Simplified proofs in NS_Public

2026-03-04 00:56:37 +01:00
parent 96e5d59603
commit 7367681bc6
4 changed files with 313 additions and 391 deletions
@@ -220,7 +220,7 @@ by
  | fst _ ih => rcases ih with ⟨Z, ⟨l, r⟩⟩; exists Z; and_intros; apply l; apply parts.fst; exact r
  | snd _ ih => rcases ih with ⟨Z, ⟨l, r⟩⟩; exists Z; and_intros; apply l; apply parts.snd; exact r
  | body _ ih => rcases ih with ⟨Z, ⟨l, r⟩⟩; exists Z; and_intros; apply l; apply parts.body; exact r
-
+  
 -- parts_union lemma
@[simp]
 lemma parts_union {G H : Set Msg} : parts (G ∪ H) = parts G ∪ parts H :=
@@ -323,7 +323,6 @@ abbrev partsClosureOperator : ClosureOperator (Set Msg) :=
 lemma parts_idem {H : Set Msg} : parts (parts H) = parts H :=
  by apply partsClosureOperator.idempotent

-@[simp]
 lemma parts_subset_iff {G H : Set Msg} : (G ⊆ parts H) ↔ (parts G ⊆ parts H) :=
 by apply partsClosureOperator.le_closure_iff

@@ -338,12 +337,20 @@ by
  intro a b; rw[parts_union]; rw[parts_insert] at a; cases a <;> grind[parts_trans]
  
@[simp]
-lemma parts_cut_eq :
-  X ∈ parts H → (parts (insert X H) = parts H) :=
+lemma parts_cut_eq {h : X ∈ parts H}:
+  parts (insert X H) = parts H :=
 by
-  intro h; simp[parts_insert]; rw[parts_idem]
+  simp[parts_insert];
  apply_rules [parts_subset_iff.mp, Set.singleton_subset_iff.mpr]
  
+-- parts_element lemma
+lemma parts_element:
+  X ∈ parts H ↔ parts {X} ⊆ parts H
+:= by
+  constructor
+  · intro h; apply_rules [ parts_subset_iff.mp, Set.singleton_subset_iff.mpr ]
+  · intro h; aapply parts_subset_iff.mpr; simp
+
@[simp]
 lemma parts_insert_Agent {H : Set Msg} {agt : Agent} :
  parts (insert (Agent agt) H) = insert (Agent agt) (parts H) :=
@@ -383,7 +390,7 @@ by
 lemma parts_singleton_Nonce :
  parts {Nonce N} = {Nonce N} := by
  rw[Set.singleton_def, parts_insert_Nonce, parts_empty]
-
+  
@[simp]
 lemma parts_insert_Number {H : Set Msg} {N : Nat} :
  parts (insert (Number N) H) = insert (Number N) (parts H) :=
@@ -805,11 +812,11 @@ lemma analz_insert_MPair {H : Set Msg} {X Y : Msg} [InvKey] :
        | snd => aapply analz.snd
        | decrypt => aapply analz.decrypt

-lemma analz_insert_Decrypt {H : Set Msg} {K : Key} {X : Msg} [InvKey] :
-  Key (invKey K) ∈ analz H →
+@[simp]
+lemma analz_insert_Decrypt [InvKey]
+  { h : Key (invKey K) ∈ analz H  } :
  analz (insert (Crypt K X) H) = insert (Crypt K X) (analz (insert X H)) :=
 by
-  intro
  ext
  constructor
  · intro h
@@ -835,11 +842,10 @@ by
      | decrypt => aapply analz.decrypt

@[simp]
-lemma analz_Crypt {H : Set Msg} {K : Key} {X : Msg} [InvKey] :
-  (Key (invKey K) ∉ analz H) →
+lemma analz_Crypt [InvKey]
+  { h : (Key (invKey K) ∉ analz H)  } :
  (analz (insert (Crypt K X) H) = insert (Crypt K X) (analz H)) :=
 by
-  intro h
  ext
  constructor
  · intro a; induction a with
@@ -870,6 +876,19 @@ by
  cases ih₁ with
  | inl => simp_all; apply analz.inj; left; trivial
  | inr => aapply analz.decrypt
+  
+lemma analz_insert_Crypt_element [InvKey] :
+  M ∈ analz (insert (Crypt K X) H) ↔ 
+  ((Key (invKey K) ∈ analz H ∧ M ∈ insert (Crypt K X) (analz (insert X H))) ∨
+   (Key (invKey K) ∉ analz H ∧ M ∈ insert (Crypt K X) (analz H)))
+:= by
+  constructor
+  · intro h; by_cases invK_in_H : Msg.Key (invKey K) ∈ analz H
+    · left; rw[←analz_insert_Decrypt]; aapply And.intro; assumption
+    · right; rw[←analz_Crypt]; aapply And.intro; assumption
+  · intro h; rcases h with (⟨_, _⟩ | ⟨_, _⟩)
+    · rw[analz_insert_Decrypt]; assumption; assumption
+    · rw[analz_Crypt]; assumption; assumption

