145 Nonce :: "nat \<Rightarrow> msg" |
145 Nonce :: "nat \<Rightarrow> msg" |
146 "Nonce N == Abs_Msg(msgrel``{NONCE N})" |
146 "Nonce N == Abs_Msg(msgrel``{NONCE N})" |
147 |
147 |
148 MPair :: "[msg,msg] \<Rightarrow> msg" |
148 MPair :: "[msg,msg] \<Rightarrow> msg" |
149 "MPair X Y == |
149 "MPair X Y == |
150 Abs_Msg (\<Union>\<^bsub>U \<in> Rep_Msg X\<^esub> \<Union>\<^bsub>V \<in> Rep_Msg Y\<^esub> msgrel``{MPAIR U V})" |
150 Abs_Msg (\<Union>U \<in> Rep_Msg X. \<Union>V \<in> Rep_Msg Y. msgrel``{MPAIR U V})" |
151 |
151 |
152 Crypt :: "[nat,msg] \<Rightarrow> msg" |
152 Crypt :: "[nat,msg] \<Rightarrow> msg" |
153 "Crypt K X == |
153 "Crypt K X == |
154 Abs_Msg (\<Union>\<^bsub>U \<in> Rep_Msg X\<^esub> msgrel``{CRYPT K U})" |
154 Abs_Msg (\<Union>U \<in> Rep_Msg X. msgrel``{CRYPT K U})" |
155 |
155 |
156 Decrypt :: "[nat,msg] \<Rightarrow> msg" |
156 Decrypt :: "[nat,msg] \<Rightarrow> msg" |
157 "Decrypt K X == |
157 "Decrypt K X == |
158 Abs_Msg (\<Union>\<^bsub>U \<in> Rep_Msg X\<^esub> msgrel``{DECRYPT K U})" |
158 Abs_Msg (\<Union>U \<in> Rep_Msg X. msgrel``{DECRYPT K U})" |
159 |
159 |
160 |
160 |
161 text{*Reduces equality of equivalence classes to the @{term msgrel} relation: |
161 text{*Reduces equality of equivalence classes to the @{term msgrel} relation: |
162 @{term "(msgrel `` {x} = msgrel `` {y}) = ((x,y) \<in> msgrel)"} *} |
162 @{term "(msgrel `` {x} = msgrel `` {y}) = ((x,y) \<in> msgrel)"} *} |
163 lemmas equiv_msgrel_iff = eq_equiv_class_iff [OF equiv_msgrel UNIV_I UNIV_I] |
163 lemmas equiv_msgrel_iff = eq_equiv_class_iff [OF equiv_msgrel UNIV_I UNIV_I] |
226 |
226 |
227 subsection{*The Abstract Function to Return the Set of Nonces*} |
227 subsection{*The Abstract Function to Return the Set of Nonces*} |
228 |
228 |
229 constdefs |
229 constdefs |
230 nonces :: "msg \<Rightarrow> nat set" |
230 nonces :: "msg \<Rightarrow> nat set" |
231 "nonces X == \<Union>\<^bsub>U \<in> Rep_Msg X\<^esub> freenonces U" |
231 "nonces X == \<Union>U \<in> Rep_Msg X. freenonces U" |
232 |
232 |
233 lemma nonces_congruent: "congruent msgrel freenonces" |
233 lemma nonces_congruent: "congruent msgrel freenonces" |
234 by (simp add: congruent_def msgrel_imp_eq_freenonces) |
234 by (simp add: congruent_def msgrel_imp_eq_freenonces) |
235 |
235 |
236 |
236 |
261 |
261 |
262 subsection{*The Abstract Function to Return the Left Part*} |
262 subsection{*The Abstract Function to Return the Left Part*} |
263 |
263 |
264 constdefs |
264 constdefs |
265 left :: "msg \<Rightarrow> msg" |
265 left :: "msg \<Rightarrow> msg" |
266 "left X == Abs_Msg (\<Union>\<^bsub>U \<in> Rep_Msg X\<^esub> msgrel``{freeleft U})" |
266 "left X == Abs_Msg (\<Union>U \<in> Rep_Msg X. msgrel``{freeleft U})" |
267 |
267 |
268 lemma left_congruent: "congruent msgrel (\<lambda>U. msgrel `` {freeleft U})" |
268 lemma left_congruent: "congruent msgrel (\<lambda>U. msgrel `` {freeleft U})" |
269 by (simp add: congruent_def msgrel_imp_eqv_freeleft) |
269 by (simp add: congruent_def msgrel_imp_eqv_freeleft) |
270 |
270 |
271 text{*Now prove the four equations for @{term left}*} |
271 text{*Now prove the four equations for @{term left}*} |
295 |
295 |
296 subsection{*The Abstract Function to Return the Right Part*} |
296 subsection{*The Abstract Function to Return the Right Part*} |
297 |
297 |
298 constdefs |
298 constdefs |
299 right :: "msg \<Rightarrow> msg" |
299 right :: "msg \<Rightarrow> msg" |
300 "right X == Abs_Msg (\<Union>\<^bsub>U \<in> Rep_Msg X\<^esub> msgrel``{freeright U})" |
300 "right X == Abs_Msg (\<Union>U \<in> Rep_Msg X. msgrel``{freeright U})" |
301 |
301 |
302 lemma right_congruent: "congruent msgrel (\<lambda>U. msgrel `` {freeright U})" |
302 lemma right_congruent: "congruent msgrel (\<lambda>U. msgrel `` {freeright U})" |
303 by (simp add: congruent_def msgrel_imp_eqv_freeright) |
303 by (simp add: congruent_def msgrel_imp_eqv_freeright) |
304 |
304 |
305 text{*Now prove the four equations for @{term right}*} |
305 text{*Now prove the four equations for @{term right}*} |