isabelle: src/HOL/Auth/Guard/List_Msg.thy@682b35dc1926 (annotated)

41775 6214816d79d3 standardized headers; wenzelm parents: 35418 diff changeset	1	(* Title: HOL/Auth/Guard/List_Msg.thy
6214816d79d3 standardized headers; wenzelm parents: 35418 diff changeset	2	Author: Frederic Blanqui, University of Cambridge Computer Laboratory
6214816d79d3 standardized headers; wenzelm parents: 35418 diff changeset	3	Copyright 2001 University of Cambridge
6214816d79d3 standardized headers; wenzelm parents: 35418 diff changeset	4	*)
13508 890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	5
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	6	header{Lists of Messages and Lists of Agents}
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	7
16417 9bc16273c2d4 migrated theory headers to new format haftmann parents: 13508 diff changeset	8	theory List_Msg imports Extensions begin
13508 890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	9
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	10	subsection{Implementation of Lists by Messages}
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	11
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	12	subsubsection{nil is represented by any message which is not a pair}
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	13
20768 1d478c2d621f replaced syntax/translations by abbreviation; wenzelm parents: 16417 diff changeset	14	abbreviation (input)
21404 eb85850d3eb7 more robust syntax for definition/abbreviation/notation; wenzelm parents: 20768 diff changeset	15	cons :: "msg => msg => msg" where
20768 1d478c2d621f replaced syntax/translations by abbreviation; wenzelm parents: 16417 diff changeset	16	"cons x l == {\|x,l\|}"
13508 890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	17
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	18	subsubsection{induction principle}
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	19
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	20	lemma lmsg_induct: "[\| !!x. not_MPair x ==> P x; !!x l. P l ==> P (cons x l) \|]
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	21	==> P l"
20768 1d478c2d621f replaced syntax/translations by abbreviation; wenzelm parents: 16417 diff changeset	22	by (induct l) auto
13508 890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	23
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	24	subsubsection{head}
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	25
35418 83b0f75810f0 killed recdefs in HOL-Auth krauss parents: 23746 diff changeset	26	primrec head :: "msg => msg" where
13508 890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	27	"head (cons x l) = x"
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	28
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	29	subsubsection{tail}
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	30
35418 83b0f75810f0 killed recdefs in HOL-Auth krauss parents: 23746 diff changeset	31	primrec tail :: "msg => msg" where
13508 890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	32	"tail (cons x l) = l"
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	33
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	34	subsubsection{length}
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	35
35418 83b0f75810f0 killed recdefs in HOL-Auth krauss parents: 23746 diff changeset	36	fun len :: "msg => nat" where
83b0f75810f0 killed recdefs in HOL-Auth krauss parents: 23746 diff changeset	37	"len (cons x l) = Suc (len l)" \|
13508 890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	38	"len other = 0"
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	39
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	40	lemma len_not_empty: "n < len l ==> EX x l'. l = cons x l'"
20768 1d478c2d621f replaced syntax/translations by abbreviation; wenzelm parents: 16417 diff changeset	41	by (cases l) auto
13508 890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	42
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	43	subsubsection{membership}
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	44
35418 83b0f75810f0 killed recdefs in HOL-Auth krauss parents: 23746 diff changeset	45	fun isin :: "msg * msg => bool" where
83b0f75810f0 killed recdefs in HOL-Auth krauss parents: 23746 diff changeset	46	"isin (x, cons y l) = (x=y \| isin (x,l))" \|
13508 890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	47	"isin (x, other) = False"
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	48
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	49	subsubsection{delete an element}
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	50
35418 83b0f75810f0 killed recdefs in HOL-Auth krauss parents: 23746 diff changeset	51	fun del :: "msg * msg => msg" where
83b0f75810f0 killed recdefs in HOL-Auth krauss parents: 23746 diff changeset	52	"del (x, cons y l) = (if x=y then l else cons y (del (x,l)))" \|
13508 890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	53	"del (x, other) = other"
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	54
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	55	lemma notin_del [simp]: "~ isin (x,l) ==> del (x,l) = l"
20768 1d478c2d621f replaced syntax/translations by abbreviation; wenzelm parents: 16417 diff changeset	56	by (induct l) auto
13508 890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	57
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	58	lemma isin_del [rule_format]: "isin (y, del (x,l)) --> isin (y,l)"
20768 1d478c2d621f replaced syntax/translations by abbreviation; wenzelm parents: 16417 diff changeset	59	by (induct l) auto
13508 890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	60
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	61	subsubsection{concatenation}
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	62
35418 83b0f75810f0 killed recdefs in HOL-Auth krauss parents: 23746 diff changeset	63	fun app :: "msg * msg => msg" where
83b0f75810f0 killed recdefs in HOL-Auth krauss parents: 23746 diff changeset	64	"app (cons x l, l') = cons x (app (l,l'))" \|
13508 890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	65	"app (other, l') = l'"
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	66
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	67	lemma isin_app [iff]: "isin (x, app(l,l')) = (isin (x,l) \| isin (x,l'))"
20768 1d478c2d621f replaced syntax/translations by abbreviation; wenzelm parents: 16417 diff changeset	68	by (induct l) auto
13508 890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	69
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	70	subsubsection{replacement}
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	71
35418 83b0f75810f0 killed recdefs in HOL-Auth krauss parents: 23746 diff changeset	72	fun repl :: "msg * nat * msg => msg" where
83b0f75810f0 killed recdefs in HOL-Auth krauss parents: 23746 diff changeset	73	"repl (cons x l, Suc i, x') = cons x (repl (l,i,x'))" \|
83b0f75810f0 killed recdefs in HOL-Auth krauss parents: 23746 diff changeset	74	"repl (cons x l, 0, x') = cons x' l" \|
