301 \ --> B=B' & P=P'"; |
301 \ --> B=B' & P=P'"; |
302 by (parts_induct_tac 1); |
302 by (parts_induct_tac 1); |
303 by (Fake_parts_insert_tac 1); |
303 by (Fake_parts_insert_tac 1); |
304 by (etac responses.induct 3); |
304 by (etac responses.induct 3); |
305 by (ALLGOALS (simp_tac (!simpset addsimps [all_conj_distrib]))); |
305 by (ALLGOALS (simp_tac (!simpset addsimps [all_conj_distrib]))); |
306 by (step_tac (!claset addSEs partsEs) 1); |
306 by (clarify_tac (!claset addSEs partsEs) 1); |
307 (*RA1,2: creation of new Nonce. Move assertion into global context*) |
307 (*RA1,2: creation of new Nonce. Move assertion into global context*) |
308 by (ALLGOALS (expand_case_tac "NA = ?y")); |
308 by (ALLGOALS (expand_case_tac "NA = ?y")); |
309 by (REPEAT_FIRST (ares_tac [exI])); |
309 by (REPEAT_FIRST (ares_tac [exI])); |
310 by (REPEAT (blast_tac (!claset addSDs [Hash_imp_body] |
310 by (REPEAT (blast_tac (!claset addSDs [Hash_imp_body] |
311 addSEs spies_partsEs) 1)); |
311 addSEs spies_partsEs) 1)); |
386 \ --> (A'=A & B'=B) | (A'=B & B'=A)"; |
386 \ --> (A'=A & B'=B) | (A'=B & B'=A)"; |
387 by (etac respond.induct 1); |
387 by (etac respond.induct 1); |
388 by (ALLGOALS (asm_full_simp_tac (!simpset addsimps [all_conj_distrib]))); |
388 by (ALLGOALS (asm_full_simp_tac (!simpset addsimps [all_conj_distrib]))); |
389 (*Base case*) |
389 (*Base case*) |
390 by (Blast_tac 1); |
390 by (Blast_tac 1); |
391 by (Step_tac 1); |
391 by Safe_tac; |
392 by (expand_case_tac "K = KBC" 1); |
392 by (expand_case_tac "K = KBC" 1); |
393 by (dtac respond_Key_in_parts 1); |
393 by (dtac respond_Key_in_parts 1); |
394 by (blast_tac (!claset addSIs [exI] |
394 by (blast_tac (!claset addSIs [exI] |
395 addSEs partsEs |
395 addSEs partsEs |
396 addDs [Key_in_parts_respond]) 1); |
396 addDs [Key_in_parts_respond]) 1); |
427 (analz_image_freshK_ss addsimps |
427 (analz_image_freshK_ss addsimps |
428 [shrK_in_analz_respond, resp_analz_image_freshK, parts_insert2]))); |
428 [shrK_in_analz_respond, resp_analz_image_freshK, parts_insert2]))); |
429 by (ALLGOALS (simp_tac (!simpset addsimps [ex_disj_distrib]))); |
429 by (ALLGOALS (simp_tac (!simpset addsimps [ex_disj_distrib]))); |
430 (** LEVEL 5 **) |
430 (** LEVEL 5 **) |
431 by (blast_tac (!claset addIs [impOfSubs analz_subset_parts]) 1); |
431 by (blast_tac (!claset addIs [impOfSubs analz_subset_parts]) 1); |
432 by (step_tac (!claset addSEs [MPair_parts]) 1); |
432 by (safe_tac (!claset addSEs [MPair_parts])); |
433 by (REPEAT (blast_tac (!claset addSDs [respond_certificate] |
433 by (REPEAT (blast_tac (!claset addSDs [respond_certificate] |
434 addDs [resp_analz_insert] |
434 addDs [resp_analz_insert] |
435 addIs [impOfSubs analz_subset_parts]) 4)); |
435 addIs [impOfSubs analz_subset_parts]) 4)); |
436 by (Blast_tac 3); |
436 by (Blast_tac 3); |
437 by (blast_tac (!claset addSEs partsEs |
437 by (blast_tac (!claset addSEs partsEs |
444 qed_spec_mp "respond_Spy_not_see_session_key"; |
444 qed_spec_mp "respond_Spy_not_see_session_key"; |
445 |
445 |
446 |
446 |
447 goal thy |
447 goal thy |
448 "!!evs. [| Crypt (shrK A) {|Key K, Agent A', N|} : parts (spies evs); \ |
448 "!!evs. [| Crypt (shrK A) {|Key K, Agent A', N|} : parts (spies evs); \ |
449 \ A ~: bad; A' ~: bad; evs : recur |] \ |
449 \ A ~: bad; A' ~: bad; evs : recur |] \ |
450 \ ==> Key K ~: analz (spies evs)"; |
450 \ ==> Key K ~: analz (spies evs)"; |
451 by (etac rev_mp 1); |
451 by (etac rev_mp 1); |
452 by (etac recur.induct 1); |
452 by (etac recur.induct 1); |
453 by analz_spies_tac; |
453 by analz_spies_tac; |
454 by (ALLGOALS |
454 by (ALLGOALS |
455 (asm_simp_tac |
455 (asm_simp_tac |
456 (!simpset addsimps [parts_insert_spies, analz_insert_freshK] |
456 (!simpset addsimps [analz_insert_eq, parts_insert_spies, |
|
457 analz_insert_freshK] |
457 setloop split_tac [expand_if]))); |
458 setloop split_tac [expand_if]))); |
458 (*RA4*) |
459 (*RA4*) |
459 by (spy_analz_tac 5); |
460 by (spy_analz_tac 5); |
460 (*RA2*) |
461 (*RA2*) |
461 by (spy_analz_tac 3); |
462 by (spy_analz_tac 3); |
462 (*Fake*) |
463 (*Fake*) |
463 by (spy_analz_tac 2); |
464 by (spy_analz_tac 2); |
464 (*Base*) |
465 (*Base*) |
465 by (Blast_tac 1); |
466 by (Blast_tac 1); |
466 (*RA3 remains*) |
467 (*RA3 remains*) |
467 by (step_tac (!claset delrules [impCE]) 1); |
468 by (safe_tac (!claset delrules [impCE])); |
468 (*RA3, case 2: K is an old key*) |
469 (*RA3, case 2: K is an old key*) |
469 by (blast_tac (!claset addSDs [resp_analz_insert] |
470 by (blast_tac (!claset addSDs [resp_analz_insert] |
470 addSEs partsEs |
471 addSEs partsEs |
471 addDs [Key_in_parts_respond]) 2); |
472 addDs [Key_in_parts_respond]) 2); |
472 (*RA3, case 1: use lemma previously proved by induction*) |
473 (*RA3, case 1: use lemma previously proved by induction*) |
473 by (blast_tac (!claset addSEs [respond_Spy_not_see_session_key RSN |
474 by (blast_tac (!claset addSEs [respond_Spy_not_see_session_key RSN |
474 (2,rev_notE)]) 1); |
475 (2,rev_notE)]) 1); |
475 qed "Spy_not_see_session_key"; |
476 qed "Spy_not_see_session_key"; |
476 |
477 |