src/HOL/Auth/Event.thy
author paulson
Wed Sep 17 16:37:27 1997 +0200 (1997-09-17)
changeset 3678 414e04d7c2d6
parent 3519 ab0a9fbed4c0
child 3683 aafe719dff14
permissions -rw-r--r--
Spy can see Notes of the compromised agents
     1 (*  Title:      HOL/Auth/Event
     2     ID:         $Id$
     3     Author:     Lawrence C Paulson, Cambridge University Computer Laboratory
     4     Copyright   1996  University of Cambridge
     5 
     6 Theory of events for security protocols
     7 
     8 Datatype of events; function "sees"; freshness
     9 
    10 "lost" agents have been broken by the Spy; their private keys and internal
    11     stores are visible to him
    12 *)
    13 
    14 Event = Message + List + 
    15 
    16 consts  (*Initial states of agents -- parameter of the construction*)
    17   initState :: agent => msg set
    18 
    19 datatype  (*Messages--could add another constructor for agent knowledge*)
    20   event = Says  agent agent msg
    21         | Notes agent       msg
    22 
    23 consts  
    24   lost :: agent set        (*compromised agents*)
    25   sees :: [agent, event list] => msg set
    26 
    27 rules
    28   (*Spy has access to his own key for spoof messages, but Server is secure*)
    29   Spy_in_lost     "Spy: lost"
    30   Server_not_lost "Server ~: lost"
    31 
    32 consts  
    33   sees1 :: [agent, event] => msg set
    34 
    35 primrec sees1 event
    36            (*Spy reads all traffic whether addressed to him or not*)
    37   sees1_Says  "sees1 A (Says A' B X)  = (if A:{B,Spy} then {X} else {})"
    38   sees1_Notes "sees1 A (Notes A' X)   = (if A=A' | A=Spy & A':lost then {X}
    39 					 else {})"
    40 
    41 primrec sees list
    42   sees_Nil  "sees A []       = initState A"
    43   sees_Cons "sees A (ev#evs) = sees1 A ev Un sees A evs"
    44 
    45 constdefs
    46   (*Set of items that might be visible to somebody: complement of the set
    47         of fresh items*)
    48   used :: event list => msg set
    49     "used evs == parts (UN B. sees B evs)"
    50 
    51 end