isabelle: src/Doc/Tutorial/Protocol/Message.thy@dd59daa3c37a (annotated)

49322 fbb320d02420 tuned headers; wenzelm parents: 48985 diff changeset	1	(* Author: Lawrence C Paulson, Cambridge University Computer Laboratory
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	2	Copyright 1996 University of Cambridge
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	3
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	4	Datatypes of agents and messages;
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	5	Inductive relations "parts", "analz" and "synth"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	6	)(<*)
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	7
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	8	section\<open>Theory of Agents and Messages for Security Protocols\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	9
72991 d0a0b74f0ad7 avoid multiple uses of the same ML file; wenzelm parents: 69605 diff changeset	10	theory Message imports "../Setup" begin
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	11
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	12	(Needed occasionally with spy_analz_tac, e.g. in analz_insert_Key_newK)
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	13	lemma [simp] : "A \<union> (B \<union> A) = B \<union> A"
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	14	by blast
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	15	(>)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	16
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	17	section\<open>Agents and Messages\<close>
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	18
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	19	text \<open>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	20	All protocol specifications refer to a syntactic theory of messages.
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	21	Datatype
69505 cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	22	\<open>agent\<close> introduces the constant \<open>Server\<close> (a trusted central
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	23	machine, needed for some protocols), an infinite population of
69505 cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	24	friendly agents, and the~\<open>Spy\<close>:
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	25	\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	26
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	27	datatype agent = Server \| Friend nat \| Spy
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	28
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	29	text \<open>
69505 cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	30	Keys are just natural numbers. Function \<open>invKey\<close> maps a public key to
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	31	the matching private key, and vice versa:
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	32	\<close>
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	33
42765 aec61b60ff7b modernized specifications; wenzelm parents: 42475 diff changeset	34	type_synonym key = nat
25341 ca3761e38a87 fix nipkow parents: 23929 diff changeset	35	consts invKey :: "key \<Rightarrow> key"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	36	(<)
67443 3abf6a722518 standardized towards new-style formal comments: isabelle update_comments; wenzelm parents: 67406 diff changeset	37	consts all_symmetric :: bool \<comment> \<open>true if all keys are symmetric\<close>
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	38
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	39	specification (invKey)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	40	invKey [simp]: "invKey (invKey K) = K"
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	41	invKey_symmetric: "all_symmetric \<longrightarrow> invKey = id"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	42	by (rule exI [of _ id], auto)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	43
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	44
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	45	text\<open>The inverse of a symmetric key is itself; that of a public key
23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	46	is the private key and vice versa\<close>
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	47
35416 d8d7d1b785af replaced a couple of constsdefs by definitions (also some old primrecs by modern ones) haftmann parents: 35109 diff changeset	48	definition symKeys :: "key set" where
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	49	"symKeys == {K. invKey K = K}"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	50	(>)
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	51
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	52	text \<open>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	53	Datatype
69505 cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	54	\<open>msg\<close> introduces the message forms, which include agent names, nonces,
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	55	keys, compound messages, and encryptions.
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	56	\<close>
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	57
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	58	datatype
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	59	msg = Agent agent
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	60	\| Nonce nat
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	61	\| Key key
32960 69916a850301 eliminated hard tabulators, guessing at each author's individual tab-width; wenzelm parents: 32265 diff changeset	62	\| MPair msg msg
69916a850301 eliminated hard tabulators, guessing at each author's individual tab-width; wenzelm parents: 32265 diff changeset	63	\| Crypt key msg
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	64
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	65	text \<open>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	66	\noindent
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	67	The notation $\comp{X\sb 1,\ldots X\sb{n-1},X\sb n}$
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	68	abbreviates
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	69	$\isa{MPair}\,X\sb 1\,\ldots\allowbreak(\isa{MPair}\,X\sb{n-1}\,X\sb n)$.
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	70
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	71	Since datatype constructors are injective, we have the theorem
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	72	@{thm [display,indent=0] msg.inject(5) [THEN iffD1, of K X K' X']}
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	73	A ciphertext can be decrypted using only one key and
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	74	can yield only one plaintext. In the real world, decryption with the
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	75	wrong key succeeds but yields garbage. Our model of encryption is
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	76	realistic if encryption adds some redundancy to the plaintext, such as a
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	77	checksum, so that garbage can be detected.
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	78	\<close>
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	79
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	80	(<)
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	81	text\<open>Concrete syntax: messages appear as \<open>\<lbrace>A,B,NA\<rbrace>\<close>, etc...\<close>
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	82	syntax
81019 dd59daa3c37a clarified inner-syntax markup, notably for enumerations: prefer "notation=mixfix" over "entity" via 'syntax_consts' (see also 70076ba563d2); wenzelm parents: 80983 diff changeset	83	"_MTuple" :: "['a, args] \<Rightarrow> 'a * 'b" ("(\<open>indent=2 notation=\<open>mixfix message tuple\<close>\<close>\<lbrace>_,/ _\<rbrace>)")
80768 c7723cc15de8 more markup for syntax consts; wenzelm parents: 72991 diff changeset	84	syntax_consts
81019 dd59daa3c37a clarified inner-syntax markup, notably for enumerations: prefer "notation=mixfix" over "entity" via 'syntax_consts' (see also 70076ba563d2); wenzelm parents: 80983 diff changeset	85	MPair
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	86	translations
80786 70076ba563d2 more specific "args" syntax, to support more markup for syntax consts; wenzelm parents: 80768 diff changeset	87	"\<lbrace>x, y, z\<rbrace>" \<rightleftharpoons> "\<lbrace>x, \<lbrace>y, z\<rbrace>\<rbrace>"
70076ba563d2 more specific "args" syntax, to support more markup for syntax consts; wenzelm parents: 80768 diff changeset	88	"\<lbrace>x, y\<rbrace>" \<rightleftharpoons> "CONST MPair x y"
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	89
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	90
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	91	definition keysFor :: "msg set \<Rightarrow> key set" where
67443 3abf6a722518 standardized towards new-style formal comments: isabelle update_comments; wenzelm parents: 67406 diff changeset	92	\<comment> \<open>Keys useful to decrypt elements of a message set\<close>
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	93	"keysFor H == invKey ` {K. \<exists>X. Crypt K X \<in> H}"
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	94
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	95
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	96	subsubsection\<open>Inductive Definition of All Parts" of a Message\<close>
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	97
23733 3f8ad7418e55 Adapted to new inductive definition package. berghofe parents: 16417 diff changeset	98	inductive_set
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	99	parts :: "msg set \<Rightarrow> msg set"
23733 3f8ad7418e55 Adapted to new inductive definition package. berghofe parents: 16417 diff changeset	100	for H :: "msg set"
3f8ad7418e55 Adapted to new inductive definition package. berghofe parents: 16417 diff changeset	101	where
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	102	Inj [intro]: "X \<in> H \<Longrightarrow> X \<in> parts H"
ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	103	\| Fst: "\<lbrace>X,Y\<rbrace> \<in> parts H \<Longrightarrow> X \<in> parts H"
ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	104	\| Snd: "\<lbrace>X,Y\<rbrace> \<in> parts H \<Longrightarrow> Y \<in> parts H"
ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	105	\| Body: "Crypt K X \<in> parts H \<Longrightarrow> X \<in> parts H"
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	106
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	107
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	108	text\<open>Monotonicity\<close>
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	109	lemma parts_mono: "G \<subseteq> H \<Longrightarrow> parts(G) \<subseteq> parts(H)"
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	110	apply auto
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	111	apply (erule parts.induct)
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	112	apply (blast dest: parts.Fst parts.Snd parts.Body)+
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	113	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	114
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	115
