equal
deleted
inserted
replaced
66 apply presburger |
66 apply presburger |
67 apply presburger |
67 apply presburger |
68 done |
68 done |
69 |
69 |
70 |
70 |
71 axioms |
71 axiomatization where |
72 (*No private key equals any public key (essential to ensure that private |
72 (*No private key equals any public key (essential to ensure that private |
73 keys are private!) *) |
73 keys are private!) *) |
74 privateKey_neq_publicKey [iff]: "privateKey b A \<noteq> publicKey c A'" |
74 privateKey_neq_publicKey [iff]: "privateKey b A \<noteq> publicKey c A'" |
75 |
75 |
76 lemmas publicKey_neq_privateKey = privateKey_neq_publicKey [THEN not_sym] |
76 lemmas publicKey_neq_privateKey = privateKey_neq_publicKey [THEN not_sym] |
139 --{*No two agents have the same long-term key*} |
139 --{*No two agents have the same long-term key*} |
140 apply (rule exI [of _ "agent_case 0 (\<lambda>n. n + 2) 1"]) |
140 apply (rule exI [of _ "agent_case 0 (\<lambda>n. n + 2) 1"]) |
141 apply (simp add: inj_on_def split: agent.split) |
141 apply (simp add: inj_on_def split: agent.split) |
142 done |
142 done |
143 |
143 |
144 axioms |
144 axiomatization where |
145 sym_shrK [iff]: "shrK X \<in> symKeys" --{*All shared keys are symmetric*} |
145 sym_shrK [iff]: "shrK X \<in> symKeys" --{*All shared keys are symmetric*} |
146 |
146 |
147 text{*Injectiveness: Agents' long-term keys are distinct.*} |
147 text{*Injectiveness: Agents' long-term keys are distinct.*} |
148 lemmas shrK_injective = inj_shrK [THEN inj_eq] |
148 lemmas shrK_injective = inj_shrK [THEN inj_eq] |
149 declare shrK_injective [iff] |
149 declare shrK_injective [iff] |