Completing equations...
Completed equations:
Convergent part:
host(key(x_22)) = x_22
key(host(x_21)) = x_21
Completing equations...
Completed equations:
key(host(x_21)) = x_21
host(key(x_22)) = x_22
Completed destructors:
PtCredVerifyPtIDDr(zk((Ptr_169,PtID_170,PtNym_171,PtHII_172,PtSSS_173,PtAcc_174,rpt_175),(comt(PtID_170,Ptr_169),PtCred(PtID_170,PtNym_171,PtHII_172,PtSSS_173,PtAcc_174,rpt_175))),comt(PtID_170,Ptr_169),PtCred(PtID_170,PtNym_171,PtHII_172,PtSSS_173,PtAcc_174,rpt_175)) => true()
getpubmsg(spk(x_177,y_176,z_178)) => y_176
getmessage(sign(x_179,y_180),pk(y_180)) => x_179
open(comt(x_181,y_182),y_182) => x_181
PtCredVerifyPh(zk((PtID_183,PtNym_184,PtHII_185,PtSSS_186,PtAcc_187,rpt_188),(PtCred(PtID_183,PtNym_184,PtHII_185,PtSSS_186,PtAcc_187,rpt_188),PtSSS_186)),PtCred(PtID_183,PtNym_184,PtHII_185,PtSSS_186,PtAcc_187,rpt_188),PtSSS_186) => true()
getmsg(spk(x_190,y_191,z_189)) => z_189
CheckReceptionAck(spk((PtID_192,PtNym_193,PtHII_194,PtSSS_195,PtAcc_196,rpt_197),PtCred(PtID_192,PtNym_193,PtHII_194,PtSSS_195,PtAcc_196,rpt_197),(xPrescID_198,xPharmID_199,vc1_200,vc2_201,vc3_202,vc31_203,vc4_204,c5_205)),PtCred(PtID_192,PtNym_193,PtHII_194,PtSSS_195,PtAcc_196,rpt_197),xPrescID_198,xPharmID_199,vc1_200,vc2_201,vc3_202,vc31_203,vc4_204,c5_205) => true()
DrCredVerify(zk((DrNym_206,DrID_207,rdr_208),DrCred(DrNym_206,DrID_207,rdr_208)),DrCred(DrNym_206,DrID_207,rdr_208)) => true()
checkAuth(sign(x_209,y_210),pk(y_210)) => true()
CheckSPKDrPtDrNym(spk((DrNym_211,Drr_212,DrID_213,rdr_214),(comt(DrNym_211,Drr_212),DrCred(DrNym_211,DrID_213,rdr_214)),(PrescText_215,PrescID_216,comt(DrNym_211,Drr_212),comt(PtID_217,Ptr_218))),DrCred(DrNym_211,DrID_213,rdr_214),PrescText_215,PrescID_216,comt(DrNym_211,Drr_212),comt(PtID_217,Ptr_218)) => true()
CheckVEncHii(zk((PtID_219,PtNym_220,PtHII_221,PtSSS_222,PtAcc_223,rpt_224,r_225),(PtCred(PtID_219,PtNym_220,PtHII_221,PtSSS_222,PtAcc_223,rpt_224),penc(PtHII_221,pubkey_226,r_225))),PtCred(PtID_219,PtNym_220,PtHII_221,PtSSS_222,PtAcc_223,rpt_224),penc(PtHII_221,pubkey_226,r_225),pubkey_226) => true()
CheckVEncPtnym(zk((PtID_227,PtNym_228,PtHII_229,PtSSS_230,PtAcc_231,rpt_232,r_233),(PtCred(PtID_227,PtNym_228,PtHII_229,PtSSS_230,PtAcc_231,rpt_232),penc(PtNym_228,pubkey_234,r_233))),PtCred(PtID_227,PtNym_228,PtHII_229,PtSSS_230,PtAcc_231,rpt_232),penc(PtNym_228,pubkey_234,r_233),pubkey_234) => true()
