src/HOL/Auth/Yahalom.thy
1997-09-18 paulson 1997-09-18 Global change: lost->bad and sees Spy->spies First change just gives a more sensible name. Second change eliminates the agent parameter of "sees" to simplify definitions and theorems
1997-09-05 paulson 1997-09-05 Renamed "evs" to "evs1", "evs2", etc. in protocol inductive definition
1997-07-14 paulson 1997-07-14 Changing "lost" from a parameter of protocol definitions to a constant. Advantages: no "lost" argument everywhere; fewer Vars in subgoals; less need for specially instantiated rules Disadvantage: can no longer prove "Agent_not_see_encrypted_key", but this theorem was never used, and its original proof was also broken the introduction of the "Notes" constructor.
1997-07-01 paulson 1997-07-01 Deleted a redundant A~=B in rules that refer to a previous event
1997-06-26 nipkow 1997-06-26 set_of_list -> set
1997-06-18 paulson 1997-06-18 Defines KeyWithNonce, which is used to prove the secrecy of NB
1997-01-17 paulson 1997-01-17 Now with Andy Gordon's treatment of freshness to replace newN/K
1996-12-19 paulson 1996-12-19 Extensive tidying and simplification, largely stemming from changing newN and newK to take an integer argument
1996-12-13 paulson 1996-12-13 Removed needless quotation marks
1996-11-29 paulson 1996-11-29 Swapped arguments of Crypt (for clarity and because it is conventional)
1996-11-01 paulson 1996-11-01 Minor changes to comments
1996-10-24 paulson 1996-10-24 New Oops message, with Server as source to ensure correct nonces
1996-10-18 paulson 1996-10-18 Addition of Reveal message
1996-09-26 paulson 1996-09-26 Introduction of "lost" argument Changed Enemy -> Spy Ran expandshort
1996-09-13 paulson 1996-09-13 Addition of Yahalom protocol
1996-09-12 paulson 1996-09-12 Tidied many proofs, using AddIffs to let equivalences take the place of separate Intr and Elim rules. Also deleted most named clasets.