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	116	text\<open>Equations hold because constructors are injective.\<close>
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	117	lemma Friend_image_eq [simp]: "(Friend x \<in> Friend`A) = (x\<in>A)"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	118	by auto
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	119
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	120	lemma Key_image_eq [simp]: "(Key x \<in> Key`A) = (x\<in>A)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	121	by auto
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	122
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	123	lemma Nonce_Key_image_eq [simp]: "(Nonce x \<notin> Key`A)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	124	by auto
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	125
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	126
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	127	subsubsection\<open>Inverse of keys\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	128
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	129	lemma invKey_eq [simp]: "(invKey K = invKey K') = (K=K')"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	130	apply safe
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	131	apply (drule_tac f = invKey in arg_cong, simp)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	132	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	133
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	134
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	135	subsection\<open>keysFor operator\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	136
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	137	lemma keysFor_empty [simp]: "keysFor {} = {}"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	138	by (unfold keysFor_def, blast)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	139
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	140	lemma keysFor_Un [simp]: "keysFor (H \<union> H') = keysFor H \<union> keysFor H'"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	141	by (unfold keysFor_def, blast)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	142
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	143	lemma keysFor_UN [simp]: "keysFor (\<Union>i\<in>A. H i) = (\<Union>i\<in>A. keysFor (H i))"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	144	by (unfold keysFor_def, blast)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	145
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	146	text\<open>Monotonicity\<close>
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	147	lemma keysFor_mono: "G \<subseteq> H \<Longrightarrow> keysFor(G) \<subseteq> keysFor(H)"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	148	by (unfold keysFor_def, blast)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	149
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	150	lemma keysFor_insert_Agent [simp]: "keysFor (insert (Agent A) H) = keysFor H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	151	by (unfold keysFor_def, auto)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	152
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	153	lemma keysFor_insert_Nonce [simp]: "keysFor (insert (Nonce N) H) = keysFor H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	154	by (unfold keysFor_def, auto)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	155
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	156	lemma keysFor_insert_Key [simp]: "keysFor (insert (Key K) H) = keysFor H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	157	by (unfold keysFor_def, auto)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	158
61992 6d02bb8b5fe1 more symbols; wenzelm parents: 59780 diff changeset	159	lemma keysFor_insert_MPair [simp]: "keysFor (insert \<lbrace>X,Y\<rbrace> H) = keysFor H"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	160	by (unfold keysFor_def, auto)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	161
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	162	lemma keysFor_insert_Crypt [simp]:
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	163	"keysFor (insert (Crypt K X) H) = insert (invKey K) (keysFor H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	164	by (unfold keysFor_def, auto)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	165
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	166	lemma keysFor_image_Key [simp]: "keysFor (Key`E) = {}"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	167	by (unfold keysFor_def, auto)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	168
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	169	lemma Crypt_imp_invKey_keysFor: "Crypt K X \<in> H \<Longrightarrow> invKey K \<in> keysFor H"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	170	by (unfold keysFor_def, blast)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	171
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	172
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	173	subsection\<open>Inductive relation "parts"\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	174
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	175	lemma MPair_parts:
61992 6d02bb8b5fe1 more symbols; wenzelm parents: 59780 diff changeset	176	"[\| \<lbrace>X,Y\<rbrace> \<in> parts H;
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	177	[\| X \<in> parts H; Y \<in> parts H \|] ==> P \|] ==> P"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	178	by (blast dest: parts.Fst parts.Snd)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	179
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	180	declare MPair_parts [elim!] parts.Body [dest!]
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	181	text\<open>NB These two rules are UNSAFE in the formal sense, as they discard the
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	182	compound message. They work well on THIS FILE.
69505 cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	183	\<open>MPair_parts\<close> is left as SAFE because it speeds up proofs.
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	184	The Crypt rule is normally kept UNSAFE to avoid breaking up certificates.\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	185
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	186	lemma parts_increasing: "H \<subseteq> parts(H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	187	by blast
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	188
55142 378ae9e46175 prefer explicit 'for' context; wenzelm parents: 51717 diff changeset	189	lemmas parts_insertI = subset_insertI [THEN parts_mono, THEN subsetD]
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	190
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	191	lemma parts_empty [simp]: "parts{} = {}"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	192	apply safe
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	193	apply (erule parts.induct, blast+)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	194	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	195
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	196	lemma parts_emptyE [elim!]: "X\<in> parts{} \<Longrightarrow> P"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	197	by simp
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	198
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	199	text\<open>WARNING: loops if H = {Y}, therefore must not be repeated!\<close>
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	200	lemma parts_singleton: "X\<in> parts H \<Longrightarrow> \<exists>Y\<in>H. X\<in> parts {Y}"
26807 4cd176ea28dc Replaced blast by fast in proof of parts_singleton, since blast looped berghofe parents: 25341 diff changeset	201	by (erule parts.induct, fast+)
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	202
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	203
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	204	subsubsection\<open>Unions\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	205
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	206	lemma parts_Un_subset1: "parts(G) \<union> parts(H) \<subseteq> parts(G \<union> H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	207	by (intro Un_least parts_mono Un_upper1 Un_upper2)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	208
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	209	lemma parts_Un_subset2: "parts(G \<union> H) \<subseteq> parts(G) \<union> parts(H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	210	apply (rule subsetI)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	211	apply (erule parts.induct, blast+)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	212	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	213
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	214	lemma parts_Un [simp]: "parts(G \<union> H) = parts(G) \<union> parts(H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	215	by (intro equalityI parts_Un_subset1 parts_Un_subset2)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	216
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	217	lemma parts_insert: "parts (insert X H) = parts {X} \<union> parts H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	218	apply (subst insert_is_Un [of _ H])
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	219	apply (simp only: parts_Un)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	220	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	221
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	222	text\<open>TWO inserts to avoid looping. This rewrite is better than nothing.
23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	223	Not suitable for Addsimps: its behaviour can be strange.\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	224	lemma parts_insert2:
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	225	"parts (insert X (insert Y H)) = parts {X} \<union> parts {Y} \<union> parts H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	226	apply (simp add: Un_assoc)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	227	apply (simp add: parts_insert [symmetric])
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	228	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	229
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	230	lemma parts_UN_subset1: "(\<Union>x\<in>A. parts(H x)) \<subseteq> parts(\<Union>x\<in>A. H x)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	231	by (intro UN_least parts_mono UN_upper)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	232
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	233	lemma parts_UN_subset2: "parts(\<Union>x\<in>A. H x) \<subseteq> (\<Union>x\<in>A. parts(H x))"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	234	apply (rule subsetI)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	235	apply (erule parts.induct, blast+)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	236	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	237
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	238	lemma parts_UN [simp]: "parts(\<Union>x\<in>A. H x) = (\<Union>x\<in>A. parts(H x))"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	239	by (intro equalityI parts_UN_subset1 parts_UN_subset2)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	240
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	241	text\<open>Added to simplify arguments to parts, analz and synth.
