Pascal’s Theorem in Real Projective Plane

SummaryIn this article we check, with the Mizar system [2], Pascal’s theorem in the real projective plane (in projective geometry Pascal’s theorem is also known as the Hexagrammum Mysticum Theorem)1. Pappus’ theorem is a special case of a degenerate conic of two lines. For proving Pascal’s theorem, we use the techniques developed in the section “Projective Proofs of Pappus’ Theorem” in the chapter “Pappus’ Theorem: Nine proofs and three variations” [11]. We also follow some ideas from Harrison’s work. With HOL Light, he has the proof of Pascal’s theorem2. For a lemma, we use PROVER93 and OTT2MIZ by Josef Urban4 [12, 6, 7]. We note, that we don’t use Skolem/Herbrand functions (see “Skolemization” in [1]).Rue de la Brasserie 5, 7100 La Louvière, BelgiumJesse Alama. Escape to Mizar for ATPs. arXiv preprint arXiv:1204.6615, 2012.Grzegorz Bancerek, Czesław Byliński, Adam Grabowski, Artur Korniłowicz, Roman Matuszewski, Adam Naumowicz, Karol Pąk, and Josef Urban. Mizar: State-of-the-art and beyond. In Manfred Kerber, Jacques Carette, Cezary Kaliszyk, Florian Rabe, and Volker Sorge, editors, Intelligent Computer Mathematics, volume 9150 of Lecture Notes in Computer Science, pages 261–279. Springer International Publishing, 2015. ISBN 978-3-319-20614-1. doi: 10.1007/978-3-319-20615-817.Roland Coghetto. Homography in ℝ ℙ2. Formalized Mathematics, 24(4):239–251, 2016. doi: 10.1515/forma-2016-0020.Roland Coghetto. Group of homography in real projective plane. Formalized Mathematics, 25(1):55–62, 2017. doi: 10.1515/forma-2017-0005.Agata Darmochwał. The Euclidean space. Formalized Mathematics, 2(4):599–603, 1991.Adam Grabowski. Solving two problems in general topology via types. In Types for Proofs and Programs, International Workshop, TYPES 2004, Jouy-en-Josas, France, December 15-18, 2004, Revised Selected Papers, pages 138–153, 2004. doi: 10.1007/116179909.Adam Grabowski. Mechanizing complemented lattices within Mizar system. Journal of Automated Reasoning, 55:211–221, 2015. doi: 10.1007/s10817-015-9333-5.Kanchun, Hiroshi Yamazaki, and Yatsuka Nakamura. Cross products and tripple vector products in 3-dimensional Euclidean space. Formalized Mathematics, 11(4):381–383, 2003.Wojciech Leończuk and Krzysztof Prażmowski. A construction of analytical projective space. Formalized Mathematics, 1(4):761–766, 1990.Wojciech Leończuk and Krzysztof Prażmowski. Projective spaces – part I. Formalized Mathematics, 1(4):767–776, 1990.Jürgen Richter-Gebert. Pappos’s Theorem: Nine Proofs and Three Variations, pages 3–31. Springer Berlin Heidelberg, 2011. ISBN 978-3-642-17286-1. doi: 10.1007/978-3-642-17286-11.Piotr Rudnicki and Josef Urban. Escape to ATP for Mizar. In First International Workshop on Proof eXchange for Theorem Proving-PxTP 2011, 2011.Wojciech Skaba. The collinearity structure. Formalized Mathematics, 1(4):657–659, 1990.Nobuyuki Tamura and Yatsuka Nakamura. Determinant and inverse of matrices of real elements. Formalized Mathematics, 15(3):127–136, 2007. doi: 10.2478/v10037-007-0014-7.25210711

Automated Unbounded Analysis of Cryptographic Constructions in the Generic Group Model

We develop a new method to automatically prove security statements in the Generic Group Model as they occur in actual papers. We start by defining (i) a general language to describe security definitions, (ii) a class of logical formulas that characterize how an adversary can win, and (iii) a translation from security definitions to such formulas. We prove a Master Theorem that relates the security of the construction to the existence of a solution for the associated logical formulas. Moreover, we define a constraint solving algorithm that proves the security of a construction by proving the absence of solutions. We implement our approach in a fully automated tool, the $gga^{\infty}$ tool, and use it to verify different examples from the literature. The results improve on the tool by Barthe et al. (CRYPTO\u2714, PKC\u2715): for many constructions, $gga^{\infty}$ succeeds in proving standard (unbounded) security, whereas Barthe\u27s tool is only able to prove security for a small number of oracle queries

