196 |
196 |
197 subsubsection{*lemmas on parts, synth and analz*} |
197 subsubsection{*lemmas on parts, synth and analz*} |
198 |
198 |
199 lemma parts_invKey [rule_format,dest]:"X:parts {Y} ==> |
199 lemma parts_invKey [rule_format,dest]:"X:parts {Y} ==> |
200 X:analz (insert (Crypt K Y) H) --> X ~:analz H --> Key (invKey K):analz H" |
200 X:analz (insert (Crypt K Y) H) --> X ~:analz H --> Key (invKey K):analz H" |
201 by (erule parts.induct, (fastforce dest: parts.Fst parts.Snd parts.Body)+) |
201 by (erule parts.induct, auto dest: parts.Fst parts.Snd parts.Body) |
202 |
202 |
203 lemma in_analz: "Y:analz H ==> EX X. X:H & Y:parts {X}" |
203 lemma in_analz: "Y:analz H ==> EX X. X:H & Y:parts {X}" |
204 by (erule analz.induct, auto intro: parts.Fst parts.Snd parts.Body) |
204 by (erule analz.induct, auto intro: parts.Fst parts.Snd parts.Body) |
205 |
205 |
206 lemmas in_analz_subset_parts = analz_subset_parts [THEN subsetD] |
206 lemmas in_analz_subset_parts = analz_subset_parts [THEN subsetD] |
207 |
207 |
208 lemma Crypt_synth_insert: "[| Crypt K X:parts (insert Y H); |
208 lemma Crypt_synth_insert: "[| Crypt K X:parts (insert Y H); |
209 Y:synth (analz H); Key K ~:analz H |] ==> Crypt K X:parts H" |
209 Y:synth (analz H); Key K ~:analz H |] ==> Crypt K X:parts H" |
210 apply (drule parts_insert_substD [where P="%S. Crypt K X : S"], clarify) |
210 apply (drule parts_insert_substD, clarify) |
211 apply (frule in_sub) |
211 apply (frule in_sub) |
212 apply (frule parts_mono) |
212 apply (frule parts_mono) |
213 by auto |
213 apply auto |
|
214 done |
214 |
215 |
215 subsubsection{*greatest nonce used in a message*} |
216 subsubsection{*greatest nonce used in a message*} |
216 |
217 |
217 fun greatest_msg :: "msg => nat" |
218 fun greatest_msg :: "msg => nat" |
218 where |
219 where |