23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	242	NOTE: the UN versions are no longer used!\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	243
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	244
69505 cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	245	text\<open>This allows \<open>blast\<close> to simplify occurrences of
69597 ff784d5a5bfb isabelle update -u control_cartouches; wenzelm parents: 69505 diff changeset	246	\<^term>\<open>parts(G\<union>H)\<close> in the assumption.\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	247	lemmas in_parts_UnE = parts_Un [THEN equalityD1, THEN subsetD, THEN UnE]
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	248	declare in_parts_UnE [elim!]
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	249
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	250
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	251	lemma parts_insert_subset: "insert X (parts H) \<subseteq> parts(insert X H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	252	by (blast intro: parts_mono [THEN [2] rev_subsetD])
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	253
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	254	subsubsection\<open>Idempotence and transitivity\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	255
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	256	lemma parts_partsD [dest!]: "X \<in> parts (parts H) \<Longrightarrow> X\<in> parts H"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	257	by (erule parts.induct, blast+)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	258
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	259	lemma parts_idem [simp]: "parts (parts H) = parts H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	260	by blast
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	261
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	262	lemma parts_subset_iff [simp]: "(parts G \<subseteq> parts H) = (G \<subseteq> parts H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	263	apply (rule iffI)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	264	apply (iprover intro: subset_trans parts_increasing)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	265	apply (frule parts_mono, simp)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	266	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	267
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	268	lemma parts_trans: "[\| X\<in> parts G; G \<subseteq> parts H \|] ==> X\<in> parts H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	269	by (drule parts_mono, blast)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	270
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	271	text\<open>Cut\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	272	lemma parts_cut:
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	273	"[\| Y\<in> parts (insert X G); X\<in> parts H \|] ==> Y\<in> parts (G \<union> H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	274	by (blast intro: parts_trans)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	275
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	276
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	277	lemma parts_cut_eq [simp]: "X\<in> parts H ==> parts (insert X H) = parts H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	278	by (force dest!: parts_cut intro: parts_insertI)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	279
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	280
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	281	subsubsection\<open>Rewrite rules for pulling out atomic messages\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	282
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	283	lemmas parts_insert_eq_I = equalityI [OF subsetI parts_insert_subset]
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	284
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	285
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	286	lemma parts_insert_Agent [simp]:
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	287	"parts (insert (Agent agt) H) = insert (Agent agt) (parts H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	288	apply (rule parts_insert_eq_I)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	289	apply (erule parts.induct, auto)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	290	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	291
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	292	lemma parts_insert_Nonce [simp]:
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	293	"parts (insert (Nonce N) H) = insert (Nonce N) (parts H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	294	apply (rule parts_insert_eq_I)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	295	apply (erule parts.induct, auto)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	296	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	297
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	298	lemma parts_insert_Key [simp]:
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	299	"parts (insert (Key K) H) = insert (Key K) (parts H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	300	apply (rule parts_insert_eq_I)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	301	apply (erule parts.induct, auto)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	302	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	303
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	304	lemma parts_insert_Crypt [simp]:
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	305	"parts (insert (Crypt K X) H) = insert (Crypt K X) (parts (insert X H))"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	306	apply (rule equalityI)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	307	apply (rule subsetI)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	308	apply (erule parts.induct, auto)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	309	apply (blast intro: parts.Body)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	310	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	311
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	312	lemma parts_insert_MPair [simp]:
61992 6d02bb8b5fe1 more symbols; wenzelm parents: 59780 diff changeset	313	"parts (insert \<lbrace>X,Y\<rbrace> H) =
6d02bb8b5fe1 more symbols; wenzelm parents: 59780 diff changeset	314	insert \<lbrace>X,Y\<rbrace> (parts (insert X (insert Y H)))"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	315	apply (rule equalityI)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	316	apply (rule subsetI)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	317	apply (erule parts.induct, auto)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	318	apply (blast intro: parts.Fst parts.Snd)+
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	319	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	320
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	321	lemma parts_image_Key [simp]: "parts (Key`N) = Key`N"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	322	apply auto
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	323	apply (erule parts.induct, auto)
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	324	done
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	325
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	326
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	327	text\<open>In any message, there is an upper bound N on its greatest nonce.\<close>
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	328	lemma msg_Nonce_supply: "\<exists>N. \<forall>n. N\<le>n \<longrightarrow> Nonce n \<notin> parts {msg}"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	329	apply (induct_tac "msg")
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	330	apply (simp_all (no_asm_simp) add: exI parts_insert2)
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	331	txt\<open>MPair case: blast works out the necessary sum itself!\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	332	prefer 2 apply auto apply (blast elim!: add_leE)
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	333	txt\<open>Nonce case\<close>
58305 57752a91eec4 renamed 'datatype' to 'old_datatype'; 'datatype' is now alias for 'datatype_new' blanchet parents: 56059 diff changeset	334	apply (rename_tac nat)
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	335	apply (rule_tac x = "N + Suc nat" in exI, auto)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	336	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	337	(>)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	338
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	339	section\<open>Modelling the Adversary\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	340
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	341	text \<open>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	342	The spy is part of the system and must be built into the model. He is
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	343	a malicious user who does not have to follow the protocol. He
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	344	watches the network and uses any keys he knows to decrypt messages.
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	345	Thus he accumulates additional keys and nonces. These he can use to
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	346	compose new messages, which he may send to anybody.
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	347
69505 cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	348	Two functions enable us to formalize this behaviour: \<open>analz\<close> and
cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	349	\<open>synth\<close>. Each function maps a sets of messages to another set of
cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	350	messages. The set \<open>analz H\<close> formalizes what the adversary can learn
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	351	from the set of messages~$H$. The closure properties of this set are
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	352	defined inductively.
