41 (* invKey (newK evs) = newK evs *) |
41 (* invKey (newK evs) = newK evs *) |
42 bind_thm ("invKey_newK", rewrite_rule [isSymKey_def] isSym_newK); |
42 bind_thm ("invKey_newK", rewrite_rule [isSymKey_def] isSym_newK); |
43 Addsimps [invKey_shrK, invKey_newK]; |
43 Addsimps [invKey_shrK, invKey_newK]; |
44 |
44 |
45 |
45 |
46 (*New keys and nonces are fresh*) |
46 (*Injectiveness and freshness of new keys and nonces*) |
47 val shrK_inject = inj_shrK RS injD; |
47 AddIffs [inj_shrK RS inj_eq, inj_newN RS inj_eq, inj_newK RS inj_eq, |
48 val newN_inject = inj_newN RS injD |
48 fresh_newN, fresh_newK]; |
49 and newK_inject = inj_newK RS injD; |
|
50 AddSEs [shrK_inject, newN_inject, newK_inject, |
|
51 fresh_newK RS notE, fresh_newN RS notE]; |
|
52 Addsimps [inj_shrK RS inj_eq, inj_newN RS inj_eq, inj_newK RS inj_eq]; |
|
53 Addsimps [fresh_newN, fresh_newK]; |
|
54 |
49 |
55 (** Rewrites should not refer to initState(Friend i) |
50 (** Rewrites should not refer to initState(Friend i) |
56 -- not in normal form! **) |
51 -- not in normal form! **) |
57 |
52 |
58 goal thy "newK evs ~= shrK B"; |
53 goal thy "newK evs ~= shrK B"; |
84 |
79 |
85 Addsimps [parts_image_Key, analz_image_Key]; |
80 Addsimps [parts_image_Key, analz_image_Key]; |
86 |
81 |
87 goalw thy [keysFor_def] "keysFor (parts (initState C)) = {}"; |
82 goalw thy [keysFor_def] "keysFor (parts (initState C)) = {}"; |
88 by (agent.induct_tac "C" 1); |
83 by (agent.induct_tac "C" 1); |
89 by (auto_tac (!claset addIs [range_eqI] delrules partsEs, !simpset)); |
84 by (auto_tac (!claset addIs [range_eqI], !simpset)); |
90 qed "keysFor_parts_initState"; |
85 qed "keysFor_parts_initState"; |
91 Addsimps [keysFor_parts_initState]; |
86 Addsimps [keysFor_parts_initState]; |
92 |
87 |
93 goalw thy [keysFor_def] "keysFor (Key``E) = {}"; |
88 goalw thy [keysFor_def] "keysFor (Key``E) = {}"; |
94 by (Auto_tac ()); |
89 by (Auto_tac ()); |
114 by (auto_tac (!claset, !simpset addsimps [bad_def])); |
109 by (auto_tac (!claset, !simpset addsimps [bad_def])); |
115 qed "Enemy_sees_bad"; |
110 qed "Enemy_sees_bad"; |
116 |
111 |
117 AddSIs [sees_own_shrK, Enemy_sees_bad]; |
112 AddSIs [sees_own_shrK, Enemy_sees_bad]; |
118 |
113 |
|
114 goal thy "Enemy: bad"; |
|
115 by (simp_tac (!simpset addsimps [bad_def]) 1); |
|
116 qed "Enemy_in_bad"; |
|
117 |
|
118 AddIffs [Enemy_in_bad]; |
119 |
119 |
120 (** Specialized rewrite rules for (sees A (Says...#evs)) **) |
120 (** Specialized rewrite rules for (sees A (Says...#evs)) **) |
121 |
121 |
122 goal thy "sees A (Says A B X # evs) = insert X (sees A evs)"; |
122 goal thy "sees A (Says A B X # evs) = insert X (sees A evs)"; |
123 by (Simp_tac 1); |
123 by (Simp_tac 1); |
197 goal thy "!!K. newK evs = invKey K ==> newK evs = K"; |
197 goal thy "!!K. newK evs = invKey K ==> newK evs = K"; |
198 br (invKey_eq RS iffD1) 1; |
198 br (invKey_eq RS iffD1) 1; |
199 by (Simp_tac 1); |
199 by (Simp_tac 1); |
200 val newK_invKey = result(); |
200 val newK_invKey = result(); |
201 |
201 |
|
202 AddSDs [newK_invKey]; |
202 |
203 |
203 (** Rewrites to push in Key and Crypt messages, so that other messages can |
204 (** Rewrites to push in Key and Crypt messages, so that other messages can |
204 be pulled out using the analz_insert rules **) |
205 be pulled out using the analz_insert rules **) |
205 |
206 |
206 fun insComm x y = read_instantiate_sg (sign_of thy) [("x",x), ("y",y)] |
207 fun insComm x y = read_instantiate_sg (sign_of thy) [("x",x), ("y",y)] |
216 val pushes = pushKeys@pushCrypts; |
217 val pushes = pushKeys@pushCrypts; |
217 |
218 |
218 val pushKey_newK = insComm "Key (newK ?evs)" "Key (shrK ?C)"; |
219 val pushKey_newK = insComm "Key (newK ?evs)" "Key (shrK ?C)"; |
219 |
220 |
220 |
221 |
|
222 (*No premature instantiation of variables. For proving weak liveness.*) |
|
223 fun safe_solver prems = |
|
224 match_tac (TrueI::refl::prems) ORELSE' eq_assume_tac |
|
225 ORELSE' etac FalseE; |
|
226 |
|
227 (*Analysis of Fake cases and of messages that forward unknown parts*) |
|
228 val enemy_analz_tac = |
|
229 SELECT_GOAL |
|
230 (EVERY [ (*push in occurrences of X...*) |
|
231 (REPEAT o CHANGED) |
|
232 (res_inst_tac [("x1","X")] (insert_commute RS ssubst) 1), |
|
233 (*...allowing further simplifications*) |
|
234 simp_tac (!simpset setloop split_tac [expand_if]) 1, |
|
235 REPEAT (resolve_tac [impI,notI] 1), |
|
236 dtac (impOfSubs Fake_analz_insert) 1, |
|
237 eresolve_tac [asm_rl, synth.Inj] 1, |
|
238 Fast_tac 1, |
|
239 Asm_full_simp_tac 1, |
|
240 IF_UNSOLVED (deepen_tac (!claset addIs [impOfSubs analz_mono]) 0 1) |
|
241 ]); |
|
242 |
|
243 |