isabelle: comparison src/HOL/Auth/OtwayRees

equal deleted inserted replaced

-:315694e22856
+:e85c24717cad
 (*Bob's response to Alice's message.  Bob doesn't know who
 	   the sender is, hence the A' in the sender field.
 We modify the published protocol by NOT encrypting NB.*)
 OR2  "[| evs: otway;  B ~= Server;  Nonce NB ~: used evs;
-Says A' B {|Nonce NA, Agent A, Agent B, X|} : set_of_list evs |]
+Says A' B {|Nonce NA, Agent A, Agent B, X|} : set evs |]
 ==> Says B Server
 {|Nonce NA, Agent A, Agent B, X, Nonce NB,
 Crypt (shrK B) {|Nonce NA, Agent A, Agent B|}|}
 # evs : otway"
 Says B' Server
 {|Nonce NA, Agent A, Agent B,
 Crypt (shrK A) {|Nonce NA, Agent A, Agent B|},
 Nonce NB,
 Crypt (shrK B) {|Nonce NA, Agent A, Agent B|}|}
-: set_of_list evs |]
+: set evs |]
 ==> Says Server B
 {|Nonce NA,
 Crypt (shrK A) {|Nonce NA, Key KAB|},
 Crypt (shrK B) {|Nonce NB, Key KAB|}|}
 # evs : otway"
 (*Bob receives the Server's (?) message and compares the Nonces with
 	   those in the message he previously sent the Server.*)
 OR4  "[| evs: otway;  A ~= B;
 Says B Server {|Nonce NA, Agent A, Agent B, X', Nonce NB, X''|}
-: set_of_list evs;
+: set evs;
 Says S' B {|Nonce NA, X, Crypt (shrK B) {|Nonce NB, Key K|}|}
-: set_of_list evs |]
+: set evs |]
 ==> Says B A {|Nonce NA, X|} # evs : otway"
 (*This message models possible leaks of session keys.  The nonces
 identify the protocol run.*)
 Oops "[| evs: otway;  B ~= Spy;
 Says Server B {|Nonce NA, X, Crypt (shrK B) {|Nonce NB, Key K|}|}
-: set_of_list evs |]
+: set evs |]
 ==> Says B Spy {|Nonce NA, Nonce NB, Key K|} # evs : otway"
 end

changeset 3465	e85c24717cad
parent 2837	dee1c7f1f576
child 3519	ab0a9fbed4c0