@[simp]
 lemma analz_image_Key {N : Set Key} [InvKey] : analz (Key '' N) = Key '' N :=
@@ -1066,17 +1085,25 @@ by
  intro hY hX; apply synth_trans; apply hY
  intro a h; cases h; simp_all; aapply synth.inj

-@[simp]
-lemma Crypt_synth_eq [InvKey] {H : Set Msg} {K : Key} {X : Msg} :
-  Key K ∉ H → (Crypt K X ∈ synth H ↔ Crypt K X ∈ H) :=
-by
-  intro hK
+lemma Crypt_synth_EK [InvKey] :
+  (Crypt K X ∈ synth H) ↔
+  (Crypt K X ∈ H ∨ ( Key K ∈ H ∧ X ∈ synth H)) :=
+  by
  constructor
-  · intro h
-    cases h; assumption; contradiction
-  · intro h
-    exact synth.inj h
+  · intro h; cases h <;> tauto
+  · intro h; cases h
+    · aapply synth.inj
+    · apply synth.crypt <;> tauto

+@[simp]
+lemma Crypt_synth_eq [InvKey]
+  { hK : Key K ∉ H } :
+  (Crypt K X ∈ synth H ↔ Crypt K X ∈ H) :=
+by
+  constructor
+  · intro h; simp[Crypt_synth_EK] at h; tauto
+  · intro h; exact synth.inj h
+  
@[simp]
 lemma keysFor_synth [InvKey] {H : Set Msg} :
  keysFor (synth H) = keysFor H ∪ invKey '' {K | Key K ∈ H} :=
@@ -1102,7 +1129,22 @@ by
    · exists Number 0; aapply synth.crypt; apply synth.number
    · assumption

-
+@[simp]
+lemma Nonce_synth [InvKey] :
+  Nonce NA ∈ synth H ↔ Nonce NA ∈ H
+:= by
+  constructor
+  · intro h; cases h; assumption
+  · aapply synth.inj
+  
+@[simp]
+lemma Key_synth [InvKey] :
+  Key K ∈ synth H ↔ Key K ∈ H
+:= by
+  constructor
+  · intro h; cases h; assumption
+  · aapply synth.inj
+  
 -- Combinations of parts, analz, and synth

@[simp]
@@ -1246,7 +1288,7 @@ lemma analz_disj_parts [InvKey] {H : Set Msg} {X : Msg} :
      exact Or.inr h

@[simp]
-lemma MPair_synth_analz [InvKey] {H : Set Msg} {X Y : Msg} :
+lemma MPair_synth_analz [InvKey] :
  ⦃X, Y⦄ ∈ synth (analz H) ↔ X ∈ synth (analz H) ∧ Y ∈ synth (analz H) :=
  by
    constructor
@@ -1257,10 +1299,12 @@ lemma MPair_synth_analz [InvKey] {H : Set Msg} {X Y : Msg} :
      · apply And.intro <;> assumption
    · intro h; exact synth.mpair h.1 h.2

-lemma Crypt_synth_analz [InvKey] {H : Set Msg} {K : Key} {X : Msg} :
-  Key K ∈ analz H → Key (invKey K) ∈ analz H → ((Crypt K X ∈ synth (analz H)) ↔ X ∈ synth (analz H)) :=
+@[simp]
+lemma Crypt_synth_analz [InvKey]
+  { h₁ : Key K ∈ analz H } 
+  { h₂ : Key (invKey K) ∈ analz H } :
+  ((Crypt K X ∈ synth (analz H)) ↔ X ∈ synth (analz H)) :=
  by
-  intro _ _
  constructor
  · intro h; cases h
    · apply synth.inj; aapply analz.decrypt