PtCredVerifyDr(zk((PtID_235,PtNym_236,PtHII_237,PtSSS_238,PtAcc_239,rpt_240),PtCred(PtID_235,PtNym_236,PtHII_237,PtSSS_238,PtAcc_239,rpt_240)),PtCred(PtID_235,PtNym_236,PtHII_237,PtSSS_238,PtAcc_239,rpt_240)) => true()
CheckVEncDrnymMpa(zk((DrNym_241,Drr_242,r_243),(spk((DrNym_241,Drr_242,DrID_244,rdr_245),(comt(DrNym_241,Drr_242),DrCred(DrNym_241,DrID_244,rdr_245)),(PrescText_246,PrescID_247,comt(DrNym_241,Drr_242),xPtComt_248)),penc(DrNym_241,pkMPA_249,r_243))),spk((DrNym_241,Drr_242,DrID_244,rdr_245),(comt(DrNym_241,Drr_242),DrCred(DrNym_241,DrID_244,rdr_245)),(PrescText_246,PrescID_247,comt(DrNym_241,Drr_242),xPtComt_248)),penc(DrNym_241,pkMPA_249,r_243),pkMPA_249) => true()
getpublic(zk(x_251,y_250)) => y_250
dec(penc(m_252,pk(sk_253),r_254),sk_253) => m_252
CheckSPKPhPtID(spk((PtID_255,PtNym_256,PtHII_257,PtSSS_258,PtAcc_259,Ptr_260,rpt_261),(PtCred(PtID_255,PtNym_256,PtHII_257,PtSSS_258,PtAcc_259,rpt_261),comt(PtID_255,Ptr_260)),nonce_262),PtCred(PtID_255,PtNym_256,PtHII_257,PtSSS_258,PtAcc_259,rpt_261),comt(PtID_255,Ptr_260),nonce_262) => true()
Process:
new skHII_100;
new skSSO_101;
new privchhiipt_102;
new privchmpaph_103;
new privchphpt_104;
{1}let pkSSO_105 = pk(skSSO_101) in
{2}out(ch, pkSSO_105);
{3}out(ch, pk(skHII_100));
{4}!
(
    new nDrID_149;
    {55}let DrID_150 = nDrID_149 in
    {56}!
    new nDrNym_151;
    {57}let DrNym_152 = nDrNym_151 in
    new rdr_153;
    {58}out(ch, zk((DrNym_152,DrID_150,rdr_153),DrCred(DrNym_152,DrID_150,rdr_153)));
    {59}in(ch, (xPtAuthProof_154,xPtDrPtIDProof_155));
    {60}let xPtCred_156 = getpublic(xPtAuthProof_154) in
    {61}let (xPtComt_157,=xPtCred_156) = getpublic(xPtDrPtIDProof_155) in
    {62}if PtCredVerifyDr(xPtAuthProof_154,xPtCred_156) = true() then
    {63}if PtCredVerifyPtIDDr(xPtDrPtIDProof_155,xPtComt_157,xPtCred_156) = true() then
    new PrescText_158;
    new Drr_159;
    {64}let PrescID_160 = hash(PrescText_158,xPtComt_157,comt(DrNym_152,Drr_159)) in
    {65}out(ch, (spk((DrNym_152,Drr_159,DrID_150,rdr_153),(comt(DrNym_152,Drr_159),DrCred(DrNym_152,DrID_150,rdr_153)),(PrescText_158,PrescID_160,comt(DrNym_152,Drr_159),xPtComt_157)),Drr_159));
    {66}out(ch, s);
    0
) | (
    {37}let cpkHII_127 = pk(skHII_100) in
    {38}let PtHII_128 = host(cpkHII_127) in
    {39}!
    new nPtID_129;
    new nPtNym_130;
    new nPtAcc_131;
    {40}let PtID_132 = nPtID_129 in
    {41}let PtNym_133 = nPtNym_130 in
    {42}let PtAcc_134 = nPtAcc_131 in
    {43}!
