isabelle: src/HOL/Auth/Shared.thy@a315a3862bb4 (annotated)

1934 58573e7041b4 Separation of theory Event into two parts: paulson parents: diff changeset	1	(* Title: HOL/Auth/Shared
58573e7041b4 Separation of theory Event into two parts: paulson parents: diff changeset	2	ID: $Id$
58573e7041b4 Separation of theory Event into two parts: paulson parents: diff changeset	3	Author: Lawrence C Paulson, Cambridge University Computer Laboratory
58573e7041b4 Separation of theory Event into two parts: paulson parents: diff changeset	4	Copyright 1996 University of Cambridge
58573e7041b4 Separation of theory Event into two parts: paulson parents: diff changeset	5
58573e7041b4 Separation of theory Event into two parts: paulson parents: diff changeset	6	Theory of Shared Keys (common to all symmetric-key protocols)
58573e7041b4 Separation of theory Event into two parts: paulson parents: diff changeset	7
3512 9dcb4daa15e8 Moving common declarations and proofs from theories "Shared" paulson parents: 3472 diff changeset	8	Shared, long-term keys; initial states of agents
1934 58573e7041b4 Separation of theory Event into two parts: paulson parents: diff changeset	9	*)
58573e7041b4 Separation of theory Event into two parts: paulson parents: diff changeset	10
11104 f2024fed9f0c partial conversion to Isar script style paulson parents: 10833 diff changeset	11	theory Shared = Event
f2024fed9f0c partial conversion to Isar script style paulson parents: 10833 diff changeset	12	files ("Shared_lemmas.ML"):
1934 58573e7041b4 Separation of theory Event into two parts: paulson parents: diff changeset	13
58573e7041b4 Separation of theory Event into two parts: paulson parents: diff changeset	14	consts
11104 f2024fed9f0c partial conversion to Isar script style paulson parents: 10833 diff changeset	15	shrK :: "agent => key" (symmetric keys)
1967 0ff58b41c037 "bad" set simplifies statements of many theorems paulson parents: 1965 diff changeset	16
11104 f2024fed9f0c partial conversion to Isar script style paulson parents: 10833 diff changeset	17	axioms
11270 a315a3862bb4 better treatment of methods: uses Method.ctxt_args to refer to current paulson parents: 11230 diff changeset	18	isSym_keys: "K \<in> symKeys" (All keys are symmetric)
11104 f2024fed9f0c partial conversion to Isar script style paulson parents: 10833 diff changeset	19	inj_shrK: "inj shrK" (No two agents have the same long-term key)
1934 58573e7041b4 Separation of theory Event into two parts: paulson parents: diff changeset	20
5183 89f162de39cf Adapted to new datatype package. berghofe parents: 3683 diff changeset	21	primrec
2319 95f0d5243c85 Updating of comments paulson parents: 2264 diff changeset	22	(Server knows all long-term keys; other agents know only their own)
11104 f2024fed9f0c partial conversion to Isar script style paulson parents: 10833 diff changeset	23	initState_Server: "initState Server = Key ` range shrK"
f2024fed9f0c partial conversion to Isar script style paulson parents: 10833 diff changeset	24	initState_Friend: "initState (Friend i) = {Key (shrK (Friend i))}"
f2024fed9f0c partial conversion to Isar script style paulson parents: 10833 diff changeset	25	initState_Spy: "initState Spy = Key`shrK`bad"
2032 1bbf1bdcaf56 Introduction of "lost" argument paulson parents: 2012 diff changeset	26
1934 58573e7041b4 Separation of theory Event into two parts: paulson parents: diff changeset	27
11104 f2024fed9f0c partial conversion to Isar script style paulson parents: 10833 diff changeset	28	axioms
2516 4d68fbe6378b Now with Andy Gordon's treatment of freshness to replace newN/K paulson parents: 2451 diff changeset	29	(*Unlike the corresponding property of nonces, this cannot be proved.