Boundary-Border Extensions of the Kuratowski Monoid

The Kuratowski monoid $\mathbf{K}$ is generated under operator composition by closure and complement in a nonempty topological space. It satisfies $2\leq|\mathbf{K}|\leq14$. The Gaida-Eremenko (or GE) monoid $\mathbf{KF}$ extends $\mathbf{K}$ by adding the boundary operator. It satisfies $4\leq|\mathbf{KF}|\leq34$. We show that when $|\mathbf{K}|<14$ the GE monoid is determined by $\mathbf{K}$. When $|\mathbf{K}|=14$ if the interior of the boundary of every subset is clopen, then $|\mathbf{KF}|=28$. This defines a new type of topological space we call $Kuratowski\ disconnected$. Otherwise $|\mathbf{KF}|=34$. When applied to an arbitrary subset the GE monoid collapses in one of $70$ possible ways. We investigate how these collapses and $\mathbf{KF}$ interdepend, settling two questions raised by Gardner and Jackson. Computer experimentation played a key role in our research.Comment: 48 pages, 9 figure

Verified programming with explicit coercions

Type systems have proved to be a powerful means of specifying and proving important program invariants. In dependently typed programming languages types can depend on values and hence express arbitrarily complicated propositions and their machine checkable proofs. The type-based approach to program specification allows for the programmer to not only transcribe their intentions, but arranges for their direct involvement in the proving process, thus aiding the machine in its attempt to satisfy difficult obligations. In this thesis we develop a series of patterns for programming in a correct-by-construction style making use of constraints and coercions to prove properties within a dependently typed host. This allows for the development of a verified, kernel which can be built upon using the host system features. In particular this should allow for the development of “tactics” or semiautomated solvers invoked when coercing types all within a single language. The efficacy of this approach is given by the development of a system of expressions indexed by their, exposing a case analysis feature serving to generate value constraints. These constraints are directly reflected into the host allowing for their involvement in the type-checking process. A motivating use case of this design shows how a term’s semantic index information admits an exact, formalized cost analysis amenable to reasoning within the host. Finally we show how such a system is used to identify unreachable dead-code, trivially admitting the design and verification of an SSA style compiler with this optimization. We think such a design of explicitly proving the local correctness of type-transformations in the presence of accumulated constraints can form the basis of a flexible language in concert with a variety of trusted solver

Formal verification of the equivalence of system F and the pure type system L2

We develop a formal proof of the equivalence of two different variants of System F. The first is close to the original presentation where expressions are separated into distinct syntactic classes of types and terms. The second, L2 (also written as λ2), is a particular pure type system (PTS) where the notions of types and terms, and the associated expressions are unified in a single syntactic class. The employed notion of equivalence is a bidirectional reduction of the respective typing relations. A machine-verified proof of this result turns out to be surprisingly intricate, since the two variants noticeably differ in their expression languages, their type systems and the binding of local variables. Most of this work is executed in the Coq theorem prover and encompasses a general development of the PTS metatheory, an equivalence result for a stratified and a PTS variant of the simply typed λ-calculus as well as the subsequent extension to the full equivalence result for System F. We utilise nameless de Bruijn syntax with parallel substitutions for the representation of variable binding and develop an extended notion of context morphism lemmas as a structured proof method for this setting. We also provide two developments of the equivalence result in the proof systems Abella and Beluga, where we rely on higher-order abstract syntax (HOAS). This allows us to compare the three proof systems, as well as HOAS and de Bruijn for the purpose of developing formal metatheory.Wir präsentieren einen maschinell verifizierten Beweis der Äquivalenz zweier Darstellungen des Lambda-Kalküls System F. Die erste unterscheidet syntaktisch zwischen Termen und Typen und entspricht somit der geläufigen Form. Die zweite, L2 bzw. λ2, ist ein sog. Pure Type System (PTS), bei welchem alle Ausdrücke in einer syntaktischen Klasse zusammen fallen. Unser Äquivalenzbegriff ist eine bidirektionale Reduktion der jeweiligen Typrelationen. Ein formaler Beweis dieser Eigenschaft ist aufgrund der Unterschiede der Ausdruckssprachen, der Typrelationen und der Bindung lokaler Variablen überraschend anspruchsvoll. Der Hauptteil dieser Arbeit wurde in dem Beweisassistenten Coq entwickelt und umfasst eine Abhandlung der PTS Metatheorie, sowie einen Äquivalenzbeweis für das einfach getypte Lambda-Kalkül, welcher dann zu dem vollen Ergebnis für System F skaliert wird. Für die Darstellung lokaler Variablenbindung verwenden wir de Bruijn Syntax, gepaart mit parallelen Substitutionen. Außerdem entwickeln wir eine generalisierte Form von Kontext-Morphismen Lemmas, welche eine strukturierte Beweismethodik in diesem Umfeld liefern. Darüber hinaus betrachten wir zwei weitere Formalisierungen des Äquivalenzresultats in den Beweissystemen Abella und Beluga, welche beide höherstufige abstrakte Syntax (HOAS) zur Darstellung lokaler Bindung verwenden. Dies ermöglicht es uns, sowohl die drei Beweissysteme, als auch den HOAS und den de Bruijn Ansatz mit Hinblick auf die Entwicklung formaler Metatheorie zu vergleichen