equal
deleted
inserted
replaced
328 (*In any message, there is an upper bound N on its greatest nonce.*) |
328 (*In any message, there is an upper bound N on its greatest nonce.*) |
329 Goal "\\<exists>N. \\<forall>n. N\\<le>n --> Nonce n \\<notin> parts {msg}"; |
329 Goal "\\<exists>N. \\<forall>n. N\\<le>n --> Nonce n \\<notin> parts {msg}"; |
330 by (induct_tac "msg" 1); |
330 by (induct_tac "msg" 1); |
331 by (ALLGOALS (asm_simp_tac (simpset() addsimps [exI, parts_insert2]))); |
331 by (ALLGOALS (asm_simp_tac (simpset() addsimps [exI, parts_insert2]))); |
332 (*MPair case: blast_tac works out the necessary sum itself!*) |
332 (*MPair case: blast_tac works out the necessary sum itself!*) |
333 by (blast_tac (claset() addSEs [add_leE]) 2); |
333 by (blast_tac (claset() addSEs [@{thm add_leE}]) 2); |
334 (*Nonce case*) |
334 (*Nonce case*) |
335 by (res_inst_tac [("x","N + Suc nat")] exI 1); |
335 by (res_inst_tac [("x","N + Suc nat")] exI 1); |
336 by (auto_tac (claset() addSEs [add_leE], simpset())); |
336 by (auto_tac (claset() addSEs [@{thm add_leE}], simpset())); |
337 qed "msg_Nonce_supply"; |
337 qed "msg_Nonce_supply"; |
338 |
338 |
339 |
339 |
340 (**** Inductive relation "analz" ****) |
340 (**** Inductive relation "analz" ****) |
341 |
341 |