src/HOL/Auth/Recur.ML
changeset 2481 ee461c8bc9c3
parent 2455 9c4444bfd44e
child 2485 c4368c967c56
--- a/src/HOL/Auth/Recur.ML	Tue Jan 07 10:18:20 1997 +0100
+++ b/src/HOL/Auth/Recur.ML	Tue Jan 07 10:19:43 1997 +0100
@@ -19,7 +19,7 @@
 **)
 
 (*Simplest case: Alice goes directly to the server*)
-goal thy 
+goal thy
  "!!A. A ~= Server   \
 \ ==> EX K NA. EX evs: recur lost.          \
 \     Says Server A {|Agent A,              \
@@ -29,13 +29,15 @@
 by (REPEAT (resolve_tac [exI,bexI] 1));
 by (rtac (recur.Nil RS recur.RA1 RS 
 	  (respond.One RSN (4,recur.RA3))) 2);
-by (ALLGOALS (simp_tac (!simpset setsolver safe_solver)));
-by (REPEAT_FIRST (eq_assume_tac ORELSE' resolve_tac [refl, conjI]));
+by (REPEAT
+    (ALLGOALS (asm_simp_tac (!simpset setsolver safe_solver))
+     THEN
+     REPEAT_FIRST (eq_assume_tac ORELSE' resolve_tac [refl, conjI])));
 result();
 
 
 (*Case two: Alice, Bob and the server*)
-goal thy 
+goal thy
  "!!A B. [| A ~= B; A ~= Server; B ~= Server |]   \
 \ ==> EX K. EX NA. EX evs: recur lost.          \
 \       Says B A {|Agent A, Crypt (shrK A) {|Key K, Agent B, Nonce NA|}, \
@@ -45,6 +47,7 @@
 by (rtac (recur.Nil RS recur.RA1 RS recur.RA2 RS 
 	  (respond.One RS respond.Cons RSN (4,recur.RA3)) RS
 	  recur.RA4) 2);
+bw HPair_def;
 by (REPEAT
     (REPEAT_FIRST (eq_assume_tac ORELSE' resolve_tac [refl, conjI])
      THEN
@@ -53,7 +56,7 @@
 
 
 (*Case three: Alice, Bob, Charlie and the server*)
-goal thy 
+goal thy
  "!!A B. [| A ~= B; A ~= Server; B ~= Server |]   \
 \ ==> EX K. EX NA. EX evs: recur lost.          \
 \       Says B A {|Agent A, Crypt (shrK A) {|Key K, Agent B, Nonce NA|}, \
@@ -63,6 +66,7 @@
 by (rtac (recur.Nil RS recur.RA1 RS recur.RA2 RS recur.RA2 RS 
 	  (respond.One RS respond.Cons RS respond.Cons RSN
 	   (4,recur.RA3)) RS recur.RA4 RS recur.RA4) 2);
+bw HPair_def;
 by (REPEAT	(*SLOW: 37 seconds*)
     (REPEAT_FIRST (eq_assume_tac ORELSE' resolve_tac [refl, conjI])
      THEN
@@ -313,6 +317,8 @@
     dres_inst_tac [("lost","lost")] RA4_analz_sees_Spy 6;
 
 
+Delsimps [image_insert];
+
 (** Session keys are not used to encrypt other session keys **)
 
 (*Version for "responses" relation.  Handles case RA3 in the theorem below.  
@@ -339,8 +345,8 @@
 \  ALL K I. (Key K : analz (Key``(newK``I) Un (sees lost Spy evs))) = \
 \           (K : newK``I | Key K : analz (sees lost Spy evs))";
 by (etac recur.induct 1);
+be subst 4;	(*RA2: DELETE needless definition of PA!*)
 by analz_Fake_tac;
-be ssubst 4;	(*RA2: DELETE needless definition of PA!*)
 by (REPEAT_FIRST (ares_tac [allI, analz_image_newK_lemma]));
 by (ALLGOALS (asm_simp_tac (!simpset addsimps [resp_analz_image_newK_lemma])));
 (*Base*)
@@ -381,7 +387,7 @@
 \                (Nonce (newN i) : parts {X} --> \
 \                 Hash X ~: parts (sees lost Spy evs))";
 be recur.induct 1;
-be ssubst 4;	(*RA2: DELETE needless definition of PA!*)
+be subst 4;	(*RA2: DELETE needless definition of PA!*)
 by parts_Fake_tac;
 (*RA3 requires a further induction*)
 be responses.induct 5;
@@ -416,7 +422,7 @@
 \        Hash {|Key(shrK A), Agent A, Agent B, Nonce NA, P|} \
 \          : parts (sees lost Spy evs)  -->  B=B' & P=P'";
 be recur.induct 1;
-be ssubst 4;	(*RA2: DELETE needless definition of PA!*)
+be subst 4;	(*RA2: DELETE needless definition of PA!*)
 (*For better simplification of RA2*)
 by (res_inst_tac [("x1","XA")] (insert_commute RS ssubst) 4);
 by parts_Fake_tac;
@@ -431,9 +437,8 @@
                       addDs [impOfSubs analz_subset_parts,
 			     impOfSubs Fake_parts_insert]
 		      addss (!simpset)) 2);
-(*Base*)
+(*Base*) (** LEVEL 9 **)
 by (fast_tac (!claset addss (!simpset)) 1);
-
 by (ALLGOALS (simp_tac (!simpset addsimps [all_conj_distrib]))); 
 (*RA1: creation of new Nonce.  Move assertion into global context*)
 by (expand_case_tac "NA = ?y" 1);
@@ -450,13 +455,14 @@
 by (best_tac (!claset addss  (!simpset)) 1);
 val lemma = result();
 
