src/HOL/Auth/Shared.thy
author paulson
Fri Jul 04 17:34:55 1997 +0200 (1997-07-04)
changeset 3500 0d8ad2f192d8
parent 3472 fb3c38c88c08
child 3512 9dcb4daa15e8
permissions -rw-r--r--
New constant "certificate"--just an abbreviation
     1 (*  Title:      HOL/Auth/Shared
     2     ID:         $Id$
     3     Author:     Lawrence C Paulson, Cambridge University Computer Laboratory
     4     Copyright   1996  University of Cambridge
     5 
     6 Theory of Shared Keys (common to all symmetric-key protocols)
     7 
     8 Server keys; initial states of agents; new nonces and keys; function "sees" 
     9 *)
    10 
    11 Shared = Message + List + Finite +
    12 
    13 consts
    14   shrK    :: agent => key  (*symmetric keys*)
    15 
    16 rules
    17   isSym_keys "isSymKey K"	(*All keys are symmetric*)
    18   inj_shrK   "inj shrK"		(*No two agents have the same long-term key*)
    19 
    20 consts  (*Initial states of agents -- parameter of the construction*)
    21   initState :: [agent set, agent] => msg set
    22 
    23 primrec initState agent
    24         (*Server knows all long-term keys; other agents know only their own*)
    25   initState_Server  "initState lost Server     = Key `` range shrK"
    26   initState_Friend  "initState lost (Friend i) = {Key (shrK (Friend i))}"
    27   initState_Spy     "initState lost Spy        = Key``shrK``lost"
    28 
    29 
    30 datatype  (*Messages, and components of agent stores*)
    31   event = Says agent agent msg
    32 
    33 consts  
    34   sees1 :: [agent, event] => msg set
    35 
    36 primrec sees1 event
    37            (*Spy reads all traffic whether addressed to him or not*)
    38   sees1_Says  "sees1 A (Says A' B X)  = (if A:{B,Spy} then {X} else {})"
    39 
    40 consts  
    41   sees :: [agent set, agent, event list] => msg set
    42 
    43 primrec sees list
    44   sees_Nil  "sees lost A []       = initState lost A"
    45   sees_Cons "sees lost A (ev#evs) = sees1 A ev Un sees lost A evs"
    46 
    47 
    48 constdefs
    49   (*Set of items that might be visible to somebody: complement of the set
    50         of fresh items*)
    51   used :: event list => msg set
    52     "used evs == parts (UN lost B. sees lost B evs)"
    53 
    54 
    55 rules
    56   (*Unlike the corresponding property of nonces, this cannot be proved.
    57     We have infinitely many agents and there is nothing to stop their
    58     long-term keys from exhausting all the natural numbers.  The axiom
    59     assumes that their keys are dispersed so as to leave room for infinitely
    60     many fresh session keys.  We could, alternatively, restrict agents to
    61     an unspecified finite number.*)
    62   Key_supply_ax  "finite KK ==> EX K. K ~: KK & Key K ~: used evs"
    63 
    64 end