/* 
	Bilateral Key Exchange with Public Key protocol (BKEPK)
*/

usertype SessionKey;

hashfunction hash;

protocol bke(I,R)
{
	role I
	{
		fresh ni: Nonce;
		var nr: Nonce;
		var kir: SessionKey;

		send_1 (I,R, { ni,I }pk(R) );
		recv_2 (R,I, { hash(ni),nr,R,kir }pk(I) );
		send_3 (I,R, { hash(nr) }kir );
		claim_4 (I, SKR, kir );
		//claim_5 (I, Niagree );
		//claim_6 (I, Nisynch );
	}

	role R
	{
		var ni: Nonce;
		fresh nr: Nonce;
		fresh kir: SessionKey;

		recv_1 (I,R, { ni,I }pk(R) );
		send_2 (R,I, { hash(ni),nr,R,kir }pk(I) );
		recv_3 (I,R, { hash(nr) }kir );
		claim_7 (R, SKR, kir );
		//claim_8 (R, Niagree );
		//claim_9 (R, Nisynch );
	}
}