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	353	\<close>
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	354
23733 3f8ad7418e55 Adapted to new inductive definition package. berghofe parents: 16417 diff changeset	355	inductive_set
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	356	analz :: "msg set \<Rightarrow> msg set"
23733 3f8ad7418e55 Adapted to new inductive definition package. berghofe parents: 16417 diff changeset	357	for H :: "msg set"
3f8ad7418e55 Adapted to new inductive definition package. berghofe parents: 16417 diff changeset	358	where
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	359	Inj [intro,simp] : "X \<in> H \<Longrightarrow> X \<in> analz H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	360	\| Fst: "\<lbrace>X,Y\<rbrace> \<in> analz H \<Longrightarrow> X \<in> analz H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	361	\| Snd: "\<lbrace>X,Y\<rbrace> \<in> analz H \<Longrightarrow> Y \<in> analz H"
23733 3f8ad7418e55 Adapted to new inductive definition package. berghofe parents: 16417 diff changeset	362	\| Decrypt [dest]:
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	363	"\<lbrakk>Crypt K X \<in> analz H; Key(invKey K) \<in> analz H\<rbrakk>
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	364	\<Longrightarrow> X \<in> analz H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	365	(<)
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	366	text\<open>Monotonicity; Lemma 1 of Lowe's paper\<close>
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	367	lemma analz_mono: "G\<subseteq>H \<Longrightarrow> analz(G) \<subseteq> analz(H)"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	368	apply auto
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	369	apply (erule analz.induct)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	370	apply (auto dest: analz.Fst analz.Snd)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	371	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	372
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	373	text\<open>Making it safe speeds up proofs\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	374	lemma MPair_analz [elim!]:
61992 6d02bb8b5fe1 more symbols; wenzelm parents: 59780 diff changeset	375	"[\| \<lbrace>X,Y\<rbrace> \<in> analz H;
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	376	[\| X \<in> analz H; Y \<in> analz H \|] ==> P
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	377	\|] ==> P"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	378	by (blast dest: analz.Fst analz.Snd)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	379
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	380	lemma analz_increasing: "H \<subseteq> analz(H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	381	by blast
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	382
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	383	lemma analz_subset_parts: "analz H \<subseteq> parts H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	384	apply (rule subsetI)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	385	apply (erule analz.induct, blast+)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	386	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	387
55142 378ae9e46175 prefer explicit 'for' context; wenzelm parents: 51717 diff changeset	388	lemmas analz_into_parts = analz_subset_parts [THEN subsetD]
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	389
55142 378ae9e46175 prefer explicit 'for' context; wenzelm parents: 51717 diff changeset	390	lemmas not_parts_not_analz = analz_subset_parts [THEN contra_subsetD]
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	391
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	392
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	393	lemma parts_analz [simp]: "parts (analz H) = parts H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	394	apply (rule equalityI)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	395	apply (rule analz_subset_parts [THEN parts_mono, THEN subset_trans], simp)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	396	apply (blast intro: analz_increasing [THEN parts_mono, THEN subsetD])
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	397	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	398
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	399	lemma analz_parts [simp]: "analz (parts H) = parts H"
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	400	apply auto
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	401	apply (erule analz.induct, auto)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	402	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	403
55142 378ae9e46175 prefer explicit 'for' context; wenzelm parents: 51717 diff changeset	404	lemmas analz_insertI = subset_insertI [THEN analz_mono, THEN [2] rev_subsetD]
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	405
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	406	subsubsection\<open>General equational properties\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	407
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	408	lemma analz_empty [simp]: "analz{} = {}"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	409	apply safe
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	410	apply (erule analz.induct, blast+)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	411	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	412
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	413	text\<open>Converse fails: we can analz more from the union than from the
23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	414	separate parts, as a key in one might decrypt a message in the other\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	415	lemma analz_Un: "analz(G) \<union> analz(H) \<subseteq> analz(G \<union> H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	416	by (intro Un_least analz_mono Un_upper1 Un_upper2)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	417
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	418	lemma analz_insert: "insert X (analz H) \<subseteq> analz(insert X H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	419	by (blast intro: analz_mono [THEN [2] rev_subsetD])
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	420
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	421	subsubsection\<open>Rewrite rules for pulling out atomic messages\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	422
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	423	lemmas analz_insert_eq_I = equalityI [OF subsetI analz_insert]
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	424
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	425	lemma analz_insert_Agent [simp]:
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	426	"analz (insert (Agent agt) H) = insert (Agent agt) (analz H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	427	apply (rule analz_insert_eq_I)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	428	apply (erule analz.induct, auto)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	429	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	430
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	431	lemma analz_insert_Nonce [simp]:
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	432	"analz (insert (Nonce N) H) = insert (Nonce N) (analz H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	433	apply (rule analz_insert_eq_I)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	434	apply (erule analz.induct, auto)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	435	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	436
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	437	text\<open>Can only pull out Keys if they are not needed to decrypt the rest\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	438	lemma analz_insert_Key [simp]:
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	439	"K \<notin> keysFor (analz H) \<Longrightarrow>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	440	analz (insert (Key K) H) = insert (Key K) (analz H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	441	apply (unfold keysFor_def)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	442	apply (rule analz_insert_eq_I)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	443	apply (erule analz.induct, auto)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	444	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	445
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	446	lemma analz_insert_MPair [simp]:
61992 6d02bb8b5fe1 more symbols; wenzelm parents: 59780 diff changeset	447	"analz (insert \<lbrace>X,Y\<rbrace> H) =
6d02bb8b5fe1 more symbols; wenzelm parents: 59780 diff changeset	448	insert \<lbrace>X,Y\<rbrace> (analz (insert X (insert Y H)))"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	449	apply (rule equalityI)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	450	apply (rule subsetI)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	451	apply (erule analz.induct, auto)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	452	apply (erule analz.induct)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	453	apply (blast intro: analz.Fst analz.Snd)+
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	454	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	455
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	456	text\<open>Can pull out enCrypted message if the Key is not known\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	457	lemma analz_insert_Crypt:
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	458	"Key (invKey K) \<notin> analz H
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	459	\<Longrightarrow> analz (insert (Crypt K X) H) = insert (Crypt K X) (analz H)"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	460	apply (rule analz_insert_eq_I)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	461	apply (erule analz.induct, auto)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	462
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	463	done
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	464
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	465	lemma lemma1: "Key (invKey K) \<in> analz H \<Longrightarrow>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	466	analz (insert (Crypt K X) H) \<subseteq>
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	467	insert (Crypt K X) (analz (insert X H))"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	468	apply (rule subsetI)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	469	apply (erule_tac x = x in analz.induct, auto)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	470	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	471
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	472	lemma lemma2: "Key (invKey K) \<in> analz H \<Longrightarrow>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	473	insert (Crypt K X) (analz (insert X H)) \<subseteq>
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	474	analz (insert (Crypt K X) H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	475	apply auto
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	476	apply (erule_tac x = x in analz.induct, auto)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	477	apply (blast intro: analz_insertI analz.Decrypt)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	478	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	479
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	480	lemma analz_insert_Decrypt:
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	481	"Key (invKey K) \<in> analz H \<Longrightarrow>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	482	analz (insert (Crypt K X) H) =
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	483	insert (Crypt K X) (analz (insert X H))"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	484	by (intro equalityI lemma1 lemma2)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	485
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	486	text\<open>Case analysis: either the message is secure, or it is not! Effective,
69505 cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	487	but can cause subgoals to blow up! Use with \<open>if_split\<close>; apparently
69597 ff784d5a5bfb isabelle update -u control_cartouches; wenzelm parents: 69505 diff changeset	488	\<open>split_tac\<close> does not cope with patterns such as \<^term>\<open>analz (insert
ff784d5a5bfb isabelle update -u control_cartouches; wenzelm parents: 69505 diff changeset	489	(Crypt K X) H)\<close>\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	490	lemma analz_Crypt_if [simp]:
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	491	"analz (insert (Crypt K X) H) =
