isabelle: doc-src/TutorialI/Protocol/Message.thy@af3b71a46a1c (annotated)

11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	1	(* Title: HOL/Auth/Message
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	2	ID: $Id$
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	3	Author: Lawrence C Paulson, Cambridge University Computer Laboratory
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	4	Copyright 1996 University of Cambridge
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	5
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	6	Datatypes of agents and messages;
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	7	Inductive relations "parts", "analz" and "synth"
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	8	*)
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	9
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	10	theory Message = Main
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	11	files ("Message_lemmas.ML"):
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	12
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	13	(Needed occasionally with spy_analz_tac, e.g. in analz_insert_Key_newK)
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	14	lemma [simp] : "A Un (B Un A) = B Un A"
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	15	by blast
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	16
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	17	types
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	18	key = nat
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	19
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	20	consts
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	21	invKey :: "key=>key"
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	22
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	23	axioms
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	24	invKey [simp] : "invKey (invKey K) = K"
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	25
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	26	(*The inverse of a symmetric key is itself;
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	27	that of a public key is the private key and vice versa*)
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	28
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	29	constdefs
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	30	symKeys :: "key set"
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	31	"symKeys == {K. invKey K = K}"
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	32
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	33	datatype (We allow any number of friendly agents)
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	34	agent = Server \| Friend nat \| Spy
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	35
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	36	datatype
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	37	msg = Agent agent (Agent names)
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	38	\| Number nat (Ordinary integers, timestamps, ...)
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	39	\| Nonce nat (Unguessable nonces)
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	40	\| Key key (Crypto keys)
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	41	\| Hash msg (Hashing)
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	42	\| MPair msg msg (Compound messages)
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	43	\| Crypt key msg (Encryption, public- or shared-key)
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	44
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	45
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	46	(Concrete syntax: messages appear as {\|A,B,NA\|}, etc...)
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	47	syntax
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	48	"@MTuple" :: "['a, args] => 'a * 'b" ("(2{\|_,/ _\|})")
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	49
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	50	syntax (xsymbols)
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	51	"@MTuple" :: "['a, args] => 'a * 'b" ("(2\<lbrace>_,/ _\<rbrace>)")
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	52
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	53	translations
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	54	"{\|x, y, z\|}" == "{\|x, {\|y, z\|}\|}"
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	55	"{\|x, y\|}" == "MPair x y"
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	56
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	57
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	58	constdefs
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	59	(Message Y, paired with a MAC computed with the help of X)
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	60	HPair :: "[msg,msg] => msg" ("(4Hash[_] /_)" [0, 1000])
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	61	"Hash[X] Y == {\| Hash{\|X,Y\|}, Y\|}"
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	62
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	63	(Keys useful to decrypt elements of a message set)
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	64	keysFor :: "msg set => key set"
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	65	"keysFor H == invKey ` {K. \<exists>X. Crypt K X \<in> H}"
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	66
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	67	( Inductive definition of all "parts" of a message. )
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	68
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	69	consts parts :: "msg set => msg set"
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	70	inductive "parts H"
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	71	intros
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	72	Inj [intro]: "X \<in> H ==> X \<in> parts H"
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	73	Fst: "{\|X,Y\|} \<in> parts H ==> X \<in> parts H"
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	74	Snd: "{\|X,Y\|} \<in> parts H ==> Y \<in> parts H"
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	75	Body: "Crypt K X \<in> parts H ==> X \<in> parts H"
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	76
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	77
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	78	(Monotonicity)
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	79	lemma parts_mono: "G<=H ==> parts(G) <= parts(H)"
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	80	apply auto
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	81	apply (erule parts.induct)
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	82	apply (auto dest: Fst Snd Body)
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	83	done
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	84
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	85
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	86	(** Inductive definition of "analz" -- what can be broken down from a set of
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	87	messages, including keys. A form of downward closure. Pairs can
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	88	be taken apart; messages decrypted with known keys. **)
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	89
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	90	consts analz :: "msg set => msg set"
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	91	inductive "analz H"
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	92	intros
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	93	Inj [intro,simp] : "X \<in> H ==> X \<in> analz H"
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	94	Fst: "{\|X,Y\|} \<in> analz H ==> X \<in> analz H"
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	95	Snd: "{\|X,Y\|} \<in> analz H ==> Y \<in> analz H"
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	96	Decrypt [dest]:
14179 04f905c13502 Corrections due to John Matthews paulson parents: 11250 diff changeset	97	"[\|Crypt K X \<in> analz H; Key(invKey K) \<in> analz H\|] ==> X \<in> analz H"
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	98
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	99
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	100	(Monotonicity; Lemma 1 of Lowe's paper)
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	101	lemma analz_mono: "G<=H ==> analz(G) <= analz(H)"
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	102	apply auto
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	103	apply (erule analz.induct)
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	104	apply (auto dest: Fst Snd)
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	105	done
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	106
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	107	(** Inductive definition of "synth" -- what can be built up from a set of
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	108	messages. A form of upward closure. Pairs can be built, messages
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	109	encrypted with known keys. Agent names are public domain.
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	110	Numbers can be guessed, but Nonces cannot be. **)
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	111
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	112	consts synth :: "msg set => msg set"
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	113	inductive "synth H"
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	114	intros
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	115	Inj [intro]: "X \<in> H ==> X \<in> synth H"
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	116	Agent [intro]: "Agent agt \<in> synth H"
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	117	Number [intro]: "Number n \<in> synth H"
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	118	Hash [intro]: "X \<in> synth H ==> Hash X \<in> synth H"
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	119	MPair [intro]: "[\|X \<in> synth H; Y \<in> synth H\|] ==> {\|X,Y\|} \<in> synth H"
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	120	Crypt [intro]: "[\|X \<in> synth H; Key(K) \<in> H\|] ==> Crypt K X \<in> synth H"
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	121
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	122	(Monotonicity)
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	123	lemma synth_mono: "G<=H ==> synth(G) <= synth(H)"
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	124	apply auto
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	125	apply (erule synth.induct)
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	126	apply (auto dest: Fst Snd Body)
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	127	done
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	128
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	129	(NO Agent_synth, as any Agent name can be synthesized. Ditto for Number)
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	130	inductive_cases Nonce_synth [elim!]: "Nonce n \<in> synth H"
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	131	inductive_cases Key_synth [elim!]: "Key K \<in> synth H"
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	132	inductive_cases Hash_synth [elim!]: "Hash X \<in> synth H"
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	133	inductive_cases MPair_synth [elim!]: "{\|X,Y\|} \<in> synth H"
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	134	inductive_cases Crypt_synth [elim!]: "Crypt K X \<in> synth H"
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	135
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	136	use "Message_lemmas.ML"
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	137
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	138	lemma Fake_parts_insert_in_Un:
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	139	"[\|Z \<in> parts (insert X H); X: synth (analz H)\|]
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	140	==> Z \<in> synth (analz H) \<union> parts H";
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	141	by (blast dest: Fake_parts_insert [THEN subsetD, dest])
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	142
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	143	method_setup spy_analz = {*
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	144	Method.no_args (Method.METHOD (fn facts => spy_analz_tac 1)) *}
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	145	"for proving the Fake case when analz is involved"
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	146
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	147	end

author	chaieb
	Wed, 19 May 2004 11:23:59 +0200
changeset 14758	af3b71a46a1c
parent 14179	04f905c13502
child 16417	9bc16273c2d4
permissions	-rw-r--r--