117 \ Crypt (pubK B) {|Nonce NA, Agent A|} : parts (sees lost Spy evs) --> \ |
117 \ Crypt (pubK B) {|Nonce NA, Agent A|} : parts (sees lost Spy evs) --> \ |
118 \ Crypt (pubK C) {|NA', Nonce NA|} ~: parts (sees lost Spy evs)"; |
118 \ Crypt (pubK C) {|NA', Nonce NA|} ~: parts (sees lost Spy evs)"; |
119 by (etac ns_public.induct 1); |
119 by (etac ns_public.induct 1); |
120 by (ALLGOALS |
120 by (ALLGOALS |
121 (asm_simp_tac |
121 (asm_simp_tac |
122 (!simpset addsimps ([analz_subset_parts RS contra_subsetD] @ pushes) |
122 (!simpset addsimps ([not_parts_not_analz] @ pushes) |
123 setloop split_tac [expand_if]))); |
123 setloop split_tac [expand_if]))); |
124 (*NS3*) |
124 (*NS3*) |
125 by (fast_tac (!claset addSEs partsEs |
125 by (fast_tac (!claset addSEs partsEs |
126 addEs [nonce_not_seen_now]) 4); |
126 addEs [nonce_not_seen_now]) 4); |
127 (*NS2*) |
127 (*NS2*) |
128 by (fast_tac (!claset addSEs partsEs |
128 by (fast_tac (!claset addSEs partsEs |
129 addEs [nonce_not_seen_now]) 3); |
129 addEs [nonce_not_seen_now]) 3); |
130 (*Fake*) |
130 (*Fake*) |
131 by (best_tac (!claset addIs [impOfSubs (subset_insertI RS analz_mono)] |
131 by (best_tac (!claset addIs [analz_insertI] |
132 addDs [impOfSubs analz_subset_parts, |
132 addDs [impOfSubs analz_subset_parts, |
133 impOfSubs Fake_parts_insert] |
133 impOfSubs Fake_parts_insert] |
134 addss (!simpset)) 2); |
134 addss (!simpset)) 2); |
135 (*Base*) |
135 (*Base*) |
136 by (fast_tac (!claset addDs [impOfSubs analz_subset_parts] |
136 by (fast_tac (!claset addss (!simpset)) 1); |
137 addss (!simpset)) 1); |
|
138 bind_thm ("no_nonce_NS1_NS2", result() RSN (2, rev_mp) RSN (2, rev_mp)); |
137 bind_thm ("no_nonce_NS1_NS2", result() RSN (2, rev_mp) RSN (2, rev_mp)); |
139 |
138 |
140 |
139 |
141 (*Uniqueness for NS1: nonce NA identifies agents A and B*) |
140 (*Uniqueness for NS1: nonce NA identifies agents A and B*) |
142 goal thy |
141 goal thy |
146 \ Crypt (pubK B) {|Nonce NA, Agent A|} : parts (sees lost Spy evs) --> \ |
145 \ Crypt (pubK B) {|Nonce NA, Agent A|} : parts (sees lost Spy evs) --> \ |
147 \ A=A' & B=B')"; |
146 \ A=A' & B=B')"; |
148 by (etac ns_public.induct 1); |
147 by (etac ns_public.induct 1); |
149 by (ALLGOALS |
148 by (ALLGOALS |
150 (asm_simp_tac |
149 (asm_simp_tac |
151 (!simpset addsimps ([analz_subset_parts RS contra_subsetD] @ pushes) |
150 (!simpset addsimps ([not_parts_not_analz] @ pushes) |
152 setloop split_tac [expand_if]))); |
151 setloop split_tac [expand_if]))); |
153 (*NS1*) |
152 (*NS1*) |
154 by (expand_case_tac "NA = ?y" 3 THEN |
153 by (expand_case_tac "NA = ?y" 3 THEN |
155 REPEAT (fast_tac (!claset addSEs (nonce_not_seen_now::partsEs)) 3)); |