4d68fbe6378b Now with Andy Gordon's treatment of freshness to replace newN/K paulson parents: 2451 diff changeset	30	We have infinitely many agents and there is nothing to stop their
4d68fbe6378b Now with Andy Gordon's treatment of freshness to replace newN/K paulson parents: 2451 diff changeset	31	long-term keys from exhausting all the natural numbers. The axiom
4d68fbe6378b Now with Andy Gordon's treatment of freshness to replace newN/K paulson parents: 2451 diff changeset	32	assumes that their keys are dispersed so as to leave room for infinitely
4d68fbe6378b Now with Andy Gordon's treatment of freshness to replace newN/K paulson parents: 2451 diff changeset	33	many fresh session keys. We could, alternatively, restrict agents to
4d68fbe6378b Now with Andy Gordon's treatment of freshness to replace newN/K paulson parents: 2451 diff changeset	34	an unspecified finite number.*)
11104 f2024fed9f0c partial conversion to Isar script style paulson parents: 10833 diff changeset	35	Key_supply_ax: "finite KK ==> EX K. K ~: KK & Key K ~: used evs"
f2024fed9f0c partial conversion to Isar script style paulson parents: 10833 diff changeset	36
f2024fed9f0c partial conversion to Isar script style paulson parents: 10833 diff changeset	37	use "Shared_lemmas.ML"
f2024fed9f0c partial conversion to Isar script style paulson parents: 10833 diff changeset	38
f2024fed9f0c partial conversion to Isar script style paulson parents: 10833 diff changeset	39	(Lets blast_tac perform this step without needing the simplifier)
f2024fed9f0c partial conversion to Isar script style paulson parents: 10833 diff changeset	40	lemma invKey_shrK_iff [iff]:
11270 a315a3862bb4 better treatment of methods: uses Method.ctxt_args to refer to current paulson parents: 11230 diff changeset	41	"(Key (invKey K) \<in> X) = (Key K \<in> X)"
11104 f2024fed9f0c partial conversion to Isar script style paulson parents: 10833 diff changeset	42	by auto;
f2024fed9f0c partial conversion to Isar script style paulson parents: 10833 diff changeset	43
f2024fed9f0c partial conversion to Isar script style paulson parents: 10833 diff changeset	44	(Specialized methods)
f2024fed9f0c partial conversion to Isar script style paulson parents: 10833 diff changeset	45
f2024fed9f0c partial conversion to Isar script style paulson parents: 10833 diff changeset	46	method_setup analz_freshK = {*
f2024fed9f0c partial conversion to Isar script style paulson parents: 10833 diff changeset	47	Method.no_args
f2024fed9f0c partial conversion to Isar script style paulson parents: 10833 diff changeset	48	(Method.METHOD
f2024fed9f0c partial conversion to Isar script style paulson parents: 10833 diff changeset	49	(fn facts => EVERY [REPEAT_FIRST (resolve_tac [allI, impI]),
f2024fed9f0c partial conversion to Isar script style paulson parents: 10833 diff changeset	50	REPEAT_FIRST (rtac analz_image_freshK_lemma),
f2024fed9f0c partial conversion to Isar script style paulson parents: 10833 diff changeset	51	ALLGOALS (asm_simp_tac analz_image_freshK_ss)])) *}
f2024fed9f0c partial conversion to Isar script style paulson parents: 10833 diff changeset	52	"for proving the Session Key Compromise theorem"
f2024fed9f0c partial conversion to Isar script style paulson parents: 10833 diff changeset	53
f2024fed9f0c partial conversion to Isar script style paulson parents: 10833 diff changeset	54	method_setup possibility = {*
11270 a315a3862bb4 better treatment of methods: uses Method.ctxt_args to refer to current paulson parents: 11230 diff changeset	55	Method.ctxt_args (fn ctxt =>
a315a3862bb4 better treatment of methods: uses Method.ctxt_args to refer to current paulson parents: 11230 diff changeset	56	Method.METHOD (fn facts =>
a315a3862bb4 better treatment of methods: uses Method.ctxt_args to refer to current paulson parents: 11230 diff changeset	57	gen_possibility_tac (Simplifier.get_local_simpset ctxt))) *}
11104 f2024fed9f0c partial conversion to Isar script style paulson parents: 10833 diff changeset	58	"for proving possibility theorems"
2516 4d68fbe6378b Now with Andy Gordon's treatment of freshness to replace newN/K paulson parents: 2451 diff changeset	59
1934 58573e7041b4 Separation of theory Event into two parts: paulson parents: diff changeset	60	end

author	paulson
	Fri, 27 Apr 2001 17:16:21 +0200
changeset 11270	a315a3862bb4
parent 11230	756c5034f08b
child 12415	74977582a585
permissions	-rw-r--r--