-goal thy 
- "!!evs.[| Hash {|Key(shrK A), Agent A, Agent B, Nonce NA, P|}   \
+goalw thy [HPair_def]
+ "!!evs.[| HPair (Key(shrK A)) {|Agent A, Agent B, Nonce NA, P|}   \
 \            : parts (sees lost Spy evs);                        \
-\          Hash {|Key(shrK A), Agent A, Agent B', Nonce NA, P'|} \
+\          HPair (Key(shrK A)) {|Agent A, Agent B', Nonce NA, P'|} \
 \            : parts (sees lost Spy evs);                        \
 \          evs : recur lost;  A ~: lost |]                      \
 \        ==> B=B' & P=P'";
+by (REPEAT (eresolve_tac partsEs 1));
 by (prove_unique_tac lemma 1);
 qed "unique_NA";
 
@@ -465,17 +471,6 @@
       (relations "respond" and "responses") 
 ***)
 
-(*The response never contains Hashes*)
-(*NEEDED????????????????*)
-goal thy
- "!!evs. (j,PB,RB) : respond i \
-\        ==> Hash {|Key (shrK B), M|} : parts (insert RB H) --> \
-\            Hash {|Key (shrK B), M|} : parts H";
-be (respond_imp_responses RS responses.induct) 1;
-by (Auto_tac());
-bind_thm ("Hash_in_parts_respond", result() RSN (2, rev_mp));
-
-
 goal thy
  "!!evs. [| RB : responses i;  evs : recur lost |] \
 \ ==> (Key (shrK B) : analz (insert RB (sees lost Spy evs))) = (B:lost)";
@@ -556,7 +551,7 @@
 \          Crypt (shrK A') {|Key K, Agent B', N'|} : parts {RB};   \
 \          (j,PB,RB) : respond i |]               \
 \ ==>   (A'=A & B'=B) | (A'=B & B'=A)";
-by (prove_unique_tac lemma 1);	(*33 seconds, due to the disjunctions*)
+by (prove_unique_tac lemma 1);	(*50 seconds??, due to the disjunctions*)
 qed "unique_session_keys";
 
 
@@ -565,7 +560,7 @@
     the premises, e.g. by having A=Spy **)
 
 goal thy 
- "!!j. (j, {|Hash {|Key(shrK A), Agent A, B, NA, P|}, X|}, RA) : respond i \
+ "!!j. (j, HPair (Key(shrK A)) {|Agent A, B, NA, P|}, RA) : respond i \
 \ ==> Crypt (shrK A) {|Key (newK2 (i,j)), B, NA|} : parts {RA}";
 be respond.elim 1;
 by (ALLGOALS Asm_full_simp_tac);
@@ -579,7 +574,7 @@
 \            Key K ~: analz (insert RB (sees lost Spy evs))";
 be respond.induct 1;
 by (forward_tac [respond_imp_responses] 2);
-by (ALLGOALS
+by (ALLGOALS (*4 MINUTES???*)
     (asm_simp_tac 
      (!simpset addsimps 
 	  ([analz_image_newK, not_parts_not_analz,
@@ -615,8 +610,8 @@
 \            Crypt (shrK A) {|Key K, Agent A', N|} : parts{RB} -->  \
 \            Key K ~: analz (sees lost Spy evs)";
 by (etac recur.induct 1);
+be subst 4;	(*RA2: DELETE needless definition of PA!*)
 by analz_Fake_tac;
-be ssubst 4;	(*RA2: DELETE needless definition of PA!*)
 by (ALLGOALS
     (asm_simp_tac
      (!simpset addsimps [not_parts_not_analz, analz_insert_Key_newK] 
@@ -654,14 +649,23 @@
 
 (**** Authenticity properties for Agents ****)
 
+(*The response never contains Hashes*)
+(*NEEDED????????????????*)
+goal thy
+ "!!evs. (j,PB,RB) : respond i \
+\        ==> Hash {|Key (shrK B), M|} : parts (insert RB H) --> \
+\            Hash {|Key (shrK B), M|} : parts H";
+be (respond_imp_responses RS responses.induct) 1;
+by (Auto_tac());
+bind_thm ("Hash_in_parts_respond", result() RSN (2, rev_mp));
+
 (*NEEDED????????????????*)
 (*Only RA1 or RA2 can have caused such a part of a message to appear.*)
-goal thy 
+goalw thy [HPair_def]
  "!!evs. [| Hash {|Key(shrK A), Agent A, Agent B, NA, P|}         \
 \             : parts (sees lost Spy evs);                        \
 \            A ~: lost;  evs : recur lost |]                        \
-\        ==> Says A B {|Hash{|Key(shrK A), Agent A, Agent B, NA, P|},  \
-\                       Agent A, Agent B, NA, P|}  \
+\        ==> Says A B (HPair (Key(shrK A)) {|Agent A, Agent B, NA, P|})  \
 \             : set_of_list evs";
 be rev_mp 1;
 by (parts_induct_tac 1);
@@ -676,14 +680,6 @@
 qed_spec_mp "Hash_auth_sender";
 
 
-(*NEEDED????????????????*)
-goal thy "!!i. {|Hash {|Key (shrK Server), M|}, M|} : responses i ==> R";
-be setup_induction 1;
-be responses.induct 1;
-by (ALLGOALS Asm_simp_tac); 
-qed "responses_no_Hash_Server";
-
-
 val nonce_not_seen_now = le_refl RSN (2, new_nonces_not_seen) RSN (2,rev_notE);