154 REPEAT (fast_tac (!claset addSEs (nonce_not_seen_now::partsEs)) 3)); |
156 (*Base*) |
155 (*Base*) |
157 by (fast_tac (!claset addss (!simpset)) 1); |
156 by (fast_tac (!claset addss (!simpset)) 1); |
158 (*Fake*) |
157 (*Fake*) |
159 by (simp_tac (!simpset addsimps [all_conj_distrib,parts_insert_sees]) 1); |
158 by (simp_tac (!simpset addsimps [all_conj_distrib,parts_insert_sees]) 1); |
160 by (step_tac (!claset addSIs [impOfSubs (subset_insertI RS analz_mono)]) 1); |
159 by (step_tac (!claset addSIs [analz_insertI]) 1); |
161 by (ex_strip_tac 1); |
160 by (ex_strip_tac 1); |
162 by (best_tac (!claset delrules [conjI] |
161 by (best_tac (!claset delrules [conjI] |
163 addSDs [impOfSubs Fake_parts_insert] |
162 addSDs [impOfSubs Fake_parts_insert] |
164 addDs [impOfSubs analz_subset_parts] |
163 addDs [impOfSubs analz_subset_parts] |
165 addss (!simpset)) 1); |
164 addss (!simpset)) 1); |
186 \ ==> Says A B (Crypt (pubK B) {|Nonce NA, Agent A|}) : set_of_list evs \ |
185 \ ==> Says A B (Crypt (pubK B) {|Nonce NA, Agent A|}) : set_of_list evs \ |
187 \ --> Nonce NA ~: analz (sees lost Spy evs)"; |
186 \ --> Nonce NA ~: analz (sees lost Spy evs)"; |
188 by (etac ns_public.induct 1); |
187 by (etac ns_public.induct 1); |
189 by (ALLGOALS |
188 by (ALLGOALS |
190 (asm_simp_tac |
189 (asm_simp_tac |
191 (!simpset addsimps ([analz_subset_parts RS contra_subsetD] @ pushes) |
190 (!simpset addsimps ([not_parts_not_analz] @ pushes) |
192 setloop split_tac [expand_if]))); |
191 setloop split_tac [expand_if]))); |
193 (*NS3*) |
192 (*NS3*) |
194 by (fast_tac (!claset addSDs [Says_imp_sees_Spy' RS parts.Inj] |
193 by (fast_tac (!claset addSDs [Says_imp_sees_Spy' RS parts.Inj] |
195 addEs [no_nonce_NS1_NS2 RSN (2, rev_notE)]) 4); |
194 addEs [no_nonce_NS1_NS2 RSN (2, rev_notE)]) 4); |
196 (*NS1*) |
195 (*NS1*) |
197 by (fast_tac (!claset addSEs partsEs |
196 by (fast_tac (!claset addSEs partsEs |
198 addSDs [new_nonces_not_seen, |
197 addSDs [new_nonces_not_seen, |
199 Says_imp_sees_Spy' RS parts.Inj]) 2); |
198 Says_imp_sees_Spy' RS parts.Inj]) 2); |
200 (*Fake*) |
199 (*Fake*) |
201 by (REPEAT_FIRST (rtac conjI ORELSE' spy_analz_tac)); |
200 by (REPEAT_FIRST spy_analz_tac); |
202 (*NS2*) |
201 (*NS2*) |
203 by (Step_tac 1); |
202 by (Step_tac 1); |
204 by (fast_tac (!claset addSEs partsEs |
203 by (fast_tac (!claset addSEs partsEs |
205 addSDs [new_nonces_not_seen, |
204 addSDs [new_nonces_not_seen, |
206 Says_imp_sees_Spy' RS parts.Inj]) 2); |
205 Says_imp_sees_Spy' RS parts.Inj]) 2); |
256 \ Crypt (pubK B) {|Nonce NA, Agent A|} : parts (sees lost Spy evs) --> \ |
255 \ Crypt (pubK B) {|Nonce NA, Agent A|} : parts (sees lost Spy evs) --> \ |
257 \ Says A B (Crypt (pubK B) {|Nonce NA, Agent A|}) : set_of_list evs"; |
