---

{ [s:SES]
    [A,B:Id].  uiff(PrivateKey(A) = PrivateKey(B);A = B) supposing PropertyK }

{ Proof }

---

Definitions occuring in Statement :  ses-K: PropertyK,  ses-private-key: PrivateKey(A),  security-event-structure: SES,  encryption-key: Key,  Id: Id,  uiff: uiff(P;Q),  uimplies: b supposing a,  uall: [x:A]. B[x],  equal: s = t
Definitions :  uall: [x:A]. B[x],  uimplies: b supposing a,  uiff: uiff(P;Q),  encryption-key: Key,  ses-private-key: PrivateKey(A),  member: t  T,  and: P  Q,  outr: outr(x),  prop: ,  assert: b,  bnot: b,  isl: isl(x),  btrue: tt,  bfalse: ff,  ifthenelse: if b then t else f fi ,  true: True,  outl: outl(x),  sq_type: SQType(T),  all: x:A. B[x],  implies: P  Q,  guard: {T},  ses-K: PropertyK,  iff: P  Q
Lemmas :  outr_wf,  Id_wf,  assert_wf,  bnot_wf,  isl_wf,  ses-private_wf,  outl_wf,  subtype_base_sq,  union_subtype_base,  atom1_subtype_base,  ses-K_wf,  security-event-structure_wf

---

\mforall{}[s:SES].  \mforall{}[A,B:Id].    uiff(PrivateKey(A)  =  PrivateKey(B);A  =  B)  supposing  PropertyK


Date html generated: 2011_08_17-PM-07_26_37
Last ObjectModification: 2011_06_18-PM-01_21_40

Home Index