    new nPtSSS_135;
    {44}let PtSSS_136 = nPtSSS_135 in
    {45}in(privchphpt_104, cpkPh_137);
    {46}let cPharmID_138 = host(cpkPh_137) in
    {47}in(ch, xDrCredProof_139);
    {48}let xDrCred_140 = getpublic(xDrCredProof_139) in
    {49}if DrCredVerify(xDrCredProof_139,xDrCred_140) = true() then
    new Ptr_141;
    new rpt_142;
    {50}out(ch, (zk((PtID_132,PtNym_133,PtHII_128,PtSSS_136,PtAcc_134,rpt_142),PtCred(PtID_132,PtNym_133,PtHII_128,PtSSS_136,PtAcc_134,rpt_142)),zk((Ptr_141,PtID_132,PtNym_133,PtHII_128,PtSSS_136,PtAcc_134,rpt_142),(comt(PtID_132,Ptr_141),PtCred(PtID_132,PtNym_133,PtHII_128,PtSSS_136,PtAcc_134,rpt_142)))));
    {51}in(ch, (xSPKDrPtDrNym_143,xDrr_144));
    {52}let (xPrescText_145,xPrescID_146,xDrComt_147,=comt(PtID_132,Ptr_141)) = getmsg(xSPKDrPtDrNym_143) in
    {53}if CheckSPKDrPtDrNym(xSPKDrPtDrNym_143,xDrCred_140,xPrescText_145,xPrescID_146,xDrComt_147,comt(PtID_132,Ptr_141)) = true() then
    {54}let xDrNym_148 = open(xDrComt_147,xDrr_144) in
    0
) | (
    {5}!
    (
        new nskPh_121;
        {27}let skPh_122 = nskPh_121 in
        {28}let pkPh_123 = pk(skPh_122) in
        {29}let PharmID_124 = host(pkPh_123) in
        {30}!
        (
            {36}out(ch, pkPh_123);
            0
        ) | (
            {31}!
            (
                {35}out(privchphpt_104, pkPh_123);
                0
            ) | (
                {32}!
                {33}in(privchmpaph_103, dpkMPA_125);
                {34}let dMpaID_126 = host(dpkMPA_125) in
                0
            )
        )
    ) | (
        {6}!
        (
            new nskMPA_117;
            {19}let skMPA_118 = nskMPA_117 in
            {20}let pkMPA_119 = pk(skMPA_118) in
            {21}let MpaID_120 = host(pkMPA_119) in
            {22}!
            (
                {26}out(ch, pkMPA_119);
                0
            ) | (
                {23}!
                (
                    {25}out(privchmpaph_103, pkMPA_119);
                    0
                ) | (
                    {24}!
                    0
                )
            )
        ) | (
            {7}let DrID_106 = choice[A,B] in
            {8}!
            new nDrNym_107;
            {9}let DrNym_108 = nDrNym_107 in
            new rdr_109;
            {10}out(ch, zk((DrNym_108,DrID_106,rdr_109),DrCred(DrNym_108,DrID_106,rdr_109)));
            {11}in(ch, (xPtAuthProof_110,xPtDrPtIDProof_111));
            {12}let xPtCred_112 = getpublic(xPtAuthProof_110) in
            {13}let (xPtComt_113,=xPtCred_112) = getpublic(xPtDrPtIDProof_111) in
            {14}if PtCredVerifyDr(xPtAuthProof_110,xPtCred_112) = true() then
            {15}if PtCredVerifyPtIDDr(xPtDrPtIDProof_111,xPtComt_113,xPtCred_112) = true() then
            new PrescText_114;
            new Drr_115;
            {16}let PrescID_116 = hash(PrescText_114,xPtComt_113,comt(DrNym_108,Drr_115)) in
            {17}out(ch, (spk((DrNym_108,Drr_115,DrID_106,rdr_109),(comt(DrNym_108,Drr_115),DrCred(DrNym_108,DrID_106,rdr_109)),(PrescText_114,PrescID_116,comt(DrNym_108,Drr_115),xPtComt_113)),Drr_115));
            {18}out(ch, s);
            0
        )
    )
)

-- Observational equivalence
Termination warning: v_1513 <> v_1514 & attacker2:v_1512,v_1513 & attacker2:v_1512,v_1514 -> bad:
Selecting 0
Termination warning: v_1516 <> v_1517 & attacker2:v_1516,v_1515 & attacker2:v_1517,v_1515 -> bad:
Selecting 0
Completing...
Termination warning: v_1513 <> v_1514 & attacker2:v_1512,v_1513 & attacker2:v_1512,v_1514 -> bad:
Selecting 0
Termination warning: v_1516 <> v_1517 & attacker2:v_1516,v_1515 & attacker2:v_1517,v_1515 -> bad:
Selecting 0
200 rules inserted. The rule base contains 200 rules. 95 rules in the queue.