256 \ Says A B (Crypt (pubK B) {|Nonce NA, Agent A|}) : set_of_list evs"; |
258 by (etac ns_public.induct 1); |
257 by (etac ns_public.induct 1); |
259 by (ALLGOALS |
258 by (ALLGOALS |
260 (asm_simp_tac |
259 (asm_simp_tac |
261 (!simpset addsimps ([analz_subset_parts RS contra_subsetD] @ pushes) |
260 (!simpset addsimps ([not_parts_not_analz] @ pushes) |
262 setloop split_tac [expand_if]))); |
261 setloop split_tac [expand_if]))); |
263 (*Fake*) |
262 (*Fake*) |
264 by (best_tac (!claset addSIs [disjI2] |
263 by (best_tac (!claset addSIs [disjI2] |
265 addSDs [impOfSubs Fake_parts_insert] |
264 addSDs [impOfSubs Fake_parts_insert] |
266 addIs [impOfSubs (subset_insertI RS analz_mono)] |
265 addIs [analz_insertI] |
267 addDs [impOfSubs analz_subset_parts] |
266 addDs [impOfSubs analz_subset_parts] |
268 addss (!simpset)) 2); |
267 addss (!simpset)) 2); |
269 (*Base*) |
268 (*Base*) |
270 by (fast_tac (!claset addss (!simpset)) 1); |
269 by (fast_tac (!claset addss (!simpset)) 1); |
271 qed_spec_mp "B_trusts_NS1"; |
270 qed_spec_mp "B_trusts_NS1"; |
283 \ Crypt (pubK A) {|Nonce NA, Nonce NB|} : parts (sees lost Spy evs) --> \ |
282 \ Crypt (pubK A) {|Nonce NA, Nonce NB|} : parts (sees lost Spy evs) --> \ |
284 \ A=A' & NA=NA')"; |
283 \ A=A' & NA=NA')"; |
285 by (etac ns_public.induct 1); |
284 by (etac ns_public.induct 1); |
286 by (ALLGOALS |
285 by (ALLGOALS |
287 (asm_simp_tac |
286 (asm_simp_tac |
288 (!simpset addsimps ([analz_subset_parts RS contra_subsetD] @ pushes) |
287 (!simpset addsimps ([not_parts_not_analz] @ pushes) |
289 setloop split_tac [expand_if]))); |
288 setloop split_tac [expand_if]))); |
290 (*NS2*) |
289 (*NS2*) |
291 by (expand_case_tac "NB = ?y" 3 THEN |
290 by (expand_case_tac "NB = ?y" 3 THEN |
292 REPEAT (fast_tac (!claset addSEs (nonce_not_seen_now::partsEs)) 3)); |
291 REPEAT (fast_tac (!claset addSEs (nonce_not_seen_now::partsEs)) 3)); |
293 (*Base*) |
292 (*Base*) |
294 by (fast_tac (!claset addss (!simpset)) 1); |
293 by (fast_tac (!claset addss (!simpset)) 1); |
295 (*Fake*) |
294 (*Fake*) |
296 by (simp_tac (!simpset addsimps [all_conj_distrib,parts_insert_sees]) 1); |
295 by (simp_tac (!simpset addsimps [all_conj_distrib,parts_insert_sees]) 1); |
297 by (step_tac (!claset addSIs [impOfSubs (subset_insertI RS analz_mono)]) 1); |
296 by (step_tac (!claset addSIs [analz_insertI]) 1); |
298 by (ex_strip_tac 1); |
297 by (ex_strip_tac 1); |
299 by (best_tac (!claset delrules [conjI] |
298 by (best_tac (!claset delrules [conjI] |
300 addSDs [impOfSubs Fake_parts_insert] |
299 addSDs [impOfSubs Fake_parts_insert] |
301 addDs [impOfSubs analz_subset_parts] |
300 addDs [impOfSubs analz_subset_parts] |
302 addss (!simpset)) 1); |