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	492	(if (Key (invKey K) \<in> analz H)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	493	then insert (Crypt K X) (analz (insert X H))
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	494	else insert (Crypt K X) (analz H))"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	495	by (simp add: analz_insert_Crypt analz_insert_Decrypt)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	496
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	497
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	498	text\<open>This rule supposes "for the sake of argument" that we have the key.\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	499	lemma analz_insert_Crypt_subset:
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	500	"analz (insert (Crypt K X) H) \<subseteq>
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	501	insert (Crypt K X) (analz (insert X H))"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	502	apply (rule subsetI)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	503	apply (erule analz.induct, auto)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	504	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	505
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	506
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	507	lemma analz_image_Key [simp]: "analz (Key`N) = Key`N"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	508	apply auto
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	509	apply (erule analz.induct, auto)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	510	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	511
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	512
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	513	subsubsection\<open>Idempotence and transitivity\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	514
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	515	lemma analz_analzD [dest!]: "X\<in> analz (analz H) \<Longrightarrow> X\<in> analz H"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	516	by (erule analz.induct, blast+)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	517
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	518	lemma analz_idem [simp]: "analz (analz H) = analz H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	519	by blast
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	520
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	521	lemma analz_subset_iff [simp]: "(analz G \<subseteq> analz H) = (G \<subseteq> analz H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	522	apply (rule iffI)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	523	apply (iprover intro: subset_trans analz_increasing)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	524	apply (frule analz_mono, simp)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	525	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	526
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	527	lemma analz_trans: "[\| X\<in> analz G; G \<subseteq> analz H \|] ==> X\<in> analz H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	528	by (drule analz_mono, blast)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	529
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	530	text\<open>Cut; Lemma 2 of Lowe\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	531	lemma analz_cut: "[\| Y\<in> analz (insert X H); X\<in> analz H \|] ==> Y\<in> analz H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	532	by (erule analz_trans, blast)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	533
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	534	(*Cut can be proved easily by induction on
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	535	"Y \<in> analz (insert X H) \<Longrightarrow> X \<in> analz H \<longrightarrow> Y \<in> analz H"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	536	*)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	537
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	538	text\<open>This rewrite rule helps in the simplification of messages that involve
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	539	the forwarding of unknown components (X). Without it, removing occurrences
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	540	of X can be very complicated.\<close>
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	541	lemma analz_insert_eq: "X\<in> analz H \<Longrightarrow> analz (insert X H) = analz H"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	542	by (blast intro: analz_cut analz_insertI)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	543
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	544
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	545	text\<open>A congruence rule for "analz"\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	546
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	547	lemma analz_subset_cong:
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	548	"[\| analz G \<subseteq> analz G'; analz H \<subseteq> analz H' \|]
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	549	==> analz (G \<union> H) \<subseteq> analz (G' \<union> H')"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	550	apply simp
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	551	apply (iprover intro: conjI subset_trans analz_mono Un_upper1 Un_upper2)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	552	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	553
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	554	lemma analz_cong:
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	555	"[\| analz G = analz G'; analz H = analz H' \|]
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	556	==> analz (G \<union> H) = analz (G' \<union> H')"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	557	by (intro equalityI analz_subset_cong, simp_all)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	558
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	559	lemma analz_insert_cong:
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	560	"analz H = analz H' \<Longrightarrow> analz(insert X H) = analz(insert X H')"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	561	by (force simp only: insert_def intro!: analz_cong)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	562
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	563	text\<open>If there are no pairs or encryptions then analz does nothing\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	564	lemma analz_trivial:
61992 6d02bb8b5fe1 more symbols; wenzelm parents: 59780 diff changeset	565	"[\| \<forall>X Y. \<lbrace>X,Y\<rbrace> \<notin> H; \<forall>X K. Crypt K X \<notin> H \|] ==> analz H = H"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	566	apply safe
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	567	apply (erule analz.induct, blast+)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	568	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	569
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	570	text\<open>These two are obsolete (with a single Spy) but cost little to prove...\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	571	lemma analz_UN_analz_lemma:
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	572	"X\<in> analz (\<Union>i\<in>A. analz (H i)) \<Longrightarrow> X\<in> analz (\<Union>i\<in>A. H i)"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	573	apply (erule analz.induct)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	574	apply (blast intro: analz_mono [THEN [2] rev_subsetD])+
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	575	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	576
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	577	lemma analz_UN_analz [simp]: "analz (\<Union>i\<in>A. analz (H i)) = analz (\<Union>i\<in>A. H i)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	578	by (blast intro: analz_UN_analz_lemma analz_mono [THEN [2] rev_subsetD])
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	579	(>)
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	580	text \<open>
69505 cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	581	Note the \<open>Decrypt\<close> rule: the spy can decrypt a
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	582	message encrypted with key~$K$ if he has the matching key,~$K^{-1}$.
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	583	Properties proved by rule induction include the following:
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	584	@{named_thms [display,indent=0] analz_mono [no_vars] (analz_mono) analz_idem [no_vars] (analz_idem)}
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	585
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	586	The set of fake messages that an intruder could invent
69505 cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	587	starting from~\<open>H\<close> is \<open>synth(analz H)\<close>, where \<open>synth H\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	588	formalizes what the adversary can build from the set of messages~$H$.
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	589	\<close>
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	590
23733 3f8ad7418e55 Adapted to new inductive definition package. berghofe parents: 16417 diff changeset	591	inductive_set
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	592	synth :: "msg set \<Rightarrow> msg set"
23733 3f8ad7418e55 Adapted to new inductive definition package. berghofe parents: 16417 diff changeset	593	for H :: "msg set"
3f8ad7418e55 Adapted to new inductive definition package. berghofe parents: 16417 diff changeset	594	where
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	595	Inj [intro]: "X \<in> H \<Longrightarrow> X \<in> synth H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	596	\| Agent [intro]: "Agent agt \<in> synth H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	597	\| MPair [intro]:
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	598	"\<lbrakk>X \<in> synth H; Y \<in> synth H\<rbrakk> \<Longrightarrow> \<lbrace>X,Y\<rbrace> \<in> synth H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	599	\| Crypt [intro]:
23929 6a98d0826daf Tuned. berghofe parents: 23925 diff changeset	600	"\<lbrakk>X \<in> synth H; Key K \<in> H\<rbrakk> \<Longrightarrow> Crypt K X \<in> synth H"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	601	(<)
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	602	lemma synth_mono: "G\<subseteq>H \<Longrightarrow> synth(G) \<subseteq> synth(H)"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	603	by (auto, erule synth.induct, auto)
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	604
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	605	inductive_cases Key_synth [elim!]: "Key K \<in> synth H"
61992 6d02bb8b5fe1 more symbols; wenzelm parents: 59780 diff changeset	606	inductive_cases MPair_synth [elim!]: "\<lbrace>X,Y\<rbrace> \<in> synth H"
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	607	inductive_cases Crypt_synth [elim!]: "Crypt K X \<in> synth H"
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	608
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	609	lemma analz_synth_Un [simp]: "analz (synth G \<union> H) = analz (G \<union> H) \<union> synth G"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	610	apply (rule equalityI)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	611	apply (rule subsetI)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	612	apply (erule analz.induct)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	613	prefer 5 apply (blast intro: analz_mono [THEN [2] rev_subsetD])
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	614	apply (blast intro: analz.Fst analz.Snd analz.Decrypt)+
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	615	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	616
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	617	lemma analz_synth [simp]: "analz (synth H) = analz H \<union> synth H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	618	apply (cut_tac H = "{}" in analz_synth_Un)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	619	apply (simp (no_asm_use))
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	620	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	621	(>)
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	622	text \<open>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	623	The set includes all agent names. Nonces and keys are assumed to be
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	624	unguessable, so none are included beyond those already in~$H$. Two
69597 ff784d5a5bfb isabelle update -u control_cartouches; wenzelm parents: 69505 diff changeset	625	elements of \<^term>\<open>synth H\<close> can be combined, and an element can be encrypted
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	626	using a key present in~$H$.
