isabelle: comparison src/HOL/Auth/OtwayReesBella.thy

equal deleted inserted replaced

-:23a8c5ac35f8
+:69916a850301
 where
 Nil:  "[]\<in> orb"
 | Fake: "\<lbrakk>evsa\<in> orb;  X\<in> synth (analz (knows Spy evsa))\<rbrakk>
-	 \<Longrightarrow> Says Spy B X  # evsa \<in> orb"
+\<Longrightarrow> Says Spy B X  # evsa \<in> orb"
 | Reception: "\<lbrakk>evsr\<in> orb;  Says A B X \<in> set evsr\<rbrakk>
-	      \<Longrightarrow> Gets B X # evsr \<in> orb"
+\<Longrightarrow> Gets B X # evsr \<in> orb"
 | OR1:  "\<lbrakk>evs1\<in> orb;  Nonce NA \<notin> used evs1\<rbrakk>
-	 \<Longrightarrow> Says A B \<lbrace>Nonce M, Agent A, Agent B,
+\<Longrightarrow> Says A B \<lbrace>Nonce M, Agent A, Agent B,
-		   Crypt (shrK A) \<lbrace>Nonce NA, Nonce M, Agent A, Agent B\<rbrace>\<rbrace>
+Crypt (shrK A) \<lbrace>Nonce NA, Nonce M, Agent A, Agent B\<rbrace>\<rbrace>
-	       # evs1 \<in> orb"
+# evs1 \<in> orb"
 | OR2:  "\<lbrakk>evs2\<in> orb;  Nonce NB \<notin> used evs2;
-	   Gets B \<lbrace>Nonce M, Agent A, Agent B, X\<rbrace> \<in> set evs2\<rbrakk>
+Gets B \<lbrace>Nonce M, Agent A, Agent B, X\<rbrace> \<in> set evs2\<rbrakk>
-	\<Longrightarrow> Says B Server
+\<Longrightarrow> Says B Server
-		\<lbrace>Nonce M, Agent A, Agent B, X,
+\<lbrace>Nonce M, Agent A, Agent B, X,
-	   Crypt (shrK B) \<lbrace>Nonce NB, Nonce M, Nonce M, Agent A, Agent B\<rbrace>\<rbrace>
+Crypt (shrK B) \<lbrace>Nonce NB, Nonce M, Nonce M, Agent A, Agent B\<rbrace>\<rbrace>
-	       # evs2 \<in> orb"
+# evs2 \<in> orb"
 | OR3:  "\<lbrakk>evs3\<in> orb;  Key KAB \<notin> used evs3;
-	  Gets Server
+Gets Server
-	     \<lbrace>Nonce M, Agent A, Agent B,
+\<lbrace>Nonce M, Agent A, Agent B,
-	       Crypt (shrK A) \<lbrace>Nonce NA, Nonce M, Agent A, Agent B\<rbrace>,
+Crypt (shrK A) \<lbrace>Nonce NA, Nonce M, Agent A, Agent B\<rbrace>,
-	       Crypt (shrK B) \<lbrace>Nonce NB, Nonce M, Nonce M, Agent A, Agent B\<rbrace>\<rbrace>
+Crypt (shrK B) \<lbrace>Nonce NB, Nonce M, Nonce M, Agent A, Agent B\<rbrace>\<rbrace>
-	  \<in> set evs3\<rbrakk>
+\<in> set evs3\<rbrakk>
-	\<Longrightarrow> Says Server B \<lbrace>Nonce M,
+\<Longrightarrow> Says Server B \<lbrace>Nonce M,
-		    Crypt (shrK B) \<lbrace>Crypt (shrK A) \<lbrace>Nonce NA, Key KAB\<rbrace>,
+Crypt (shrK B) \<lbrace>Crypt (shrK A) \<lbrace>Nonce NA, Key KAB\<rbrace>,
-				      Nonce NB, Key KAB\<rbrace>\<rbrace>
+Nonce NB, Key KAB\<rbrace>\<rbrace>
-	       # evs3 \<in> orb"
+# evs3 \<in> orb"
 (*B can only check that the message he is bouncing is a ciphertext*)
 (*Sending M back is omitted*)
 | OR4:  "\<lbrakk>evs4\<in> orb; B \<noteq> Server; \<forall> p q. X \<noteq> \<lbrace>p, q\<rbrace>;
-	  Says B Server \<lbrace>Nonce M, Agent A, Agent B, X',
+Says B Server \<lbrace>Nonce M, Agent A, Agent B, X',
-		Crypt (shrK B) \<lbrace>Nonce NB, Nonce M, Nonce M, Agent A, Agent B\<rbrace>\<rbrace>
+Crypt (shrK B) \<lbrace>Nonce NB, Nonce M, Nonce M, Agent A, Agent B\<rbrace>\<rbrace>
-	    \<in> set evs4;
+\<in> set evs4;
-	  Gets B \<lbrace>Nonce M, Crypt (shrK B) \<lbrace>X, Nonce NB, Key KAB\<rbrace>\<rbrace>
+Gets B \<lbrace>Nonce M, Crypt (shrK B) \<lbrace>X, Nonce NB, Key KAB\<rbrace>\<rbrace>
-	    \<in> set evs4\<rbrakk>
+\<in> set evs4\<rbrakk>
-	\<Longrightarrow> Says B A \<lbrace>Nonce M, X\<rbrace> # evs4 \<in> orb"
+\<Longrightarrow> Says B A \<lbrace>Nonce M, X\<rbrace> # evs4 \<in> orb"
 | Oops: "\<lbrakk>evso\<in> orb;
-	   Says Server B \<lbrace>Nonce M,
+Says Server B \<lbrace>Nonce M,
-		    Crypt (shrK B) \<lbrace>Crypt (shrK A) \<lbrace>Nonce NA, Key KAB\<rbrace>,
+Crypt (shrK B) \<lbrace>Crypt (shrK A) \<lbrace>Nonce NA, Key KAB\<rbrace>,
-				      Nonce NB, Key KAB\<rbrace>\<rbrace>
+Nonce NB, Key KAB\<rbrace>\<rbrace>
-	     \<in> set evso\<rbrakk>
+\<in> set evso\<rbrakk>
 \<Longrightarrow> Notes Spy \<lbrace>Agent A, Agent B, Nonce NA, Nonce NB, Key KAB\<rbrace> # evso
 \<in> orb"

changeset 32960	69916a850301
parent 30549	d2d7874648bd
child 37936	1e4c5015a72e