301 addss (!simpset)) 1); |
324 \ (ALL C. Says A C (Crypt (pubK C) (Nonce NB)) ~: set_of_list evs) --> \ |
323 \ (ALL C. Says A C (Crypt (pubK C) (Nonce NB)) ~: set_of_list evs) --> \ |
325 \ Nonce NB ~: analz (sees lost Spy evs)"; |
324 \ Nonce NB ~: analz (sees lost Spy evs)"; |
326 by (etac ns_public.induct 1); |
325 by (etac ns_public.induct 1); |
327 by (ALLGOALS |
326 by (ALLGOALS |
328 (asm_simp_tac |
327 (asm_simp_tac |
329 (!simpset addsimps ([analz_subset_parts RS contra_subsetD] @ pushes) |
328 (!simpset addsimps ([not_parts_not_analz] @ pushes) |
330 setloop split_tac [expand_if]))); |
329 setloop split_tac [expand_if]))); |
331 (*NS1*) |
330 (*NS1*) |
332 by (fast_tac (!claset addSEs partsEs |
331 by (fast_tac (!claset addSEs partsEs |
333 addSDs [new_nonces_not_seen, |
332 addSDs [new_nonces_not_seen, |
334 Says_imp_sees_Spy' RS parts.Inj]) 2); |
333 Says_imp_sees_Spy' RS parts.Inj]) 2); |
335 (*Fake*) |
334 (*Fake*) |
336 by (REPEAT_FIRST (rtac conjI ORELSE' spy_analz_tac)); |
335 by (REPEAT_FIRST spy_analz_tac); |
337 (*NS2 and NS3*) |
336 (*NS2 and NS3*) |
338 by (Step_tac 1); |
337 by (Step_tac 1); |
339 (*NS2*) |
338 (*NS2*) |
340 by (fast_tac (!claset addSDs [Says_imp_sees_Spy' RS parts.Inj] |
339 by (fast_tac (!claset addSDs [Says_imp_sees_Spy' RS parts.Inj] |
341 addEs [no_nonce_NS1_NS2 RSN (2, rev_notE)]) 3); |
340 addEs [no_nonce_NS1_NS2 RSN (2, rev_notE)]) 3); |
409 \ ==> Says B A (Crypt (pubK A) {|Nonce NA, Nonce NB|}) : set_of_list evs \ |
408 \ ==> Says B A (Crypt (pubK A) {|Nonce NA, Nonce NB|}) : set_of_list evs \ |
410 \ --> Nonce NB ~: analz (sees lost Spy evs)"; |
409 \ --> Nonce NB ~: analz (sees lost Spy evs)"; |
411 by (etac ns_public.induct 1); |
410 by (etac ns_public.induct 1); |
412 by (ALLGOALS |
411 by (ALLGOALS |
413 (asm_simp_tac |
412 (asm_simp_tac |
414 (!simpset addsimps ([analz_subset_parts RS contra_subsetD] @ pushes) |
413 (!simpset addsimps ([not_parts_not_analz] @ pushes) |
415 setloop split_tac [expand_if]))); |
414 setloop split_tac [expand_if]))); |
416 (*NS1*) |
415 (*NS1*) |
417 by (fast_tac (!claset addSEs partsEs |
416 by (fast_tac (!claset addSEs partsEs |
418 addSDs [new_nonces_not_seen, |
417 addSDs [new_nonces_not_seen, |
419 Says_imp_sees_Spy' RS parts.Inj]) 2); |
418 Says_imp_sees_Spy' RS parts.Inj]) 2); |
420 (*Fake*) |
419 (*Fake*) |
421 by (REPEAT_FIRST (rtac conjI ORELSE' spy_analz_tac)); |
420 by (REPEAT_FIRST spy_analz_tac); |
422 (*NS2 and NS3*) |
421 (*NS2 and NS3*) |
423 by (Step_tac 1); |
422 by (Step_tac 1); |
424 (*NS2*) |
423 (*NS2*) |
425 by (fast_tac (!claset addSEs partsEs |
424 by (fast_tac (!claset addSEs partsEs |
426 addSDs [new_nonces_not_seen, |
425 addSDs [new_nonces_not_seen, |