400 rules inserted. The rule base contains 400 rules. 95 rules in the queue.
600 rules inserted. The rule base contains 594 rules. 74 rules in the queue.
800 rules inserted. The rule base contains 764 rules. 43 rules in the queue.
RESULT Observational equivalence is true (bad not derivable).
naipeng@orbe:~/satoss/papers/epriv/healthcare/DLV08/Code/Revised_Model/Modify$ proverif -in pi Dr_Anonymity_revised.pi
File "Dr_Anonymity_revised.pi", line 136, character 36 - line 136, character 37:
Warning: Free name s not declared
Linear part:
Completing equations...
Completed equations:
Convergent part:
host(key(x_22)) = x_22
key(host(x_21)) = x_21
Completing equations...
Completed equations:
key(host(x_21)) = x_21
host(key(x_22)) = x_22
Completed destructors:
PtCredVerifyPtIDDr(zk((Ptr_206,PtID_207,PtNym_208,PtHII_209,PtSSS_210,PtAcc_211,rpt_212),(comt(PtID_207,Ptr_206),PtCred(PtID_207,PtNym_208,PtHII_209,PtSSS_210,PtAcc_211,rpt_212))),comt(PtID_207,Ptr_206),PtCred(PtID_207,PtNym_208,PtHII_209,PtSSS_210,PtAcc_211,rpt_212)) => true()
getpubmsg(spk(x_214,y_213,z_215)) => y_213
getmessage(sign(x_216,y_217),pk(y_217)) => x_216
open(comt(x_218,y_219),y_219) => x_218
PtCredVerifyPh(zk((PtID_220,PtNym_221,PtHII_222,PtSSS_223,PtAcc_224,rpt_225),(PtCred(PtID_220,PtNym_221,PtHII_222,PtSSS_223,PtAcc_224,rpt_225),PtSSS_223)),PtCred(PtID_220,PtNym_221,PtHII_222,PtSSS_223,PtAcc_224,rpt_225),PtSSS_223) => true()
getmsg(spk(x_227,y_228,z_226)) => z_226
CheckReceptionAck(spk((PtID_229,PtNym_230,PtHII_231,PtSSS_232,PtAcc_233,rpt_234),PtCred(PtID_229,PtNym_230,PtHII_231,PtSSS_232,PtAcc_233,rpt_234),(xPrescID_235,xPharmID_236,vc1_237,vc2_238,vc3_239,vc31_240,vc4_241,c5_242)),PtCred(PtID_229,PtNym_230,PtHII_231,PtSSS_232,PtAcc_233,rpt_234),xPrescID_235,xPharmID_236,vc1_237,vc2_238,vc3_239,vc31_240,vc4_241,c5_242) => true()
DrCredVerify(zk((DrNym_243,DrID_244,rdr_245),DrCred(DrNym_243,DrID_244,rdr_245)),DrCred(DrNym_243,DrID_244,rdr_245)) => true()
checkAuth(sign(x_246,y_247),pk(y_247)) => true()
CheckSPKDrPtDrNym(spk((DrNym_248,Drr_249,DrID_250,rdr_251),(comt(DrNym_248,Drr_249),DrCred(DrNym_248,DrID_250,rdr_251)),(PrescText_252,PrescID_253,comt(DrNym_248,Drr_249),comt(PtID_254,Ptr_255))),DrCred(DrNym_248,DrID_250,rdr_251),PrescText_252,PrescID_253,comt(DrNym_248,Drr_249),comt(PtID_254,Ptr_255)) => true()
CheckVEncHii(zk((PtID_256,PtNym_257,PtHII_258,PtSSS_259,PtAcc_260,rpt_261,r_262),(PtCred(PtID_256,PtNym_257,PtHII_258,PtSSS_259,PtAcc_260,rpt_261),penc(PtHII_258,pubkey_263,r_262))),PtCred(PtID_256,PtNym_257,PtHII_258,PtSSS_259,PtAcc_260,rpt_261),penc(PtHII_258,pubkey_263,r_262),pubkey_263) => true()
