src/HOL/Auth/Yahalom2.ML
1999-09-07 wenzelm 1999-09-07 isatool expandshort;
1999-03-10 paulson 1999-03-10 updating both Yahalom protocols to the Gets model
1998-11-18 paulson 1998-11-18 tidied
1998-09-15 paulson 1998-09-15 From Compl(A) to -A
1998-09-08 paulson 1998-09-08 Got rid of not_Says_to_self and most uses of ~= in definitions and theorems
1998-09-02 paulson 1998-09-02 small simplification to not_Says_to_self
1998-07-31 paulson 1998-07-31 Removal of obsolete "open" commands from heads of .ML files
1998-07-02 paulson 1998-07-02 Deleted leading parameters thanks to new Goal command
1998-06-24 paulson 1998-06-24 Ran isatool fixgoal
1998-06-22 paulson 1998-06-22 Changed format of Bob's certificate from Nb,K,A to A,B,K,Nb. The former format was just a hack to invoke type distinctions, while the latter uses the explictness principle.
1998-04-27 nipkow 1998-04-27 Renamed expand_const -> split_const.
1998-03-07 nipkow 1998-03-07 Removed `addsplits [expand_if]'
1998-02-05 paulson 1998-02-05 Added some more explicit guarantees of key secrecy for agents Deleted spurious A~=Spy assumptions
1998-01-08 paulson 1998-01-08 Expressed most Oops rules using Notes instead of Says, and other tidying
1998-01-02 paulson 1998-01-02 Making proofs faster, especially using keysFor_parts_insert
1997-12-24 paulson 1997-12-24 New Auto_tac (by Oheimb), and new syntax (without parens), and expandshort
1997-12-23 paulson 1997-12-23 Tidied using rev_iffD1
1997-12-19 wenzelm 1997-12-19 tuned;
1997-12-16 paulson 1997-12-16 Simplified proofs using rewrites for f``A where f is injective
1997-11-18 paulson 1997-11-18 Crypt_imp_keysFor: version of Crypt_imp_invKey_keysFor for shared keys
1997-11-11 paulson 1997-11-11 Fixed indentation
1997-11-05 paulson 1997-11-05 Ran expandshort, especially to introduce Safe_tac
1997-11-03 wenzelm 1997-11-03 isatool fixclasimp;
1997-10-21 paulson 1997-10-21 Many minor speedups: 1. Some use of rewriting with expand_ifs instead of addsplits[expand_if] 2. Faster proof of new_keys_not_used 3. New version of shrK_neq (no longer refers to "range")
1997-10-17 nipkow 1997-10-17 setloop split_tac -> addsplits
1997-09-29 paulson 1997-09-29 Step_tac -> Safe_tac
1997-09-18 paulson 1997-09-18 Global change: lost->bad and sees Spy->spies First change just gives a more sensible name. Second change eliminates the agent parameter of "sees" to simplify definitions and theorems
1997-09-17 paulson 1997-09-17 Deleted the redundant identifier Says_imp_sees_Spy'
1997-09-16 paulson 1997-09-16 Deleted the redundant simprule not_parts_not_analz
1997-07-14 paulson 1997-07-14 Changing "lost" from a parameter of protocol definitions to a constant. Advantages: no "lost" argument everywhere; fewer Vars in subgoals; less need for specially instantiated rules Disadvantage: can no longer prove "Agent_not_see_encrypted_key", but this theorem was never used, and its original proof was also broken the introduction of the "Notes" constructor.
1997-07-11 paulson 1997-07-11 Removal of monotonicity reasoning involving "lost" and the theorem Agent_not_see_encrypted_key, which (a) is never used and (b) becomes harder to prove when Notes is available.
1997-07-04 paulson 1997-07-04 Changed some variables of type msg to lower case (e.g. from NB to nb
1997-06-27 paulson 1997-06-27 Corrected indentations and margins after the renaming of "set_of_list"
1997-06-26 nipkow 1997-06-26 set_of_list -> set
1997-06-19 paulson 1997-06-19 Proof tidying and variable renaming (NA->na, NB->nb when of type msg)
1997-06-09 paulson 1997-06-09 Strengthened and streamlined the Yahalom proofs
1997-05-07 paulson 1997-05-07 Conversion to use blast_tac (with other improvements)
1997-02-15 oheimb 1997-02-15 reflecting my recent changes of the simplifier and classical reasoner
1997-01-17 paulson 1997-01-17 Now with Andy Gordon's treatment of freshness to replace newN/K
1996-12-19 paulson 1996-12-19 Extensive tidying and simplification, largely stemming from changing newN and newK to take an integer argument
1996-12-13 paulson 1996-12-13 Streamlined many proofs
1996-12-05 paulson 1996-12-05 Trivial renamings
1996-11-29 paulson 1996-11-29 Swapped arguments of Crypt (for clarity and because it is conventional)
1996-11-28 paulson 1996-11-28 Weaking of injectivity assumptions for newK and newN: they are no longer assumed injective over all traces, merely over the length of a trace
1996-11-08 paulson 1996-11-08 Ran expandshort
1996-11-05 paulson 1996-11-05 Simplified new_keys_not_seen, etc.: replaced the union over all agents by the Spy alone. Proofs run faster and they do not have to be set up in terms of a previous lemma.
1996-11-01 paulson 1996-11-01 New version with simpler disambiguation in YM3, Oops message, and no encryption in YM2
1996-10-18 paulson 1996-10-18 New version of Yahalom, as recommended on p 259 of BAN paper