equal
deleted
inserted
replaced
256 "!!evs. [| A ~: bad; B ~: bad; evs : ns_shared |] \ |
256 "!!evs. [| A ~: bad; B ~: bad; evs : ns_shared |] \ |
257 \ ==> Says Server A \ |
257 \ ==> Says Server A \ |
258 \ (Crypt (shrK A) {|NA, Agent B, Key K, \ |
258 \ (Crypt (shrK A) {|NA, Agent B, Key K, \ |
259 \ Crypt (shrK B) {|Key K, Agent A|}|}) \ |
259 \ Crypt (shrK B) {|Key K, Agent A|}|}) \ |
260 \ : set evs --> \ |
260 \ : set evs --> \ |
261 \ (ALL NB. Says A Spy {|NA, NB, Key K|} ~: set evs) --> \ |
261 \ (ALL NB. Notes Spy {|NA, NB, Key K|} ~: set evs) --> \ |
262 \ Key K ~: analz (spies evs)"; |
262 \ Key K ~: analz (spies evs)"; |
263 by (etac ns_shared.induct 1); |
263 by (etac ns_shared.induct 1); |
264 by analz_spies_tac; |
264 by analz_spies_tac; |
265 by (ALLGOALS |
265 by (ALLGOALS |
266 (asm_simp_tac |
266 (asm_simp_tac |
286 |
286 |
287 (*Final version: Server's message in the most abstract form*) |
287 (*Final version: Server's message in the most abstract form*) |
288 goal thy |
288 goal thy |
289 "!!evs. [| Says Server A \ |
289 "!!evs. [| Says Server A \ |
290 \ (Crypt K' {|NA, Agent B, Key K, X|}) : set evs; \ |
290 \ (Crypt K' {|NA, Agent B, Key K, X|}) : set evs; \ |
291 \ ALL NB. Says A Spy {|NA, NB, Key K|} ~: set evs; \ |
291 \ ALL NB. Notes Spy {|NA, NB, Key K|} ~: set evs; \ |
292 \ A ~: bad; B ~: bad; evs : ns_shared \ |
292 \ A ~: bad; B ~: bad; evs : ns_shared \ |
293 \ |] ==> Key K ~: analz (spies evs)"; |
293 \ |] ==> Key K ~: analz (spies evs)"; |
294 by (forward_tac [Says_Server_message_form] 1 THEN assume_tac 1); |
294 by (forward_tac [Says_Server_message_form] 1 THEN assume_tac 1); |
295 by (blast_tac (claset() addSDs [lemma]) 1); |
295 by (blast_tac (claset() addSDs [lemma]) 1); |
296 qed "Spy_not_see_encrypted_key"; |
296 qed "Spy_not_see_encrypted_key"; |
343 |
343 |
344 (*This version no longer assumes that K is secure*) |
344 (*This version no longer assumes that K is secure*) |
345 goal thy |
345 goal thy |
346 "!!evs. [| Crypt K (Nonce NB) : parts (spies evs); \ |
346 "!!evs. [| Crypt K (Nonce NB) : parts (spies evs); \ |
347 \ Crypt (shrK A) {|NA, Agent B, Key K, X|} : parts (spies evs); \ |
347 \ Crypt (shrK A) {|NA, Agent B, Key K, X|} : parts (spies evs); \ |
348 \ ALL NB. Says A Spy {|NA, NB, Key K|} ~: set evs; \ |
348 \ ALL NB. Notes Spy {|NA, NB, Key K|} ~: set evs; \ |
349 \ A ~: bad; B ~: bad; evs : ns_shared |] \ |
349 \ A ~: bad; B ~: bad; evs : ns_shared |] \ |
350 \ ==> Says B A (Crypt K (Nonce NB)) : set evs"; |
350 \ ==> Says B A (Crypt K (Nonce NB)) : set evs"; |
351 by (blast_tac (claset() addSIs [A_trusts_NS2, A_trusts_NS4_lemma] |
351 by (blast_tac (claset() addSIs [A_trusts_NS2, A_trusts_NS4_lemma] |
352 addSEs [Spy_not_see_encrypted_key RSN (2,rev_notE)]) 1); |
352 addSEs [Spy_not_see_encrypted_key RSN (2,rev_notE)]) 1); |
353 qed "A_trusts_NS4"; |
353 qed "A_trusts_NS4"; |
413 (*Very strong Oops condition reveals protocol's weakness*) |
413 (*Very strong Oops condition reveals protocol's weakness*) |
414 goal thy |
414 goal thy |
415 "!!evs. [| Crypt K {|Nonce NB, Nonce NB|} : parts (spies evs); \ |
415 "!!evs. [| Crypt K {|Nonce NB, Nonce NB|} : parts (spies evs); \ |
416 \ Says B A (Crypt K (Nonce NB)) : set evs; \ |
416 \ Says B A (Crypt K (Nonce NB)) : set evs; \ |
417 \ Crypt (shrK B) {|Key K, Agent A|} : parts (spies evs); \ |
417 \ Crypt (shrK B) {|Key K, Agent A|} : parts (spies evs); \ |
418 \ ALL NA NB. Says A Spy {|NA, NB, Key K|} ~: set evs; \ |
418 \ ALL NA NB. Notes Spy {|NA, NB, Key K|} ~: set evs; \ |
419 \ A ~: bad; B ~: bad; evs : ns_shared |] \ |
419 \ A ~: bad; B ~: bad; evs : ns_shared |] \ |
420 \ ==> Says A B (Crypt K {|Nonce NB, Nonce NB|}) : set evs"; |
420 \ ==> Says A B (Crypt K {|Nonce NB, Nonce NB|}) : set evs"; |
421 by (dtac B_trusts_NS3 1); |
421 by (dtac B_trusts_NS3 1); |
422 by (ALLGOALS Clarify_tac); |
422 by (ALLGOALS Clarify_tac); |
423 by (blast_tac (claset() addSIs [normalize_thm [RSspec, RSmp] lemma] |
423 by (blast_tac (claset() addSIs [normalize_thm [RSspec, RSmp] lemma] |