CheckVEncPtnym(zk((PtID_264,PtNym_265,PtHII_266,PtSSS_267,PtAcc_268,rpt_269,r_270),(PtCred(PtID_264,PtNym_265,PtHII_266,PtSSS_267,PtAcc_268,rpt_269),penc(PtNym_265,pubkey_271,r_270))),PtCred(PtID_264,PtNym_265,PtHII_266,PtSSS_267,PtAcc_268,rpt_269),penc(PtNym_265,pubkey_271,r_270),pubkey_271) => true()
PtCredVerifyDr(zk((PtID_272,PtNym_273,PtHII_274,PtSSS_275,PtAcc_276,rpt_277),PtCred(PtID_272,PtNym_273,PtHII_274,PtSSS_275,PtAcc_276,rpt_277)),PtCred(PtID_272,PtNym_273,PtHII_274,PtSSS_275,PtAcc_276,rpt_277)) => true()
CheckVEncDrnymMpa(zk((DrNym_278,Drr_279,r_280),(spk((DrNym_278,Drr_279,DrID_281,rdr_282),(comt(DrNym_278,Drr_279),DrCred(DrNym_278,DrID_281,rdr_282)),(PrescText_283,PrescID_284,comt(DrNym_278,Drr_279),xPtComt_285)),penc(DrNym_278,pkMPA_286,r_280))),spk((DrNym_278,Drr_279,DrID_281,rdr_282),(comt(DrNym_278,Drr_279),DrCred(DrNym_278,DrID_281,rdr_282)),(PrescText_283,PrescID_284,comt(DrNym_278,Drr_279),xPtComt_285)),penc(DrNym_278,pkMPA_286,r_280),pkMPA_286) => true()
getpublic(zk(x_288,y_287)) => y_287
dec(penc(m_289,pk(sk_290),r_291),sk_290) => m_289
CheckSPKPhPtID(spk((PtID_292,PtNym_293,PtHII_294,PtSSS_295,PtAcc_296,Ptr_297,rpt_298),(PtCred(PtID_292,PtNym_293,PtHII_294,PtSSS_295,PtAcc_296,rpt_298),comt(PtID_292,Ptr_297)),nonce_299),PtCred(PtID_292,PtNym_293,PtHII_294,PtSSS_295,PtAcc_296,rpt_298),comt(PtID_292,Ptr_297),nonce_299) => true()
Process:
new skHII_100;
new skSSO_101;
new privchhiipt_102;
new privchmpaph_103;
new privchphpt_104;
{1}let pkSSO_105 = pk(skSSO_101) in
{2}out(ch, pkSSO_105);
{3}out(ch, pk(skHII_100));
{4}!
(
    new nDrID_186;
    {94}let DrID_187 = nDrID_186 in
    {95}!
    new nDrNym_188;
    {96}let DrNym_189 = nDrNym_188 in
    new rdr_190;
    {97}out(ch, zk((DrNym_189,DrID_187,rdr_190),DrCred(DrNym_189,DrID_187,rdr_190)));
    {98}in(ch, (xPtAuthProof_191,xPtDrPtIDProof_192));
    {99}let xPtCred_193 = getpublic(xPtAuthProof_191) in
    {100}let (xPtComt_194,=xPtCred_193) = getpublic(xPtDrPtIDProof_192) in
    {101}if PtCredVerifyDr(xPtAuthProof_191,xPtCred_193) = true() then
    {102}if PtCredVerifyPtIDDr(xPtDrPtIDProof_192,xPtComt_194,xPtCred_193) = true() then
    new PrescText_195;
    new Drr_196;
    {103}let PrescID_197 = hash(PrescText_195,xPtComt_194,comt(DrNym_189,Drr_196)) in
    {104}out(ch, (spk((DrNym_189,Drr_196,DrID_187,rdr_190),(comt(DrNym_189,Drr_196),DrCred(DrNym_189,DrID_187,rdr_190)),(PrescText_195,PrescID_197,comt(DrNym_189,Drr_196),xPtComt_194)),Drr_196));
    {105}out(ch, s);
    0
) | (
    {60}let cpkHII_150 = pk(skHII_100) in
    {61}let PtHII_151 = host(cpkHII_150) in
    {62}!
    new nPtID_152;
    new nPtNym_153;
    new nPtAcc_154;
    {63}let PtID_155 = nPtID_152 in
    {64}let PtNym_156 = nPtNym_153 in
    {65}let PtAcc_157 = nPtAcc_154 in
    {66}!
