78 AddSIs [sees_own_priK, Spy_sees_lost]; |
78 AddSIs [sees_own_priK, Spy_sees_lost]; |
79 |
79 |
80 (*Added for Yahalom/lost_tac*) |
80 (*Added for Yahalom/lost_tac*) |
81 goal thy "!!A. [| Crypt (pubK A) X : analz (sees lost Spy evs); A: lost |] \ |
81 goal thy "!!A. [| Crypt (pubK A) X : analz (sees lost Spy evs); A: lost |] \ |
82 \ ==> X : analz (sees lost Spy evs)"; |
82 \ ==> X : analz (sees lost Spy evs)"; |
83 by (fast_tac (!claset addSDs [analz.Decrypt] addss (!simpset)) 1); |
83 by (blast_tac (!claset addSDs [analz.Decrypt]) 1); |
84 qed "Crypt_Spy_analz_lost"; |
84 qed "Crypt_Spy_analz_lost"; |
85 |
85 |
86 (** Specialized rewrite rules for (sees lost A (Says...#evs)) **) |
86 (** Specialized rewrite rules for (sees lost A (Says...#evs)) **) |
87 |
87 |
88 goal thy "sees lost B (Says A B X # evs) = insert X (sees lost B evs)"; |
88 goal thy "sees lost B (Says A B X # evs) = insert X (sees lost B evs)"; |
118 goal thy "(UN A. parts (sees lost A (Says B C Y # evs))) = \ |
118 goal thy "(UN A. parts (sees lost A (Says B C Y # evs))) = \ |
119 \ parts {Y} Un (UN A. parts (sees lost A evs))"; |
119 \ parts {Y} Un (UN A. parts (sees lost A evs))"; |
120 by (Step_tac 1); |
120 by (Step_tac 1); |
121 by (etac rev_mp 1); (*split_tac does not work on assumptions*) |
121 by (etac rev_mp 1); (*split_tac does not work on assumptions*) |
122 by (ALLGOALS |
122 by (ALLGOALS |
123 (fast_tac (!claset addss (!simpset addsimps [parts_Un, sees_Cons] |
123 (fast_tac (!claset unsafe_addss (!simpset addsimps [parts_Un, sees_Cons] |
124 setloop split_tac [expand_if])))); |
124 setloop split_tac [expand_if])))); |
125 qed "UN_parts_sees_Says"; |
125 qed "UN_parts_sees_Says"; |
126 |
126 |
127 goal thy "Says A B X : set_of_list evs --> X : sees lost Spy evs"; |
127 goal thy "Says A B X : set_of_list evs --> X : sees lost Spy evs"; |
128 by (list.induct_tac "evs" 1); |
128 by (list.induct_tac "evs" 1); |
129 by (Auto_tac ()); |
129 by (Auto_tac ()); |
134 val sees_Spy_partsEs = make_elim (Says_imp_sees_Spy RS parts.Inj):: partsEs; |
134 val sees_Spy_partsEs = make_elim (Says_imp_sees_Spy RS parts.Inj):: partsEs; |
135 |
135 |
136 goal thy |
136 goal thy |
137 "!!evs. [| Says A B (Crypt (pubK C) X) : set_of_list evs; C : lost |] \ |
137 "!!evs. [| Says A B (Crypt (pubK C) X) : set_of_list evs; C : lost |] \ |
138 \ ==> X : analz (sees lost Spy evs)"; |
138 \ ==> X : analz (sees lost Spy evs)"; |
139 by (fast_tac (!claset addSDs [Says_imp_sees_Spy RS analz.Inj] |
139 by (blast_tac (!claset addSDs [Says_imp_sees_Spy RS analz.Inj]) 1); |
140 addss (!simpset)) 1); |
|
141 qed "Says_Crypt_lost"; |
140 qed "Says_Crypt_lost"; |
142 |
141 |
143 goal thy |
142 goal thy |
144 "!!evs. [| Says A B (Crypt (pubK C) X) : set_of_list evs; \ |
143 "!!evs. [| Says A B (Crypt (pubK C) X) : set_of_list evs; \ |
145 \ X ~: analz (sees lost Spy evs) |] \ |
144 \ X ~: analz (sees lost Spy evs) |] \ |
146 \ ==> C ~: lost"; |
145 \ ==> C ~: lost"; |
147 by (fast_tac (!claset addSDs [Says_imp_sees_Spy RS analz.Inj] |
146 by (blast_tac (!claset addSDs [Says_imp_sees_Spy RS analz.Inj]) 1); |
148 addss (!simpset)) 1); |
|
149 qed "Says_Crypt_not_lost"; |
147 qed "Says_Crypt_not_lost"; |
150 |
148 |
151 Addsimps [sees_own, sees_Server, sees_Friend, sees_Spy]; |
149 Addsimps [sees_own, sees_Server, sees_Friend, sees_Spy]; |
152 Delsimps [sees_Cons]; (**** NOTE REMOVAL -- laws above are cleaner ****) |
150 Delsimps [sees_Cons]; (**** NOTE REMOVAL -- laws above are cleaner ****) |
153 |
151 |