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	627
69505 cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	628	Like \<open>analz\<close>, this set operator is monotone and idempotent. It also
cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	629	satisfies an interesting equation involving \<open>analz\<close>:
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	630	@{named_thms [display,indent=0] analz_synth [no_vars] (analz_synth)}
69505 cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	631	Rule inversion plays a major role in reasoning about \<open>synth\<close>, through
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	632	declarations such as this one:
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	633	\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	634
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	635	inductive_cases Nonce_synth [elim!]: "Nonce n \<in> synth H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	636
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	637	text \<open>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	638	\noindent
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	639	The resulting elimination rule replaces every assumption of the form
69597 ff784d5a5bfb isabelle update -u control_cartouches; wenzelm parents: 69505 diff changeset	640	\<^term>\<open>Nonce n \<in> synth H\<close> by \<^term>\<open>Nonce n \<in> H\<close>,
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	641	expressing that a nonce cannot be guessed.
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	642
69505 cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	643	A third operator, \<open>parts\<close>, is useful for stating correctness
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	644	properties. The set
69597 ff784d5a5bfb isabelle update -u control_cartouches; wenzelm parents: 69505 diff changeset	645	\<^term>\<open>parts H\<close> consists of the components of elements of~$H$. This set
69505 cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	646	includes~\<open>H\<close> and is closed under the projections from a compound
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	647	message to its immediate parts.
69505 cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	648	Its definition resembles that of \<open>analz\<close> except in the rule
cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	649	corresponding to the constructor \<open>Crypt\<close>:
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	650	@{thm [display,indent=5] parts.Body [no_vars]}
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	651	The body of an encrypted message is always regarded as part of it. We can
69505 cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	652	use \<open>parts\<close> to express general well-formedness properties of a protocol,
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	653	for example, that an uncompromised agent's private key will never be
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	654	included as a component of any message.
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	655	\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	656	(<)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	657	lemma synth_increasing: "H \<subseteq> synth(H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	658	by blast
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	659
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	660	subsubsection\<open>Unions\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	661
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	662	text\<open>Converse fails: we can synth more from the union than from the
23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	663	separate parts, building a compound message using elements of each.\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	664	lemma synth_Un: "synth(G) \<union> synth(H) \<subseteq> synth(G \<union> H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	665	by (intro Un_least synth_mono Un_upper1 Un_upper2)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	666
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	667	lemma synth_insert: "insert X (synth H) \<subseteq> synth(insert X H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	668	by (blast intro: synth_mono [THEN [2] rev_subsetD])
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	669
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	670	subsubsection\<open>Idempotence and transitivity\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	671
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	672	lemma synth_synthD [dest!]: "X\<in> synth (synth H) \<Longrightarrow> X\<in> synth H"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	673	by (erule synth.induct, blast+)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	674
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	675	lemma synth_idem: "synth (synth H) = synth H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	676	by blast
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	677
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	678	lemma synth_subset_iff [simp]: "(synth G \<subseteq> synth H) = (G \<subseteq> synth H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	679	apply (rule iffI)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	680	apply (iprover intro: subset_trans synth_increasing)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	681	apply (frule synth_mono, simp add: synth_idem)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	682	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	683
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	684	lemma synth_trans: "[\| X\<in> synth G; G \<subseteq> synth H \|] ==> X\<in> synth H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	685	by (drule synth_mono, blast)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	686
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	687	text\<open>Cut; Lemma 2 of Lowe\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	688	lemma synth_cut: "[\| Y\<in> synth (insert X H); X\<in> synth H \|] ==> Y\<in> synth H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	689	by (erule synth_trans, blast)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	690
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	691	lemma Agent_synth [simp]: "Agent A \<in> synth H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	692	by blast
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	693
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	694	lemma Nonce_synth_eq [simp]: "(Nonce N \<in> synth H) = (Nonce N \<in> H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	695	by blast
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	696
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	697	lemma Key_synth_eq [simp]: "(Key K \<in> synth H) = (Key K \<in> H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	698	by blast
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	699
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	700	lemma Crypt_synth_eq [simp]:
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	701	"Key K \<notin> H \<Longrightarrow> (Crypt K X \<in> synth H) = (Crypt K X \<in> H)"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	702	by blast
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	703
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	704
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	705	lemma keysFor_synth [simp]:
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	706	"keysFor (synth H) = keysFor H \<union> invKey`{K. Key K \<in> H}"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	707	by (unfold keysFor_def, blast)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	708
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	709
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	710	subsubsection\<open>Combinations of parts, analz and synth\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	711
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	712	lemma parts_synth [simp]: "parts (synth H) = parts H \<union> synth H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	713	apply (rule equalityI)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	714	apply (rule subsetI)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	715	apply (erule parts.induct)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	716	apply (blast intro: synth_increasing [THEN parts_mono, THEN subsetD]
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	717	parts.Fst parts.Snd parts.Body)+
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	718	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	719
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	720	lemma analz_analz_Un [simp]: "analz (analz G \<union> H) = analz (G \<union> H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	721	apply (intro equalityI analz_subset_cong)+
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	722	apply simp_all
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	723	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	724
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	725
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	726	subsubsection\<open>For reasoning about the Fake rule in traces\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	727
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	728	lemma parts_insert_subset_Un: "X \<in> G \<Longrightarrow> parts(insert X H) \<subseteq> parts G \<union> parts H"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	729	by (rule subset_trans [OF parts_mono parts_Un_subset2], blast)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	730
