equal
deleted
inserted
replaced
74 apply (intro exI bexI) |
74 apply (intro exI bexI) |
75 apply (rule_tac [2] yahalom.Nil |
75 apply (rule_tac [2] yahalom.Nil |
76 [THEN yahalom.YM1, THEN yahalom.Reception, |
76 [THEN yahalom.YM1, THEN yahalom.Reception, |
77 THEN yahalom.YM2, THEN yahalom.Reception, |
77 THEN yahalom.YM2, THEN yahalom.Reception, |
78 THEN yahalom.YM3, THEN yahalom.Reception, |
78 THEN yahalom.YM3, THEN yahalom.Reception, |
79 THEN yahalom.YM4]) |
79 THEN yahalom.YM4], possibility) |
80 apply possibility |
|
81 done |
80 done |
82 |
81 |
83 lemma Gets_imp_Says: |
82 lemma Gets_imp_Says: |
84 "[| Gets B X \<in> set evs; evs \<in> yahalom |] ==> \<exists>A. Says A B X \<in> set evs" |
83 "[| Gets B X \<in> set evs; evs \<in> yahalom |] ==> \<exists>A. Says A B X \<in> set evs" |
85 by (erule rev_mp, erule yahalom.induct, auto) |
84 by (erule rev_mp, erule yahalom.induct, auto) |
111 |
110 |
112 (*Spy never sees a good agent's shared key!*) |
111 (*Spy never sees a good agent's shared key!*) |
113 lemma Spy_see_shrK [simp]: |
112 lemma Spy_see_shrK [simp]: |
114 "evs \<in> yahalom ==> (Key (shrK A) \<in> parts (knows Spy evs)) = (A \<in> bad)" |
113 "evs \<in> yahalom ==> (Key (shrK A) \<in> parts (knows Spy evs)) = (A \<in> bad)" |
115 apply (erule yahalom.induct, force, |
114 apply (erule yahalom.induct, force, |
116 drule_tac [6] YM4_parts_knows_Spy, simp_all) |
115 drule_tac [6] YM4_parts_knows_Spy, simp_all, blast+) |
117 apply blast+ |
|
118 done |
116 done |
119 |
117 |
120 lemma Spy_analz_shrK [simp]: |
118 lemma Spy_analz_shrK [simp]: |
121 "evs \<in> yahalom ==> (Key (shrK A) \<in> analz (knows Spy evs)) = (A \<in> bad)" |
119 "evs \<in> yahalom ==> (Key (shrK A) \<in> analz (knows Spy evs)) = (A \<in> bad)" |
122 by auto |
120 by auto |
150 "evs \<in> yahalom ==> |
148 "evs \<in> yahalom ==> |
151 \<forall>K KK. KK <= - (range shrK) --> |
149 \<forall>K KK. KK <= - (range shrK) --> |
152 (Key K \<in> analz (Key`KK Un (knows Spy evs))) = |
150 (Key K \<in> analz (Key`KK Un (knows Spy evs))) = |
153 (K \<in> KK | Key K \<in> analz (knows Spy evs))" |
151 (K \<in> KK | Key K \<in> analz (knows Spy evs))" |
154 apply (erule yahalom.induct, force, |
152 apply (erule yahalom.induct, force, |
155 drule_tac [6] YM4_analz_knows_Spy) |
153 drule_tac [6] YM4_analz_knows_Spy, analz_freshK, spy_analz) |
156 apply analz_freshK |
|
157 apply spy_analz |
|
158 done |
154 done |
159 |
155 |
160 lemma analz_insert_freshK: "[| evs \<in> yahalom; KAB \<notin> range shrK |] ==> |
156 lemma analz_insert_freshK: "[| evs \<in> yahalom; KAB \<notin> range shrK |] ==> |
161 (Key K \<in> analz (insert (Key KAB) (knows Spy evs))) = |
157 (Key K \<in> analz (insert (Key KAB) (knows Spy evs))) = |
162 (K = KAB | Key K \<in> analz (knows Spy evs))" |
158 (K = KAB | Key K \<in> analz (knows Spy evs))" |
187 {|Crypt (shrK A) {|Agent B, Key K, na, nb|}, |
183 {|Crypt (shrK A) {|Agent B, Key K, na, nb|}, |
188 Crypt (shrK B) {|Agent A, Key K|}|} |
184 Crypt (shrK B) {|Agent A, Key K|}|} |
189 \<in> set evs --> |
185 \<in> set evs --> |
190 Key K \<notin> analz (knows Spy evs)" |
186 Key K \<notin> analz (knows Spy evs)" |
191 apply (erule yahalom.induct, force, drule_tac [6] YM4_analz_knows_Spy) |
187 apply (erule yahalom.induct, force, drule_tac [6] YM4_analz_knows_Spy) |
192 apply (simp_all add: pushes analz_insert_eq analz_insert_freshK) |
188 apply (simp_all add: pushes analz_insert_eq analz_insert_freshK, spy_analz) (*Fake*) |
193 apply spy_analz (*Fake*) |
|
194 apply (blast dest: unique_session_keys) (*YM3*) |
189 apply (blast dest: unique_session_keys) (*YM3*) |
195 done |
190 done |
196 |
191 |
197 (*Final version*) |
192 (*Final version*) |
198 lemma Spy_not_see_encrypted_key: |
193 lemma Spy_not_see_encrypted_key: |