lemma"Nonce n ∈ parts {X} ==> Crypt (shrK A) X ∈ guard n {shrK A}" apply (rule shrK_is_invKey_shrK_substI, rule invKey_invKey_substI) by (rule Guard_Nonce, simp+)
subsubsection‹guardedness results on nonces›
lemma guard_ciph [simp]: "shrK A ∈ Ks ==> Ciph A X ∈ guard n Ks" by (rule Guard_Nonce, simp)
lemma guardK_ciph [simp]: "shrK A ∈ Ks ==> Ciph A X ∈ guardK n Ks" by (rule Guard_Key, simp)
lemma Guard_init [iff]: "Guard n Ks (initState B)" by (induct B, auto simp: Guard_def initState.simps)
lemma Guard_knows_max': "Guard n Ks (knows_max' C evs) \<Longrightarrow> Guard n Ks (knows_max C evs)" by (simp add: knows_max_def)
lemma Nonce_not_used_Guard_spies [dest]: "Nonce n ∉ used evs \<Longrightarrow> Guard n Ks (spies evs)" by (auto simp: Guard_def dest: not_used_not_known parts_sub)
lemma Nonce_not_used_Guard [dest]: "[evs ∈ p; Nonce n ∉ used evs; Gets_correct p; one_step p]==> Guard n Ks (knows (Friend C) evs)" by (auto simp: Guard_def dest: known_used parts_trans)
lemma Nonce_not_used_Guard_max [dest]: "[evs ∈ p; Nonce n ∉ used evs; Gets_correct p; one_step p]==> Guard n Ks (knows_max (Friend C) evs)" by (auto simp: Guard_def dest: known_max_used parts_trans)
lemma Nonce_not_used_Guard_max' [dest]: "[evs ∈ p; Nonce n ∉ used evs; Gets_correct p; one_step p]==> Guard n Ks (knows_max' (Friend C) evs)" apply (rule_tac H="knows_max (Friend C) evs"in Guard_mono) by (auto simp: knows_max_def)
subsubsection‹guardedness results on keys›
lemma GuardK_init [simp]: "n ∉ range shrK ==> GuardK n Ks (initState B)" by (induct B, auto simp: GuardK_def initState.simps)
lemma GuardK_knows_max': "[GuardK n A (knows_max' C evs); n ∉ range shrK] \<Longrightarrow> GuardK n A (knows_max C evs)" by (simp add: knows_max_def)
lemma Key_not_used_GuardK_spies [dest]: "Key n ∉ used evs \<Longrightarrow> GuardK n A (spies evs)" by (auto simp: GuardK_def dest: not_used_not_known parts_sub)
lemma Key_not_used_GuardK [dest]: "[evs ∈ p; Key n ∉ used evs; Gets_correct p; one_step p]==> GuardK n A (knows (Friend C) evs)" by (auto simp: GuardK_def dest: known_used parts_trans)
lemma Key_not_used_GuardK_max [dest]: "[evs ∈ p; Key n ∉ used evs; Gets_correct p; one_step p]==> GuardK n A (knows_max (Friend C) evs)" by (auto simp: GuardK_def dest: known_max_used parts_trans)
lemma Key_not_used_GuardK_max' [dest]: "[evs ∈ p; Key n ∉ used evs; Gets_correct p; one_step p]==> GuardK n A (knows_max' (Friend C) evs)" apply (rule_tac H="knows_max (Friend C) evs"in GuardK_mono) by (auto simp: knows_max_def)
subsubsection‹regular protocols›
definition regular :: "event list set => bool"where "regular p ≡∀evs A. evs ∈ p ⟶ (Key (shrK A) ∈ parts (spies evs)) = (A ∈ bad)"
lemma shrK_parts_iff_bad [simp]: "[evs ∈ p; regular p]==> (Key (shrK A) ∈ parts (spies evs)) = (A ∈ bad)" by (auto simp: regular_def)
lemma shrK_analz_iff_bad [simp]: "[evs ∈ p; regular p]==> (Key (shrK A) ∈ analz (spies evs)) = (A ∈ bad)" by auto
lemma Guard_Nonce_analz: "[Guard n Ks (spies evs); evs ∈ p; shrK_set Ks; good Ks; regular p]==> Nonce n ∉ analz (spies evs)" apply (clarify, simp only: knows_decomp) apply (drule Guard_invKey_keyset, simp+, safe) apply (drule in_good, simp) apply (drule in_shrK_set, simp+, clarify) apply (frule_tac A=A in shrK_analz_iff_bad) by (simp add: knows_decomp)+
lemma GuardK_Key_analz: assumes"GuardK n Ks (spies evs)""evs ∈ p""shrK_set Ks" "good Ks""regular p""n ∉ range shrK" shows"Key n ∉ analz (spies evs)" proof (rule ccontr) assume"¬ Key n ∉ analz (knows Spy evs)" thenhave *: "Key n ∈ analz (spies' evs ∪ initState Spy)" by (simp add: knows_decomp) from‹GuardK n Ks (spies evs)› have"GuardK n Ks (spies' evs ∪ initState Spy)" by (simp add: knows_decomp) thenhave"GuardK n Ks (spies' evs)" and"finite (spies' evs)""keyset (initState Spy)" by simp_all moreoverhave"Key n ∉ initState Spy" using‹n ∉ range shrK›by (simp add: image_iff initState_Spy) ultimatelyobtain K where"K ∈ Ks"and **: "Key K ∈ analz (spies' evs ∪ initState Spy)" using * by (auto dest: GuardK_invKey_keyset) from‹K ∈ Ks›and‹good Ks›have"agt K ∉ bad" by (auto dest: in_good) from‹K ∈ Ks›‹shrK_set Ks›obtain A where"K = shrK A" by (auto dest: in_shrK_set) thenhave"agt K ∈ bad" using ** ‹evs ∈ p›‹regular p› shrK_analz_iff_bad [of evs p "agt K"] by (simp add: knows_decomp) with‹agt K ∉ bad›show False by simp qed
Die Informationen auf dieser Webseite wurden
nach bestem Wissen sorgfältig zusammengestellt. Es wird jedoch weder Vollständigkeit, noch Richtigkeit,
noch Qualität der bereit gestellten Informationen zugesichert.
Bemerkung:
Die farbliche Syntaxdarstellung und die Messung sind noch experimentell.
