src/HOL/Auth/Yahalom2.thy
changeset 2451 ce85a2aafc7a
parent 2378 fc103154ad8f
child 2516 4d68fbe6378b
     1.1 --- a/src/HOL/Auth/Yahalom2.thy	Thu Dec 19 11:54:19 1996 +0100
     1.2 +++ b/src/HOL/Auth/Yahalom2.thy	Thu Dec 19 11:58:39 1996 +0100
     1.3 @@ -31,13 +31,13 @@
     1.4  
     1.5           (*Alice initiates a protocol run*)
     1.6      YM1  "[| evs: yahalom lost;  A ~= B |]
     1.7 -          ==> Says A B {|Agent A, Nonce (newN evs)|} # evs : yahalom lost"
     1.8 +          ==> Says A B {|Agent A, Nonce (newN(length evs))|} # evs : yahalom lost"
     1.9  
    1.10           (*Bob's response to Alice's message.  Bob doesn't know who 
    1.11  	   the sender is, hence the A' in the sender field.*)
    1.12      YM2  "[| evs: yahalom lost;  B ~= Server;
    1.13               Says A' B {|Agent A, Nonce NA|} : set_of_list evs |]
    1.14 -          ==> Says B Server {|Agent A, Agent B, Nonce NA, Nonce (newN evs)|}
    1.15 +          ==> Says B Server {|Agent A, Agent B, Nonce NA, Nonce (newN(length evs))|}
    1.16                   # evs : yahalom lost"
    1.17  
    1.18           (*The Server receives Bob's message.  He responds by sending a
    1.19 @@ -48,8 +48,8 @@
    1.20                 : set_of_list evs |]
    1.21            ==> Says Server A
    1.22                 {|Nonce NB, 
    1.23 -                 Crypt (shrK A) {|Agent B, Key (newK evs), Nonce NA|},
    1.24 -                 Crypt (shrK B) {|Nonce NB, Key (newK evs), Agent A|}|}
    1.25 +                 Crypt (shrK A) {|Agent B, Key (newK(length evs)), Nonce NA|},
    1.26 +                 Crypt (shrK B) {|Nonce NB, Key (newK(length evs)), Agent A|}|}
    1.27                   # evs : yahalom lost"
    1.28  
    1.29           (*Alice receives the Server's (?) message, checks her Nonce, and