    new nPtSSS_158;
    {67}let PtSSS_159 = nPtSSS_158 in
    {68}in(privchphpt_104, cpkPh_160);
    {69}let cPharmID_161 = host(cpkPh_160) in
    {70}in(ch, xDrCredProof_162);
    {71}let xDrCred_163 = getpublic(xDrCredProof_162) in
    {72}if DrCredVerify(xDrCredProof_162,xDrCred_163) = true() then
    new Ptr_164;
    new rpt_165;
    {73}out(ch, (zk((PtID_155,PtNym_156,PtHII_151,PtSSS_159,PtAcc_157,rpt_165),PtCred(PtID_155,PtNym_156,PtHII_151,PtSSS_159,PtAcc_157,rpt_165)),zk((Ptr_164,PtID_155,PtNym_156,PtHII_151,PtSSS_159,PtAcc_157,rpt_165),(comt(PtID_155,Ptr_164),PtCred(PtID_155,PtNym_156,PtHII_151,PtSSS_159,PtAcc_157,rpt_165)))));
    {74}in(ch, (xSPKDrPtDrNym_166,xDrr_167));
    {75}let (xPrescText_168,xPrescID_169,xDrComt_170,=comt(PtID_155,Ptr_164)) = getmsg(xSPKDrPtDrNym_166) in
    {76}if CheckSPKDrPtDrNym(xSPKDrPtDrNym_166,xDrCred_163,xPrescText_168,xPrescID_169,xDrComt_170,comt(PtID_155,Ptr_164)) = true() then
    {77}let xDrNym_171 = open(xDrComt_170,xDrr_167) in
    {78}in(ch, xPhAuth_172);
    {79}if checkAuth(xPhAuth_172,cpkPh_160) = true() then
    {80}let (=cPharmID_161,xMpaID_173) = getmessage(xPhAuth_172,cpkPh_160) in
    {81}let cpkMPA_174 = key(xMpaID_173) in
    {82}out(ch, zk((PtID_155,PtNym_156,PtHII_151,PtSSS_159,PtAcc_157,rpt_165),(PtCred(PtID_155,PtNym_156,PtHII_151,PtSSS_159,PtAcc_157,rpt_165),PtSSS_159)));
    new nonce_175;
    new r_176;
    {83}let vc1_177 = zk((PtID_155,PtNym_156,PtHII_151,PtSSS_159,PtAcc_157,rpt_165,r_176),(PtCred(PtID_155,PtNym_156,PtHII_151,PtSSS_159,PtAcc_157,rpt_165),penc(PtHII_151,cpkMPA_174,r_176))) in
    {84}let vc2_178 = zk((xDrNym_171,xDrr_167,r_176),(xSPKDrPtDrNym_166,penc(xDrNym_171,cpkMPA_174,r_176))) in
    {85}let vc3_179 = zk((PtID_155,PtNym_156,PtHII_151,PtSSS_159,PtAcc_157,rpt_165,r_176),(PtCred(PtID_155,PtNym_156,PtHII_151,PtSSS_159,PtAcc_157,rpt_165),penc(PtNym_156,pkSSO_105,r_176))) in
    {86}let vc31_180 = zk((PtID_155,PtNym_156,PtHII_151,PtSSS_159,PtAcc_157,rpt_165,r_176),(PtCred(PtID_155,PtNym_156,PtHII_151,PtSSS_159,PtAcc_157,rpt_165),penc(PtHII_151,pkSSO_105,r_176))) in
    {87}let vc4_181 = zk((PtID_155,PtNym_156,PtHII_151,PtSSS_159,PtAcc_157,rpt_165,r_176),(PtCred(PtID_155,PtNym_156,PtHII_151,PtSSS_159,PtAcc_157,rpt_165),penc(PtNym_156,cpkMPA_174,r_176))) in
    {88}let vc5_182 = zk((PtID_155,PtNym_156,PtHII_151,PtSSS_159,PtAcc_157,rpt_165,r_176),(PtCred(PtID_155,PtNym_156,PtHII_151,PtSSS_159,PtAcc_157,rpt_165),penc(PtNym_156,cpkHII_150,r_176))) in
    {89}let c5_183 = penc(vc5_182,cpkMPA_174,r_176) in
    {90}out(ch, (xSPKDrPtDrNym_166,spk((PtID_155,PtNym_156,PtHII_151,PtSSS_159,PtAcc_157,Ptr_164,rpt_165),(PtCred(PtID_155,PtNym_156,PtHII_151,PtSSS_159,PtAcc_157,rpt_165),comt(PtID_155,Ptr_164)),nonce_175),vc1_177,vc2_178,vc3_179,vc31_180,vc4_181,c5_183));
    {91}in(ch, xInvoice_184);
    {92}let ReceptionAck_185 = spk((PtID_155,PtNym_156,PtHII_151,PtSSS_159,PtAcc_157,rpt_165),PtCred(PtID_155,PtNym_156,PtHII_151,PtSSS_159,PtAcc_157,rpt_165),(xPrescID_169,cPharmID_161,vc1_177,vc2_178,vc3_179,vc31_180,vc4_181,c5_183)) in
    {93}out(ch, ReceptionAck_185);
    0
) | (
    {5}!