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	731	text\<open>More specifically for Fake. Very occasionally we could do with a version
69597 ff784d5a5bfb isabelle update -u control_cartouches; wenzelm parents: 69505 diff changeset	732	of the form \<^term>\<open>parts{X} \<subseteq> synth (analz H) \<union> parts H\<close>\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	733	lemma Fake_parts_insert:
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	734	"X \<in> synth (analz H) \<Longrightarrow>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	735	parts (insert X H) \<subseteq> synth (analz H) \<union> parts H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	736	apply (drule parts_insert_subset_Un)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	737	apply (simp (no_asm_use))
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	738	apply blast
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	739	done
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	740
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	741	lemma Fake_parts_insert_in_Un:
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	742	"[\|Z \<in> parts (insert X H); X \<in> synth (analz H)\|]
58860 fee7cfa69c50 eliminated spurious semicolons; wenzelm parents: 58305 diff changeset	743	==> Z \<in> synth (analz H) \<union> parts H"
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	744	by (blast dest: Fake_parts_insert [THEN subsetD, dest])
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	745
69597 ff784d5a5bfb isabelle update -u control_cartouches; wenzelm parents: 69505 diff changeset	746	text\<open>\<^term>\<open>H\<close> is sometimes \<^term>\<open>Key ` KK \<union> spies evs\<close>, so can't put
ff784d5a5bfb isabelle update -u control_cartouches; wenzelm parents: 69505 diff changeset	747	\<^term>\<open>G=H\<close>.\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	748	lemma Fake_analz_insert:
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	749	"X \<in> synth (analz G) \<Longrightarrow>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	750	analz (insert X H) \<subseteq> synth (analz G) \<union> analz (G \<union> H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	751	apply (rule subsetI)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	752	apply (subgoal_tac "x \<in> analz (synth (analz G) \<union> H) ")
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	753	prefer 2 apply (blast intro: analz_mono [THEN [2] rev_subsetD] analz_mono [THEN synth_mono, THEN [2] rev_subsetD])
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	754	apply (simp (no_asm_use))
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	755	apply blast
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	756	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	757
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	758	lemma analz_conj_parts [simp]:
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	759	"(X \<in> analz H & X \<in> parts H) = (X \<in> analz H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	760	by (blast intro: analz_subset_parts [THEN subsetD])
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	761
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	762	lemma analz_disj_parts [simp]:
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	763	"(X \<in> analz H \| X \<in> parts H) = (X \<in> parts H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	764	by (blast intro: analz_subset_parts [THEN subsetD])
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	765
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	766	text\<open>Without this equation, other rules for synth and analz would yield
23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	767	redundant cases\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	768	lemma MPair_synth_analz [iff]:
61992 6d02bb8b5fe1 more symbols; wenzelm parents: 59780 diff changeset	769	"(\<lbrace>X,Y\<rbrace> \<in> synth (analz H)) =
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	770	(X \<in> synth (analz H) & Y \<in> synth (analz H))"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	771	by blast
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	772
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	773	lemma Crypt_synth_analz:
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	774	"[\| Key K \<in> analz H; Key (invKey K) \<in> analz H \|]
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	775	==> (Crypt K X \<in> synth (analz H)) = (X \<in> synth (analz H))"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	776	by blast
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	777
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	778
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	779	text\<open>We do NOT want Crypt... messages broken up in protocols!!\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	780	declare parts.Body [rule del]
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	781
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	782
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	783	text\<open>Rewrites to push in Key and Crypt messages, so that other messages can
69505 cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	784	be pulled out using the \<open>analz_insert\<close> rules\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	785
55142 378ae9e46175 prefer explicit 'for' context; wenzelm parents: 51717 diff changeset	786	lemmas pushKeys =
27225 b316dde851f5 eliminated OldGoals.inst; wenzelm parents: 27154 diff changeset	787	insert_commute [of "Key K" "Agent C"]
b316dde851f5 eliminated OldGoals.inst; wenzelm parents: 27154 diff changeset	788	insert_commute [of "Key K" "Nonce N"]
b316dde851f5 eliminated OldGoals.inst; wenzelm parents: 27154 diff changeset	789	insert_commute [of "Key K" "MPair X Y"]
b316dde851f5 eliminated OldGoals.inst; wenzelm parents: 27154 diff changeset	790	insert_commute [of "Key K" "Crypt X K'"]
55142 378ae9e46175 prefer explicit 'for' context; wenzelm parents: 51717 diff changeset	791	for K C N X Y K'
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	792
55142 378ae9e46175 prefer explicit 'for' context; wenzelm parents: 51717 diff changeset	793	lemmas pushCrypts =
27225 b316dde851f5 eliminated OldGoals.inst; wenzelm parents: 27154 diff changeset	794	insert_commute [of "Crypt X K" "Agent C"]
b316dde851f5 eliminated OldGoals.inst; wenzelm parents: 27154 diff changeset	795	insert_commute [of "Crypt X K" "Agent C"]
b316dde851f5 eliminated OldGoals.inst; wenzelm parents: 27154 diff changeset	796	insert_commute [of "Crypt X K" "Nonce N"]
b316dde851f5 eliminated OldGoals.inst; wenzelm parents: 27154 diff changeset	797	insert_commute [of "Crypt X K" "MPair X' Y"]
55142 378ae9e46175 prefer explicit 'for' context; wenzelm parents: 51717 diff changeset	798	for X K C N X' Y
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	799
69505 cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	800	text\<open>Cannot be added with \<open>[simp]\<close> -- messages should not always be
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	801	re-ordered.\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	802	lemmas pushes = pushKeys pushCrypts
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	803
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	804
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	805	subsection\<open>Tactics useful for many protocol proofs\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	806	ML
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	807	\<open>
39282 7c69964c6d74 proper antiquotations; wenzelm parents: 35416 diff changeset	808	val invKey = @{thm invKey};
7c69964c6d74 proper antiquotations; wenzelm parents: 35416 diff changeset	809	val keysFor_def = @{thm keysFor_def};
7c69964c6d74 proper antiquotations; wenzelm parents: 35416 diff changeset	810	val symKeys_def = @{thm symKeys_def};
7c69964c6d74 proper antiquotations; wenzelm parents: 35416 diff changeset	811	val parts_mono = @{thm parts_mono};
7c69964c6d74 proper antiquotations; wenzelm parents: 35416 diff changeset	812	val analz_mono = @{thm analz_mono};
7c69964c6d74 proper antiquotations; wenzelm parents: 35416 diff changeset	813	val synth_mono = @{thm synth_mono};
7c69964c6d74 proper antiquotations; wenzelm parents: 35416 diff changeset	814	val analz_increasing = @{thm analz_increasing};
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	815
39282 7c69964c6d74 proper antiquotations; wenzelm parents: 35416 diff changeset	816	val analz_insertI = @{thm analz_insertI};
7c69964c6d74 proper antiquotations; wenzelm parents: 35416 diff changeset	817	val analz_subset_parts = @{thm analz_subset_parts};
7c69964c6d74 proper antiquotations; wenzelm parents: 35416 diff changeset	818	val Fake_parts_insert = @{thm Fake_parts_insert};
7c69964c6d74 proper antiquotations; wenzelm parents: 35416 diff changeset	819	val Fake_analz_insert = @{thm Fake_analz_insert};
7c69964c6d74 proper antiquotations; wenzelm parents: 35416 diff changeset	820	val pushes = @{thms pushes};
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	821
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	822
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	823	(*Analysis of Fake cases. Also works for messages that forward unknown parts,
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	824	but this application is no longer necessary if analz_insert_eq is used.
