src/HOL/Auth/NS_Shared.thy
changeset 11150 67387142225e
parent 11117 55358999077d
child 11188 5d539f1682c3
--- a/src/HOL/Auth/NS_Shared.thy	Fri Feb 16 08:27:17 2001 +0100
+++ b/src/HOL/Auth/NS_Shared.thy	Fri Feb 16 13:25:08 2001 +0100
@@ -71,9 +71,13 @@
 	      \<in> set evso\<rbrakk>
 	 \<Longrightarrow> Notes Spy \<lbrace>Nonce NA, Nonce NB, Key K\<rbrace> # evso \<in> ns_shared"
 
-declare knows_Spy_partsEs [elim]
+
+declare Says_imp_knows_Spy [THEN parts.Inj, dest]
+declare parts.Body  [dest]
+declare MPair_parts [elim!]    (*can speed up some proofs*)
+
 declare analz_subset_parts [THEN subsetD, dest]
-declare Fake_parts_insert [THEN subsetD, dest]
+declare Fake_parts_insert  [THEN subsetD, dest]
 declare image_eq_UN [simp]  (*accelerates proofs involving nested images*)
 
 
@@ -171,10 +175,8 @@
        evs \<in> ns_shared\<rbrakk>
       \<Longrightarrow> (K \<notin> range shrK \<and> X = (Crypt (shrK B) \<lbrace>Key K, Agent A\<rbrace>))
           \<or> X \<in> analz (spies evs)"
-apply (frule Says_imp_knows_Spy)
-(*mystery: why is this frule needed?*)
-apply (blast dest: cert_A_form analz.Inj)
-done
+by (blast dest: Says_imp_knows_Spy cert_A_form analz.Inj)
+
 
 (*Alternative version also provable
 lemma Says_S_message_form2:
@@ -251,7 +253,8 @@
 
 (** Crucial secrecy property: Spy does not see the keys sent in msg NS2 **)
 
-lemma secrecy_lemma [rule_format]:
+(*Beware of [rule_format] and the universal quantifier!*)
+lemma secrecy_lemma:
      "\<lbrakk>Says Server A (Crypt (shrK A) \<lbrace>NA, Agent B, Key K,
                                       Crypt (shrK B) \<lbrace>Key K, Agent A\<rbrace>\<rbrace>)
               \<in> set evs;
@@ -269,7 +272,7 @@
 (*NS3, Server sub-case*) (**LEVEL 6 **)
 apply clarify
 apply (frule Says_imp_knows_Spy [THEN parts.Inj, THEN A_trusts_NS2])
-apply (blast dest: Says_imp_knows_Spy [THEN analz.Inj, THEN Crypt_Spy_analz_bad])
+apply (blast dest: Says_imp_knows_Spy analz.Inj Crypt_Spy_analz_bad)
 apply assumption
 apply (blast dest: unique_session_keys)+ (*also proves Oops*)
 done
@@ -281,9 +284,7 @@
        \<forall>NB. Notes Spy \<lbrace>NA, NB, Key K\<rbrace> \<notin> set evs;
        A \<notin> bad;  B \<notin> bad;  evs \<in> ns_shared\<rbrakk>
       \<Longrightarrow> Key K \<notin> analz (spies evs)"
-apply (frule Says_Server_message_form, assumption)
-apply (auto dest: Says_Server_message_form secrecy_lemma)
-done
+by (blast dest: Says_Server_message_form secrecy_lemma)
 
 
 (**** Guarantees available at various stages of protocol ***)
@@ -291,8 +292,8 @@
 (*If the encrypted message appears then it originated with the Server*)
 lemma B_trusts_NS3:
      "\<lbrakk>Crypt (shrK B) \<lbrace>Key K, Agent A\<rbrace> \<in> parts (spies evs);
-            B \<notin> bad;  evs \<in> ns_shared\<rbrakk>
-          \<Longrightarrow> \<exists>NA. Says Server A
+       B \<notin> bad;  evs \<in> ns_shared\<rbrakk>
+      \<Longrightarrow> \<exists>NA. Says Server A
                (Crypt (shrK A) \<lbrace>NA, Agent B, Key K,
                                  Crypt (shrK B) \<lbrace>Key K, Agent A\<rbrace>\<rbrace>)
               \<in> set evs"
@@ -317,10 +318,9 @@
 apply (force dest!: Crypt_imp_keysFor) 
 apply blast     (*NS3*)
 (*NS4*)
-apply clarify;
-apply (frule Says_imp_knows_Spy [THEN analz.Inj])
-apply (blast dest: Says_imp_knows_Spy [THEN analz.Inj] Crypt_Spy_analz_bad
-                   B_trusts_NS3 unique_session_keys)
+apply (blast dest!: B_trusts_NS3
+	     dest: Says_imp_knows_Spy [THEN analz.Inj] 
+                   Crypt_Spy_analz_bad unique_session_keys)
 done
 
 (*This version no longer assumes that K is secure*)
@@ -349,11 +349,9 @@
 apply (blast dest!: new_keys_not_used Crypt_imp_keysFor)  (*NS2*)
 apply blast  (*NS3*)
 (*NS4*)
-apply (case_tac "Ba \<in> bad")
-apply (blast dest: Says_imp_knows_Spy [THEN analz.Inj] Crypt_Spy_analz_bad);
-apply (frule Says_imp_knows_Spy [THEN parts.Inj, THEN B_trusts_NS3], 
-       assumption+)
-apply (blast dest: unique_session_keys)
+apply (blast dest!: B_trusts_NS3
+	     dest: Says_imp_knows_Spy [THEN analz.Inj] 
+                   unique_session_keys Crypt_Spy_analz_bad)
 done
 
 
@@ -371,12 +369,10 @@
 apply blast  (*Fake*)
 apply (blast dest!: new_keys_not_used Crypt_imp_keysFor)  (*NS2*)
 apply (blast dest!: cert_A_form) (*NS3*)
-(**LEVEL 5**)
 (*NS5*)
-apply clarify
-apply (case_tac "Aa \<in> bad")
-apply (blast dest: Says_imp_knows_Spy [THEN analz.Inj] Crypt_Spy_analz_bad);
-apply (blast dest: A_trusts_NS2 unique_session_keys)
+apply (blast dest!: A_trusts_NS2
+	     dest: Says_imp_knows_Spy [THEN analz.Inj] 
+                   unique_session_keys Crypt_Spy_analz_bad)
 done
 
 
@@ -387,10 +383,7 @@
        \<forall>NA NB. Notes Spy \<lbrace>NA, NB, Key K\<rbrace> \<notin> set evs;
        A \<notin> bad;  B \<notin> bad;  evs \<in> ns_shared\<rbrakk>
       \<Longrightarrow> Says A B (Crypt K \<lbrace>Nonce NB, Nonce NB\<rbrace>) \<in> set evs"
-apply (drule B_trusts_NS3, clarify+)
-apply (blast intro: B_trusts_NS5_lemma 
-             dest: dest: Spy_not_see_encrypted_key)
-(*surprisingly delicate proof due to quantifier interactions*)
-done
+by (blast intro: B_trusts_NS5_lemma 
+          dest: B_trusts_NS3 Spy_not_see_encrypted_key)
 
 end