    (
        new nskPh_121;
        {27}let skPh_122 = nskPh_121 in
        {28}let pkPh_123 = pk(skPh_122) in
        {29}let PharmID_124 = host(pkPh_123) in
        {30}!
        (
            {59}out(ch, pkPh_123);
            0
        ) | (
            {31}!
            (
                {58}out(privchphpt_104, pkPh_123);
                0
            ) | (
                {32}!
                {33}in(privchmpaph_103, dpkMPA_125);
                {34}let dMpaID_126 = host(dpkMPA_125) in
                {35}out(ch, sign((PharmID_124,dMpaID_126),skPh_122));
                {36}in(ch, xPhPtAuthProof_127);
                {37}let (xPhPtCred_128,xPhPtSSS_129) = getpublic(xPhPtAuthProof_127) in
                {38}if PtCredVerifyPh(xPhPtAuthProof_127,xPhPtCred_128,xPhPtSSS_129) = true() then
                {39}in(ch, (xPhSPKDrPtDrNym_130,xPtPhSPKPtID_131,xvc1_132,xvc2_133,xvc3_134,xvc31_135,xvc4_136,xc5_137));
                {40}let (xPhPrescText_138,xPhPrescID_139,xPhDrComt_140,xPhPtComt_141) = getmsg(xPhSPKDrPtDrNym_130) in
                {41}let (=xPhDrComt_140,xPhDrCred_142) = getpubmsg(xPhSPKDrPtDrNym_130) in
                {42}if CheckSPKDrPtDrNym(xPhSPKDrPtDrNym_130,xPhDrCred_142,xPhPrescText_138,xPhPrescID_139,xPhDrComt_140,xPhPtComt_141) = true() then
                {43}let xnonce_143 = getmsg(xPtPhSPKPtID_131) in
                {44}if CheckSPKPhPtID(xPtPhSPKPtID_131,xPhPtCred_128,xPhPtComt_141,xnonce_143) = true() then
                {45}let (=xPhPtCred_128,xEnc1_144) = getpublic(xvc1_132) in
                {46}if CheckVEncHii(xvc1_132,xPhPtCred_128,xEnc1_144,dpkMPA_125) = true() then
                {47}let (=xPhSPKDrPtDrNym_130,xEnc2_145) = getpublic(xvc2_133) in
                {48}if CheckVEncDrnymMpa(xvc2_133,xPhSPKDrPtDrNym_130,xEnc2_145,dpkMPA_125) = true() then
                {49}let (=xPhPtCred_128,xEnc3_146) = getpublic(xvc3_134) in
                {50}if CheckVEncPtnym(xvc3_134,xPhPtCred_128,xEnc3_146,pkSSO_105) = true() then
                {51}let (=xPhPtCred_128,xEnc31_147) = getpublic(xvc31_135) in
                {52}if CheckVEncHii(xvc31_135,xPhPtCred_128,xEnc31_147,pkSSO_105) = true() then
                {53}let (=xPhPtCred_128,xEnc4_148) = getpublic(xvc4_136) in
                {54}if CheckVEncPtnym(xvc4_136,xPhPtCred_128,xEnc4_148,dpkMPA_125) = true() then
                {55}out(ch, invoice(xPhPrescID_139));
                {56}in(ch, xReceptionAck_149);
                {57}if CheckReceptionAck(xReceptionAck_149,xPhPtCred_128,xPhPrescID_139,PharmID_124,xvc1_132,xvc2_133,xvc3_134,xvc31_135,xvc4_136,xc5_137) = true() then
                0
            )
        )
    ) | (
        {6}!
