---

{ [s:SES]
    [es:EO+(Info)]. [a,b:E(Encrypt)].
      {(plainText(a) = plainText(b))  (key(a) = key(b))} 
      supposing cipherText(a) = cipherText(b) 
    supposing PropertyO }

{ Proof }

---

Definitions occuring in Statement :  ses-ordering: PropertyO,  ses-crypt: cipherText(e),  ses-encryption-key: key(e),  ses-encrypted: plainText(e),  ses-encrypt: Encrypt,  ses-info: Info,  security-event-structure: SES,  encryption-key: Key,  sdata: SecurityData,  es-E-interface: E(X),  event-ordering+: EO+(Info),  uimplies: b supposing a,  uall: [x:A]. B[x],  guard: {T},  and: P  Q,  equal: s = t,  atom: Atom$n
Definitions :  tactic: Error :tactic,  isect: x:A. B[x],  uall: [x:A]. B[x],  equal: s = t,  member: t  T,  function: x:A  B[x],  all: x:A. B[x],  ses-ordering: PropertyO,  security-event-structure: SES,  product: x:A  B[x],  prop: ,  uimplies: b supposing a,  event-ordering+: EO+(Info),  ses-info: Info,  and: P  Q,  implies: P  Q,  or: P  Q,  union: left + right,  exists: x:A. B[x],  es-le: e loc e' ,  es-locl: (e <loc e'),  es-causl: (e < e'),  event-has*: e has* a,  infix_ap: x f y,  record-select: r.x,  es-E-interface: E(X),  ses-encrypt: Encrypt,  top: Top,  record+: record+,  eq_atom: eq_atom$n(x;y),  eq_atom: x =a y,  dep-isect: Error :dep-isect,  eclass: EClass(A[eo; e]),  sdata: SecurityData,  encryption-key: Key,  atom: Atom$n,  so_lambda: x y.t[x; y],  subtype_rel: A r B,  es-E: E,  event_ordering: EO,  lambda: x.A[x],  ifthenelse: if b then t else f fi ,  token: "$token",  apply: f a,  atom: Atom,  universe: Type,  subtype: S  T,  void: Void,  assert: b,  set: {x:A| B[x]} ,  decide: case b of inl(x) => s[x] | inr(y) => t[y],  limited-type: LimitedType,  ses-crypt: cipherText(e),  guard: {T},  pair: <a, b>,  ses-encrypted: plainText(e),  axiom: Ax,  ses-encryption-key: key(e),  uiff: uiff(P;Q),  less_than: a < b,  not: A,  ge: i  j ,  le: A  B,  strong-subtype: strong-subtype(A;B),  bool: ,  CollapseTHEN: Error :CollapseTHEN,  RepeatFor: Error :RepeatFor,  CollapseTHENA: Error :CollapseTHENA,  ParallelOp: Error :ParallelOp,  MaAuto: Error :MaAuto,  eclass-val: X(e),  fpf: a:A fp-> B[a],  RepUR: Error :RepUR,  Auto: Error :Auto,  so_lambda: x.t[x],  pi1: fst(t),  pi2: snd(t)
Lemmas :  pi1_wf_top,  pi1_wf,  pi2_wf,  ses-cipher-unique,  guard_wf,  ses-crypt_wf,  security-event-structure_wf,  ses-ordering_wf,  es-E-interface_wf,  eclass_wf,  member_wf,  es-interface-top,  es-interface-subtype_rel2,  ses-encrypt_wf,  subtype_rel_self,  event-ordering+_inc,  event-ordering+_wf,  subtype_rel_wf,  sdata_wf,  encryption-key_wf,  top_wf,  es-E_wf,  ses-info_wf

---

\mforall{}[s:SES]
    \mforall{}[es:EO+(Info)].  \mforall{}[a,b:E(Encrypt)].
        \{(plainText(a)  =  plainText(b))  \mwedge{}  (key(a)  =  key(b))\}  supposing  cipherText(a)  =  cipherText(b) 
    supposing  PropertyO


Date html generated: 2011_08_17-PM-07_24_19
Last ObjectModification: 2011_06_18-PM-01_17_50

Home Index