the higher layers. Upon receiving \textsc{ch\_close}, it responds by \textsc{ch\_eof} instead of \text{ch\_close}, not respecting
Property~\ref{prop:conn-close}. Moreover, the output \textsc{ua\_success} can be generated multiple times, violating both Properties ~\ref{prop:auth-post-ua-strong} and
~\ref{prop:auth-post-ua}.
problematically, it violates the property of the Connection layer. Upon receiving \textsc{ch\_close}, it responds by \textsc{ch\_eof} instead of \textsc{ch\_close}, not respecting
Property~\ref{prop:conn-close}. %Moreover, the output \textsc{ua\_success} can be generated multiple times, violating both Properties ~\ref{prop:auth-post-ua-strong} and
%~\ref{prop:auth-post-ua}.
%, though key exchange is strangely not universally permitted, while some of the functional properties described are not met.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment