Package montgomery-thm: Properties of Montgomery multiplication

Information

Files

• Package tarball montgomery-thm-1.15.tgz
• Theory source file montgomery-thm.thy (included in the package tarball)

Theorems

⊦ ∀n r k a m. ¬(n = 0) ∧ n ≤ r ∧ a < r ⇒ Montgomery.doubleExp n r k a m < r

⊦ ∀n r k a.
    ¬(n = 0) ∧ ¬(r = 0) ∧ a ≤ r * r ⇒ Montgomery.reduce n r k a < r + n

⊦ ∀n r k m a.
    ¬(n = 0) ∧ ¬(r = 0) ∧ a ≤ r * m ⇒ Montgomery.reduce n r k a < m + n

⊦ ∀n r k a.
    ¬(n = 0) ∧ ¬(r = 0) ∧ a ≤ r * n ⇒ Montgomery.reduce n r k a < 2 * n

⊦ ∀n r s k a.
    ¬(n = 0) ∧ r * s = k * n + 1 ⇒
    Montgomery.reduce n r k a mod n = a * s mod n

⊦ ∀n r s k a m.
    ¬(n = 0) ∧ n ≤ r ∧ r * s = k * n + 1 ⇒
    Montgomery.doubleExp n r k a m mod n = (a * s) ↑ 2 ↑ m * r mod n

⊦ ∀n r s k a.
    r * s = k * n + 1 ⇒
    Montgomery.reduce n r k a =
    a div r +
    ((a * k mod r) * n div r + if a * (k * n) mod r = 0 then 0 else 1)

⊦ ∀n r s k a.
    2 ↑ r * s = k * n + 1 ⇒
    Montgomery.reduce n (2 ↑ r) k a =
    Bits.shiftRight a r +
    (Bits.shiftRight (Bits.bound (a * k) r * n) r +
     fromBool (¬(Bits.bound (a * (k * n)) r = 0)))

External Type Operators

• →
• bool
• Number
  • Natural
    • natural

External Constants

• =
• Data
  • Bool
    • ∀
    • ∧
    • ⇒
    • ∃
    • ∨
    • ¬
    • cond
    • ⊥
    • ⊤
• Number
  • Natural
    • *
    • +
    • -
    • <
    • ≤
    • ↑
    • bit0
    • bit1
    • div
    • divides
    • fromBool
    • mod
    • suc
    • zero
    • Bits
      • Bits.bound
      • Bits.shiftRight
    • Montgomery
      • Montgomery.doubleExp
      • Montgomery.reduce

Assumptions

⊦ ⊤

⊦ ¬⊥ ⇔ ⊤

⊦ ¬⊤ ⇔ ⊥

⊦ bit0 0 = 0

⊦ ∀t. t ⇒ t

⊦ ∀n. 0 ≤ n

⊦ ∀n. n ≤ n

⊦ ⊥ ⇔ ∀p. p

⊦ ∀t. t ∨ ¬t

⊦ ∀n. ¬(n < n)

⊦ (¬) = λp. p ⇒ ⊥

⊦ ∀t. (∀x. t) ⇔ t

⊦ (∀) = λp. p = λx. ⊤

⊦ ∀t. ¬¬t ⇔ t

⊦ ∀t. (t ⇔ ⊤) ⇔ t

⊦ ∀t. ⊤ ∧ t ⇔ t

⊦ ∀t. t ∧ ⊤ ⇔ t

⊦ ∀t. ⊤ ⇒ t ⇔ t

⊦ ∀t. t ⇒ ⊤ ⇔ ⊤

⊦ ∀t. ⊥ ∨ t ⇔ t

⊦ ∀t. ⊤ ∨ t ⇔ ⊤

⊦ ∀t. t ∨ ⊥ ⇔ t

⊦ ∀t. t ∨ ⊤ ⇔ ⊤

⊦ ∀n. ¬(suc n = 0)

⊦ ∀n. 0 * n = 0

⊦ ∀n. 0 + n = n

⊦ ∀m. m + 0 = m

⊦ ∀t. t ⇒ ⊥ ⇔ ¬t

⊦ ∀n. bit1 n = suc (bit0 n)

⊦ ∀m. m ↑ 0 = 1

⊦ ∀m. m * 1 = m

⊦ ∀n. n ↑ 1 = n

⊦ ∀m. 1 * m = m

⊦ (⇒) = λp q. p ∧ q ⇔ p

⊦ ∀t. (t ⇔ ⊤) ∨ (t ⇔ ⊥)

⊦ ∀m. suc m = m + 1

⊦ ∀t₁ t₂. (if ⊥ then t₁ else t₂) = t₂

⊦ ∀t₁ t₂. (if ⊤ then t₁ else t₂) = t₁

⊦ ∀b. fromBool b = if b then 1 else 0

⊦ ∀n. bit0 (suc n) = suc (suc (bit0 n))

