isabelle: comparison src/HOL/Auth/Yahalom2.thy

equal deleted inserted replaced

-:315694e22856
+:e85c24717cad
 ==> Says A B {|Agent A, Nonce NA|} # evs : yahalom lost"
 (*Bob's response to Alice's message.  Bob doesn't know who
 	   the sender is, hence the A' in the sender field.*)
 YM2  "[| evs: yahalom lost;  B ~= Server;  Nonce NB ~: used evs;
-Says A' B {|Agent A, Nonce NA|} : set_of_list evs |]
+Says A' B {|Agent A, Nonce NA|} : set evs |]
 ==> Says B Server
 {|Agent B, Nonce NB, Crypt (shrK B) {|Agent A, Nonce NA|}|}
 # evs : yahalom lost"
 (*The Server receives Bob's message.  He responds by sending a
 new session key to Alice, with a packet for forwarding to Bob.
 !! Fields are reversed in the 2nd packet to prevent attacks!! *)
 YM3  "[| evs: yahalom lost;  A ~= B;  A ~= Server;  Key KAB ~: used evs;
 Says B' Server {|Agent B, Nonce NB,
 			      Crypt (shrK B) {|Agent A, Nonce NA|}|}
-: set_of_list evs |]
+: set evs |]
 ==> Says Server A
 {|Nonce NB,
 Crypt (shrK A) {|Agent B, Key KAB, Nonce NA|},
 Crypt (shrK B) {|Nonce NB, Key KAB, Agent A|}|}
 # evs : yahalom lost"
 (*Alice receives the Server's (?) message, checks her Nonce, and
 uses the new session key to send Bob his Nonce.*)
 YM4  "[| evs: yahalom lost;  A ~= Server;  A ~= B;
 Says S A {|Nonce NB, Crypt (shrK A) {|Agent B, Key K, Nonce NA|},
 X|}
-: set_of_list evs;
+: set evs;
-Says A B {|Agent A, Nonce NA|} : set_of_list evs |]
+Says A B {|Agent A, Nonce NA|} : set evs |]
 ==> Says A B {|X, Crypt K (Nonce NB)|} # evs : yahalom lost"
 (*This message models possible leaks of session keys.  The nonces
 identify the protocol run.  Quoting Server here ensures they are
 correct. *)
 Oops "[| evs: yahalom lost;  A ~= Spy;
 Says Server A {|Nonce NB,
 Crypt (shrK A) {|Agent B, Key K, Nonce NA|},
-X|}  : set_of_list evs |]
+X|}  : set evs |]
 ==> Says A Spy {|Nonce NA, Nonce NB, Key K|} # evs : yahalom lost"
 end

changeset 3465	e85c24717cad
parent 3445	96fcfbfa4fb5
child 3466	30791e5a69c4