13508 890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	75	"repl (other, i, M') = other"
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	76
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	77	subsubsection{ith element}
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	78
35418 83b0f75810f0 killed recdefs in HOL-Auth krauss parents: 23746 diff changeset	79	fun ith :: "msg * nat => msg" where
83b0f75810f0 killed recdefs in HOL-Auth krauss parents: 23746 diff changeset	80	"ith (cons x l, Suc i) = ith (l,i)" \|
83b0f75810f0 killed recdefs in HOL-Auth krauss parents: 23746 diff changeset	81	"ith (cons x l, 0) = x" \|
13508 890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	82	"ith (other, i) = other"
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	83
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	84	lemma ith_head: "0 < len l ==> ith (l,0) = head l"
20768 1d478c2d621f replaced syntax/translations by abbreviation; wenzelm parents: 16417 diff changeset	85	by (cases l) auto
13508 890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	86
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	87	subsubsection{insertion}
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	88
35418 83b0f75810f0 killed recdefs in HOL-Auth krauss parents: 23746 diff changeset	89	fun ins :: "msg * nat * msg => msg" where
83b0f75810f0 killed recdefs in HOL-Auth krauss parents: 23746 diff changeset	90	"ins (cons x l, Suc i, y) = cons x (ins (l,i,y))" \|
13508 890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	91	"ins (l, 0, y) = cons y l"
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	92
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	93	lemma ins_head [simp]: "ins (l,0,y) = cons y l"
20768 1d478c2d621f replaced syntax/translations by abbreviation; wenzelm parents: 16417 diff changeset	94	by (cases l) auto
13508 890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	95
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	96	subsubsection{truncation}
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	97
35418 83b0f75810f0 killed recdefs in HOL-Auth krauss parents: 23746 diff changeset	98	fun trunc :: "msg * nat => msg" where
83b0f75810f0 killed recdefs in HOL-Auth krauss parents: 23746 diff changeset	99	"trunc (l,0) = l" \|
13508 890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	100	"trunc (cons x l, Suc i) = trunc (l,i)"
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	101
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	102	lemma trunc_zero [simp]: "trunc (l,0) = l"
20768 1d478c2d621f replaced syntax/translations by abbreviation; wenzelm parents: 16417 diff changeset	103	by (cases l) auto
13508 890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	104
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	105
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	106	subsection{Agent Lists}
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	107
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	108	subsubsection{set of well-formed agent-list messages}
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	109
20768 1d478c2d621f replaced syntax/translations by abbreviation; wenzelm parents: 16417 diff changeset	110	abbreviation
21404 eb85850d3eb7 more robust syntax for definition/abbreviation/notation; wenzelm parents: 20768 diff changeset	111	nil :: msg where
20768 1d478c2d621f replaced syntax/translations by abbreviation; wenzelm parents: 16417 diff changeset	112	"nil == Number 0"
13508 890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	113
23746 a455e69c31cc Adapted to new inductive definition package. berghofe parents: 21404 diff changeset	114	inductive_set agl :: "msg set"
a455e69c31cc Adapted to new inductive definition package. berghofe parents: 21404 diff changeset	115	where
a455e69c31cc Adapted to new inductive definition package. berghofe parents: 21404 diff changeset	116	Nil[intro]: "nil:agl"
a455e69c31cc Adapted to new inductive definition package. berghofe parents: 21404 diff changeset	117	\| Cons[intro]: "[\| A:agent; I:agl \|] ==> cons (Agent A) I :agl"
13508 890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	118
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	119	subsubsection{basic facts about agent lists}
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	120
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	121	lemma del_in_agl [intro]: "I:agl ==> del (a,I):agl"
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	122	by (erule agl.induct, auto)
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	123
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	124	lemma app_in_agl [intro]: "[\| I:agl; J:agl \|] ==> app (I,J):agl"
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	125	by (erule agl.induct, auto)
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	126
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	127	lemma no_Key_in_agl: "I:agl ==> Key K ~:parts {I}"
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	128	by (erule agl.induct, auto)
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	129
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	130	lemma no_Nonce_in_agl: "I:agl ==> Nonce n ~:parts {I}"
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	131	by (erule agl.induct, auto)
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	132
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	133	lemma no_Key_in_appdel: "[\| I:agl; J:agl \|] ==>
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	134	Key K ~:parts {app (J, del (Agent B, I))}"
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	135	by (rule no_Key_in_agl, auto)
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	136
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	137	lemma no_Nonce_in_appdel: "[\| I:agl; J:agl \|] ==>
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	138	Nonce n ~:parts {app (J, del (Agent B, I))}"
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	139	by (rule no_Nonce_in_agl, auto)
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	140
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	141	lemma no_Crypt_in_agl: "I:agl ==> Crypt K X ~:parts {I}"
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	142	by (erule agl.induct, auto)
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	143
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	144	lemma no_Crypt_in_appdel: "[\| I:agl; J:agl \|] ==>
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	145	Crypt K X ~:parts {app (J, del (Agent B,I))}"
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	146	by (rule no_Crypt_in_agl, auto)
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	147
890d736b93a5 Frederic Blanqui's new "guard" examples paulson parents: diff changeset	148	end

author	krauss
	Thu, 07 Apr 2011 21:49:24 +0200
changeset 42291	682b35dc1926
parent 41775	6214816d79d3
child 58889	5b7a9633cfa8
permissions	-rw-r--r--