⊦ ∀x y. x = y ⇒ y = x

⊦ ∀m n. m * n = n * m

⊦ ∀m n. m + n = n + m

⊦ ∀n. n ↑ 2 = n * n

⊦ ∀n. 2 * n = n + n

⊦ ∀m n. ¬(m < n) ⇔ n ≤ m

⊦ ∀m. m = 0 ∨ ∃n. m = suc n

⊦ (∧) = λp q. (λf. f p q) = λf. f ⊤ ⊤

⊦ ∀n. ¬(n = 0) ⇒ n mod n = 0

⊦ (∃) = λp. ∀q. (∀x. p x ⇒ q) ⇒ q

⊦ ∀m n. suc m ≤ suc n ⇔ m ≤ n

⊦ ∀m n. m ↑ suc n = m * m ↑ n

⊦ ∀m n. ¬(n = 0) ⇒ m mod n < n

⊦ ∀a b. divides a b ⇔ ∃c. c * a = b

⊦ (∨) = λp q. ∀r. (p ⇒ r) ⇒ (q ⇒ r) ⇒ r

⊦ ∀n r k a. Montgomery.doubleExp n r k a 0 = a

⊦ ∀n k. Bits.bound n k = n mod 2 ↑ k

⊦ ∀n k. Bits.shiftRight n k = n div 2 ↑ k

⊦ ∀m n. n ≤ m ⇒ m - n + n = m

⊦ ∀c x y. (if ¬c then x else y) = if c then y else x

⊦ ∀m n. m < n ⇔ m ≤ n ∧ ¬(m = n)

⊦ ∀m n. ¬(m = 0) ⇒ m * n mod m = 0

⊦ ∀x y z. x = y ∧ y = z ⇒ x = z

⊦ ∀m n p. m * (n * p) = m * n * p

⊦ ∀m n p. m + (n + p) = m + n + p

⊦ ∀m n p. m ↑ (n * p) = (m ↑ n) ↑ p

⊦ ∀a b n. b < a * n ⇒ b div a < n

⊦ ∀m n p. m + n = m + p ⇔ n = p

⊦ ∀p m n. m + p = n + p ⇔ m = n

⊦ ∀m n p. m + n < m + p ⇔ n < p

⊦ ∀m n p. n + m < p + m ⇔ n < p

⊦ ∀m n p. n + m ≤ p + m ⇔ n ≤ p

⊦ ∀m n p. m < n ∧ n < p ⇒ m < p

⊦ ∀m n p. m < n ∧ n ≤ p ⇒ m < p

⊦ ∀m n p. m ≤ n ∧ n ≤ p ⇒ m ≤ p

⊦ ∀m n. m + n = 0 ⇔ m = 0 ∧ n = 0

⊦ ∀p. p 0 ∧ (∀n. p n ⇒ p (suc n)) ⇒ ∀n. p n

⊦ ∀a b. ¬(a = 0) ⇒ (divides a b ⇔ b mod a = 0)

⊦ ∀n m. ¬(n = 0) ⇒ m mod n mod n = m mod n

⊦ ∀m n p. m * (n + p) = m * n + m * p

⊦ ∀m n p. (m + n) * p = m * p + n * p

⊦ ∀m n. ¬(n = 0) ⇒ (m div n) * n + m mod n = m

⊦ ∀m n p. m * p = n * p ⇔ m = n ∨ p = 0

⊦ ∀m n p. m * n ≤ m * p ⇔ m = 0 ∨ n ≤ p

⊦ ∀m n p. m * p ≤ n * p ⇔ m ≤ n ∨ p = 0

⊦ ∀m n p. m * p < n * p ⇔ m < n ∧ ¬(p = 0)

⊦ ∀m n p q. m = n + q * p ⇒ m mod p = n mod p

⊦ ∀p c x y. p (if c then x else y) ⇔ (c ⇒ p x) ∧ (¬c ⇒ p y)

⊦ ∀n m p. ¬(n = 0) ⇒ m * (p mod n) mod n = m * p mod n

⊦ ∀n m p. ¬(n = 0) ⇒ (m mod n) * p mod n = m * p mod n

⊦ ∀n m p. ¬(n = 0) ⇒ (m mod n) ↑ p mod n = m ↑ p mod n

⊦ ∀n r k a. Montgomery.reduce n r k a = (a + (a * k mod r) * n) div r

⊦ ∀n m p. ¬(n = 0) ⇒ (m mod n) * (p mod n) mod n = m * p mod n

⊦ ∀n a b. ¬(n = 0) ⇒ (a mod n + b mod n) mod n = (a + b) mod n

⊦ ∀n r k a m.
    Montgomery.doubleExp n r k a (suc m) =
    let b ← Montgomery.reduce n r k (a * a) in
    let c ← if r ≤ b then b - n else b in
    Montgomery.doubleExp n r k c m

OpenTheory package document generated by opentheory 1.2 (release 20140322)