        (
            new nskMPA_117;
            {19}let skMPA_118 = nskMPA_117 in
            {20}let pkMPA_119 = pk(skMPA_118) in
            {21}let MpaID_120 = host(pkMPA_119) in
            {22}!
            (
                {26}out(ch, pkMPA_119);
                0
            ) | (
                {23}!
                (
                    {25}out(privchmpaph_103, pkMPA_119);
                    0
                ) | (
                    {24}!
                    0
                )
            )
        ) | (
            {7}let DrID_106 = choice[A,B] in
            {8}!
            new nDrNym_107;
            {9}let DrNym_108 = nDrNym_107 in
            new rdr_109;
            {10}out(ch, zk((DrNym_108,DrID_106,rdr_109),DrCred(DrNym_108,DrID_106,rdr_109)));
            {11}in(ch, (xPtAuthProof_110,xPtDrPtIDProof_111));
            {12}let xPtCred_112 = getpublic(xPtAuthProof_110) in
            {13}let (xPtComt_113,=xPtCred_112) = getpublic(xPtDrPtIDProof_111) in
            {14}if PtCredVerifyDr(xPtAuthProof_110,xPtCred_112) = true() then
            {15}if PtCredVerifyPtIDDr(xPtDrPtIDProof_111,xPtComt_113,xPtCred_112) = true() then
            new PrescText_114;
            new Drr_115;
            {16}let PrescID_116 = hash(PrescText_114,xPtComt_113,comt(DrNym_108,Drr_115)) in
            {17}out(ch, (spk((DrNym_108,Drr_115,DrID_106,rdr_109),(comt(DrNym_108,Drr_115),DrCred(DrNym_108,DrID_106,rdr_109)),(PrescText_114,PrescID_116,comt(DrNym_108,Drr_115),xPtComt_113)),Drr_115));
            {18}out(ch, s);
            0
        )
    )
)

-- Observational equivalence
Termination warning: v_1550 <> v_1551 & attacker2:v_1549,v_1550 & attacker2:v_1549,v_1551 -> bad:
Selecting 0
Termination warning: v_1553 <> v_1554 & attacker2:v_1553,v_1552 & attacker2:v_1554,v_1552 -> bad:
Selecting 0
Completing...
Termination warning: v_1550 <> v_1551 & attacker2:v_1549,v_1550 & attacker2:v_1549,v_1551 -> bad:
Selecting 0
Termination warning: v_1553 <> v_1554 & attacker2:v_1553,v_1552 & attacker2:v_1554,v_1552 -> bad:
Selecting 0
200 rules inserted. The rule base contains 200 rules. 162 rules in the queue.
400 rules inserted. The rule base contains 400 rules. 114 rules in the queue.
600 rules inserted. The rule base contains 551 rules. 122 rules in the queue.
800 rules inserted. The rule base contains 745 rules. 192 rules in the queue.
1000 rules inserted. The rule base contains 923 rules. 174 rules in the queue.
1200 rules inserted. The rule base contains 1015 rules. 180 rules in the queue.
1400 rules inserted. The rule base contains 1191 rules. 278 rules in the queue.
1600 rules inserted. The rule base contains 1379 rules. 300 rules in the queue.
1800 rules inserted. The rule base contains 1565 rules. 258 rules in the queue.
2000 rules inserted. The rule base contains 1753 rules. 190 rules in the queue.
2200 rules inserted. The rule base contains 1901 rules. 142 rules in the queue.
2400 rules inserted. The rule base contains 2055 rules. 88 rules in the queue.
2600 rules inserted. The rule base contains 2184 rules. 50 rules in the queue.
RESULT Observational equivalence is true (bad not derivable).
naipeng@orbe:~/satoss/papers/epriv/healthcare/DLV08/Code/Revised_Model/Modify$ 

