Nuprl Lemma : CR-protocol-fresh

{

s:SES
(ActionsDisjoint

FreshSignatures([CR-initiator1{i:l}(s);

                        CR-initiator2{i:l}(s);

                        CR-initiator3;

                        CR-responder1{i:l}(s);

                        CR-responder2{i:l}(s); CR-responder3])) }

{ Proof }

Definitions occuring in Statement : CR-responder3: CR-responder3, CR-responder2: CR-responder2{i:l}(s), CR-responder1: CR-responder1{i:l}(s), CR-initiator3: CR-initiator3, CR-initiator2: CR-initiator2{i:l}(s), CR-initiator1: CR-initiator1{i:l}(s), fresh-sig-protocol1: FreshSignatures(bss), ses-disjoint: ActionsDisjoint, security-event-structure: SES, all:

x:A. B[x], implies: P

Q, cons: [car / cdr], nil: []
Definitions : atom_eq: atomeqn def, list_ind: list_ind def, id-sdata: data(x), sdata-pair: <d1, d2>, sq_type: SQType(T), sqequal: s ~ t, ind: ind def, true: True, ses-is-fresh: ses-is-fresh(f;A;pas), decide: case b of inl(x) => s[x] | inr(y) => t[y], event_ordering: EO, int_seg: {i..j

}, atom: Atom, dep-isect: Error :dep-isect, record+: record+, set: {x:A| B[x]} , spread: spread def, ses-is-protocol-action: pa(e), atom-sdata: data(a), token: "$token", mk-pa: n(v), protocol-action: ProtocolAction, ses-fresh-sequence: ses-fresh-sequence(f;A;pas), ses-is-protocol-actions: pas(thr), basic-seq-1-4: A

B: pas[A;B;m;n;x;y], basic-seq-1-5: A

B: pas[A;B;m;n;x;y;z], basic-seq-1-3: A

B: pas[A; B; m; n; x], basic-seq-1-1: A

B: pas[A; B; m], is-basic-seq: thr[A;B] |= bs, rev_implies: P

Q, iff: P

Q, l_exists: (

x

L. P[x]), ses-basic-sequence1: Basic1, CR-responder2: CR-responder2{i:l}(s), CR-responder1: CR-responder1{i:l}(s), CR-initiator3: CR-initiator3, CR-initiator2: CR-initiator2{i:l}(s), CR-initiator1: CR-initiator1{i:l}(s), fpf: a:A fp-> B[a], es-E-interface: E(X), eclass: EClass(A[eo; e]), list: type List, limited-type: LimitedType, pair: <a, b>, bfalse: ff, btrue: tt, universe: Type, le_int: i

z j, eq_int: (i =

j), eq_atom: x =a y, null: null(as), set_blt: a <

b, grp_blt: a <

b, infix_ap: x f y, dcdr-to-bool: [d]

, bl-all: (

x

L.P[x])_b, bl-exists: (

x

L.P[x])_b, b-exists: (

i<n.P[i])_b, eq_type: eq_type(T;T'), eq_atom: eq_atom$n(x;y), qeq: qeq(r;s), q_less: q_less(r;s), q_le: q_le(r;s), deq-member: deq-member(eq;x;L), deq-disjoint: deq-disjoint(eq;as;bs), deq-all-disjoint: deq-all-disjoint(eq;ass;bs), eq_str: Error :eq_str, eq_id: a = b, eq_lnk: a = b, es-eq-E: e = e', es-bless: e <loc e', es-ble: e

loc e', bimplies: p

q, band: p

q, bor: p

q, bnot:

b, int:

, bool:

, it:

, inr: inr x , tree_con: tree_con(E;T), apply: f a, so_apply: x[s], or: P

Q, guard: {T}, l_member: (x

l), subtype: S

T, rec: rec(x.A[x]), tree: Tree(E), void: Void, false: False, select: l[i], inl: inl x , sdata-atoms: sdata-atoms(d), length: ||as||, natural_number: $n, lt_int: i <z j, ifthenelse: if b then t else f fi , lambda:

x.A[x], equal: s = t, member: t

T, strong-subtype: strong-subtype(A;B), assert:

b, tl: tl(l), hd: hd(l), le: A

B, ge: i

j , not:

A, less_than: a < b, uimplies: b supposing a, and: P

Q, uiff: uiff(P;Q), subtype_rel: A

r B, isect:

x:A. B[x], uall:

[x:A]. B[x], sdata: SecurityData, unit: Unit, atom: Atom$n, union: left + right, prop:

, ses-disjoint: ActionsDisjoint, security-event-structure: SES, fresh-sig-protocol1: FreshSignatures(bss), exists:

x:A. B[x], product: x:A

B[x], all:

x:A. B[x], implies: P

Q, ses-fresh-thread: ses-fresh-thread(s;es;f;A;thr), ses-protocol1-thread: (thr is one of bss at A), cons: [car / cdr], nil: [], CR-responder3: CR-responder3, Id: Id, ses-thread: Thread, event-ordering+: EO+(Info), ses-info: Info, function: x:A

B[x], Auto: Error :Auto, CollapseTHEN: Error :CollapseTHEN, tactic: Error :tactic
Lemmas : unit_wf, sdata-atoms_wf, length_wf1, lt_int_wf, ifthenelse_wf, uiff_inversion, sdata_wf, length_wf_nat, select_wf, event-ordering+_wf, ses-info_wf, ses-thread_wf, Id_wf, ses-protocol1-thread_wf, CR-responder3_wf, ses-fresh-thread_wf, fresh-sig-protocol1_wf, security-event-structure_wf, ses-disjoint_wf, bool_wf, uiff_transitivity, eqtt_to_assert, assert_of_lt_int, assert_wf, le_wf, eqff_to_assert, assert_functionality_wrt_uiff, bnot_of_lt_int, assert_of_le_int, le_int_wf, bnot_wf, bfalse_wf, member_wf, subtype_rel_wf, it_wf, CR-initiator1_wf, CR-initiator2_wf, CR-initiator3_wf, CR-responder1_wf, CR-responder2_wf, ses-basic-sequence1_wf, false_wf, l_member_wf, iff_transitivity, cons_member, or_functionality_wrt_iff, iff_wf, rev_implies_wf, nil_member, is-basic-seq_wf, ses-is-protocol-actions-fresh, mk-pa_wf, atom-sdata_wf, protocol-action_wf, ses-fresh-sequence_wf, not_wf, int_seg_wf, assert-ses-is-fresh, ses-is-fresh_wf, true_wf, subtype_base_sq, sdata-pair_wf, id-sdata_wf, assert_of_eq_atom2, assert_of_bnot, not_functionality_wrt_uiff, eq_atom2_self, btrue_wf, assert_of_eq_atom1, eq_atom1_self

\mforall{}s:SES (ActionsDisjoint {}\mRightarrow{} FreshSignatures([CR-initiator1\{i:l\}(s); CR-initiator2\{i:l\}(s); CR-initiator3; CR-responder1\{i:l\}(s); CR-responder2\{i:l\}(s); CR-responder3])) Date html generated: 2011_08_17-PM-07_50_08 Last ObjectModification: 2010_12_23-AM-02_02_02 Home Index