Proof of Nuprl Lemma : ses-flow-axiom-ordering

Step * 1 of Lemma ses-flow-axiom-ordering

1. s : SES@i'
2. ActionsDisjoint@i'
3. es : EO+(Info)@i'
4. ∀e1,e2:E. ∀a:Atom1.
(ses-flow(s;es;a;e1;e2) ⇒

 ((e1 ≤loc e2  ∧ (e2 has a)) ∨ (∃snd:E(Send). (e1 ≤loc snd  ∧ (snd < e2) ∧ snd has* a))))

5. ∀e1:E(Sign). ∀b:E.
((b has signature(e1))
⇒

 (∃e2:E(Sign). ((Sign(e2) = Sign(e1) ∈ (SecurityData × Id × Atom1)) ∧ ses-flow(s;es;signature(e2);e2;b))))@i'

6. ∀e1:E(Encrypt). ∀b:E.
((b has cipherText(e1))
⇒ (∃e2:E(Encrypt)

          ((Encrypt(e2) = Encrypt(e1) ∈ (SecurityData × Key × Atom1)) ∧ ses-flow(s;es;cipherText(e2);e2;b))))@i'

7. ∀n:E(New). ∀e:E.  ((e has New(n)) ⇒ ses-flow(s;es;New(n);n;e))@i'
8. n : E(New)@i
9. ∀e:E. ((e has New(n)) ⇒ ses-flow(s;es;New(n);n;e))
10. e : E@i
11. (e has New(n))@i
12. ses-flow(s;es;New(n);n;e)
13. snd : E(Send)
14. n = snd ∈ E
15. (snd < e)
16. snd has* New(n)
⊢ (n <loc snd)
BY
{ ((Assert (↑n ∈_b New) ∧ (↑n ∈_b Send) BY
          Auto)
   THEN ((With ⌈es⌉ (D 2)⋅ THENM D -1) THENA Auto)
   THEN InstHyp [⌈n⌉] (-1)⋅
   THEN Auto
   THEN ThinTrivial
   THEN Auto)⋅ }

Latex:

Latex:
1. s : SES@i' 2. ActionsDisjoint@i' 3. es : EO+(Info)@i' 4. \mforall{}e1,e2:E. \mforall{}a:Atom1. (ses-flow(s;es;a;e1;e2) {}\mRightarrow{} ((e1 \mleq{}loc e2 \mwedge{} (e2 has a)) \mvee{} (\mexists{}snd:E(Send). (e1 \mleq{}loc snd \mwedge{} (snd < e2) \mwedge{} snd has* a)))) 5. \mforall{}e1:E(Sign). \mforall{}b:E. ((b has signature(e1)) {}\mRightarrow{} (\mexists{}e2:E(Sign). ((Sign(e2) = Sign(e1)) \mwedge{} ses-flow(s;es;signature(e2);e2;b))))@i' 6. \mforall{}e1:E(Encrypt). \mforall{}b:E. ((b has cipherText(e1)) {}\mRightarrow{} (\mexists{}e2:E(Encrypt). ((Encrypt(e2) = Encrypt(e1)) \mwedge{} ses-flow(s;es;cipherText(e2);e2;b))))@i' 7. \mforall{}n:E(New). \mforall{}e:E. ((e has New(n)) {}\mRightarrow{} ses-flow(s;es;New(n);n;e))@i' 8. n : E(New)@i 9. \mforall{}e:E. ((e has New(n)) {}\mRightarrow{} ses-flow(s;es;New(n);n;e)) 10. e : E@i 11. (e has New(n))@i 12. ses-flow(s;es;New(n);n;e) 13. snd : E(Send) 14. n = snd 15. (snd < e) 16. snd has* New(n) \mvdash{} (n <loc snd) By Latex: ((Assert (\muparrow{}n \mmember{}\msubb{} New) \mwedge{} (\muparrow{}n \mmember{}\msubb{} Send) BY Auto) THEN ((With \mkleeneopen{}es\mkleeneclose{} (D 2)\mcdot{} THENM D -1) THENA Auto) THEN InstHyp [\mkleeneopen{}n\mkleeneclose{}] (-1)\mcdot{} THEN Auto THEN ThinTrivial THEN Auto)\mcdot{} Home Index