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	825	Abstraction over i is ESSENTIAL: it delays the dereferencing of claset
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	826	DEPENDS UPON "X" REFERRING TO THE FRADULENT MESSAGE *)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	827
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	828	(*Apply rules to break down assumptions of the form
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	829	Y \<in> parts(insert X H) and Y \<in> analz(insert X H)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	830	*)
32265 fa8872f21ac3 reinserted legacy ML function haftmann parents: 32149 diff changeset	831	fun impOfSubs th = th RSN (2, @{thm rev_subsetD})
fa8872f21ac3 reinserted legacy ML function haftmann parents: 32149 diff changeset	832
59498 50b60f501b05 proper context for resolve_tac, eresolve_tac, dresolve_tac, forward_tac etc.; wenzelm parents: 58889 diff changeset	833	fun Fake_insert_tac ctxt =
50b60f501b05 proper context for resolve_tac, eresolve_tac, dresolve_tac, forward_tac etc.; wenzelm parents: 58889 diff changeset	834	dresolve_tac ctxt [impOfSubs Fake_analz_insert,
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	835	impOfSubs Fake_parts_insert] THEN'
59498 50b60f501b05 proper context for resolve_tac, eresolve_tac, dresolve_tac, forward_tac etc.; wenzelm parents: 58889 diff changeset	836	eresolve_tac ctxt [asm_rl, @{thm synth.Inj}];
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	837
51717 9e7d1c139569 simplifier uses proper Proof.context instead of historic type simpset; wenzelm parents: 49322 diff changeset	838	fun Fake_insert_simp_tac ctxt i =
59498 50b60f501b05 proper context for resolve_tac, eresolve_tac, dresolve_tac, forward_tac etc.; wenzelm parents: 58889 diff changeset	839	REPEAT (Fake_insert_tac ctxt i) THEN asm_full_simp_tac ctxt i;
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	840
42475 f830a72b27ed simplified/modernized method setup; wenzelm parents: 39282 diff changeset	841	fun atomic_spy_analz_tac ctxt =
42793 88bee9f6eec7 proper Proof.context for classical tactics; wenzelm parents: 42765 diff changeset	842	SELECT_GOAL
51717 9e7d1c139569 simplifier uses proper Proof.context instead of historic type simpset; wenzelm parents: 49322 diff changeset	843	(Fake_insert_simp_tac ctxt 1 THEN
42793 88bee9f6eec7 proper Proof.context for classical tactics; wenzelm parents: 42765 diff changeset	844	IF_UNSOLVED (Blast.depth_tac (ctxt addIs [analz_insertI, impOfSubs analz_subset_parts]) 4 1));
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	845
42475 f830a72b27ed simplified/modernized method setup; wenzelm parents: 39282 diff changeset	846	fun spy_analz_tac ctxt i =
42793 88bee9f6eec7 proper Proof.context for classical tactics; wenzelm parents: 42765 diff changeset	847	DETERM
88bee9f6eec7 proper Proof.context for classical tactics; wenzelm parents: 42765 diff changeset	848	(SELECT_GOAL
88bee9f6eec7 proper Proof.context for classical tactics; wenzelm parents: 42765 diff changeset	849	(EVERY
88bee9f6eec7 proper Proof.context for classical tactics; wenzelm parents: 42765 diff changeset	850	[ (push in occurrences of X...)
88bee9f6eec7 proper Proof.context for classical tactics; wenzelm parents: 42765 diff changeset	851	(REPEAT o CHANGED)
59780 23b67731f4f0 support 'for' fixes in rule_tac etc.; wenzelm parents: 59763 diff changeset	852	(Rule_Insts.res_inst_tac ctxt [((("x", 1), Position.none), "X")] []
23b67731f4f0 support 'for' fixes in rule_tac etc.; wenzelm parents: 59763 diff changeset	853	(insert_commute RS ssubst) 1),
42793 88bee9f6eec7 proper Proof.context for classical tactics; wenzelm parents: 42765 diff changeset	854	(...allowing further simplifications)
51717 9e7d1c139569 simplifier uses proper Proof.context instead of historic type simpset; wenzelm parents: 49322 diff changeset	855	simp_tac ctxt 1,
59498 50b60f501b05 proper context for resolve_tac, eresolve_tac, dresolve_tac, forward_tac etc.; wenzelm parents: 58889 diff changeset	856	REPEAT (FIRSTGOAL (resolve_tac ctxt [allI,impI,notI,conjI,iffI])),
42793 88bee9f6eec7 proper Proof.context for classical tactics; wenzelm parents: 42765 diff changeset	857	DEPTH_SOLVE (atomic_spy_analz_tac ctxt 1)]) i);
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	858	\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	859
69505 cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	860	text\<open>By default only \<open>o_apply\<close> is built-in. But in the presence of
69597 ff784d5a5bfb isabelle update -u control_cartouches; wenzelm parents: 69505 diff changeset	861	eta-expansion this means that some terms displayed as \<^term>\<open>f o g\<close> will be
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	862	rewritten, and others will not!\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	863	declare o_def [simp]
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	864
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	865
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	866	lemma Crypt_notin_image_Key [simp]: "Crypt K X \<notin> Key ` A"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	867	by auto
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	868
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	869	lemma synth_analz_mono: "G\<subseteq>H \<Longrightarrow> synth (analz(G)) \<subseteq> synth (analz(H))"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	870	by (iprover intro: synth_mono analz_mono)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	871
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	872	lemma Fake_analz_eq [simp]:
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	873	"X \<in> synth(analz H) \<Longrightarrow> synth (analz (insert X H)) = synth (analz H)"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	874	apply (drule Fake_analz_insert[of _ _ "H"])
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	875	apply (simp add: synth_increasing[THEN Un_absorb2])
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	876	apply (drule synth_mono)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	877	apply (simp add: synth_idem)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	878	apply (rule equalityI)
58860 fee7cfa69c50 eliminated spurious semicolons; wenzelm parents: 58305 diff changeset	879	apply (simp add: )
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	880	apply (rule synth_analz_mono, blast)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	881	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	882
69505 cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	883	text\<open>Two generalizations of \<open>analz_insert_eq\<close>\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	884	lemma gen_analz_insert_eq [rule_format]:
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	885	"X \<in> analz H \<Longrightarrow> \<forall>G. H \<subseteq> G \<longrightarrow> analz (insert X G) = analz G"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	886	by (blast intro: analz_cut analz_insertI analz_mono [THEN [2] rev_subsetD])
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	887
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	888	lemma synth_analz_insert_eq [rule_format]:
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	889	"X \<in> synth (analz H)
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	890	\<Longrightarrow> \<forall>G. H \<subseteq> G \<longrightarrow> (Key K \<in> analz (insert X G)) = (Key K \<in> analz G)"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	891	apply (erule synth.induct)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	892	apply (simp_all add: gen_analz_insert_eq subset_trans [OF _ subset_insertI])
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	893	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	894
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	895	lemma Fake_parts_sing:
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	896	"X \<in> synth (analz H) \<Longrightarrow> parts{X} \<subseteq> synth (analz H) \<union> parts H"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	897	apply (rule subset_trans)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	898	apply (erule_tac [2] Fake_parts_insert)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	899	apply (rule parts_mono, blast)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	900	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	901
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	902	lemmas Fake_parts_sing_imp_Un = Fake_parts_sing [THEN [2] rev_subsetD]
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	903
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	904	method_setup spy_analz = \<open>
23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	905	Scan.succeed (SIMPLE_METHOD' o spy_analz_tac)\<close>
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	906	"for proving the Fake case when analz is involved"
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	907
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	908	method_setup atomic_spy_analz = \<open>
23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	909	Scan.succeed (SIMPLE_METHOD' o atomic_spy_analz_tac)\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	910	"for debugging spy_analz"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	911
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	912	method_setup Fake_insert_simp = \<open>
23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	913	Scan.succeed (SIMPLE_METHOD' o Fake_insert_simp_tac)\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	914	"for debugging spy_analz"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	915
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	916
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	917	end
62392 747d36865c2c more canonical names nipkow parents: 61992 diff changeset	918	(>)

author	wenzelm
	Mon, 30 Sep 2024 20:30:59 +0200
changeset 81019	dd59daa3c37a
parent 80983	2cc651d3ce8e
child 81091	c007e6d9941d
permissions	-rw-r--r--