Technical ReportPDF Available

A Machine Supported Proof of the Unique Prime Factorization Theorem

Authors:

Abstract

We demonstrate the use of the VeriFun system with a verification of the Unique Prime Factorization Theorem. We illustrate the operation and performance of our system and present the challenges encountered when working on this problem.
     
   
    
 
  
           
       !! 
"  "     "  !! 
     "!
 
           
           
 ! "      #     
    $   %   
 &        &    
              $
  !
"            &
   ' ( ) *   +
  ,  $! "        
    &      !
    &        
  $           
    ,    &! -  
 &     ! ! ./"0( 1 )23 4 5+ 6 7
 +8 9 :7+ 3 0-2 ;         
           
     $ ! 0    
             
   %   <   = !
          
    <    =! "   
           
             
        ! !    
> . " 5 2  5 ( ! 
 !#$  
   
$   ! "       ?)+) @
         (>    
 <    =  $    
 $   !
          
! A         & 
 $    3        
    1      !  
"#$ %  & ! B ! 0     
      "' ! ( !   
   $   >(  1!   
           
$   !
   
2              
 <    =       <=
 <  =          
             
        <   
   =! "   %   
   
# < <== <=

#  C 6 <<== C <3=
  <=   #)## %   <3= 
 !## %  ! 7  
 # <= C <=<=<=<1=
             
 %    !
    <= <3=  <1=    # A
         ! "
         
 <  =     
  "!#  "! #   #     
%&'(#   ! )      "     
 %*(     +,- %.(
/0   "  !!    !    !
"
3
           
!
)     < =  !
'            
 
 
 
  
 
  
 
 





      D C 6  
     3   
   #   3     3  
      <
 = %     C 6    
       !
)& !3!
      
   D %        
  <=  <3=        
 %  <1=!          
          E !
  
          
          ! ! 7  
     
  <=         
       E    
           
  E    
1
         
 E  !
        
        ! 7    
         
 &       ! 7     
          !
          %! ) 
    %        $
             <
=  
    
          
    
   %
    & 
B
         %   !
7        <  =  &
 <     =     
   $!
'           
%       ! %! F   
  ! ##      
  $    ! 7    
         < 
GH    *+%)) =! 7     
       ),) !!#   ! )& !!
0          
  < =   <=   !
" ##!+)        E 
   B         
! "        
        )& !1!
'      F% 5 ' 5
          
  ! 0   E -!    
        ! 7     
     )2      
  !  
           
! " &           
)& !B!
 
            
           ! "
 E    B    
     ! "    
    <=      ! ! 
         ! ) 
     ! )& !3  
      ! " 
       
1 #     "   #  "   
      #   !     
      " "!   #  
!   " "   "#  %&2(  
  " " !     / ! 0
 !   
     ! -#!  
          
        
  & !
    
"          
 % &   ! "     %
 &            
! 7      &  !   
      ! "   
 &  !   
    ! "   %   
             
 ! 7  %   &   
        ! "   
        "#+.!!  ! 
           
        &     
   %! "    &  $ 
  %    %   D# " & 
   !       % !
      ! "    
      &       
               9 
   % B        3   
 ! )          !
 I7I  1         
      3   !   
          <= <3=
 <1=   ! "   $     
             
           $!
   &    $   
   %      
             ! !
1 "!#  !! #  3 4  5 6 5 6 5
&  / 07#       ! 
  /     8  !!  
"!  0  !  "! /
0   #       
   9# 8 !     
     #    
   !  /      
0
;
    
  : * ; .. &' <'
1 = & 2 < : &*
 ! : :> :& .6
? -!
 =
! 
&
.
&&
:
:
&
.
<
&:
>
-""! @   < < &'
1 & & : *
9"   22
 : 2 & *. &. ''
   1    "  
  ! $        
    <       =!
 
"            
      <      D 
       =! F   %
        $     
             
!
"   D        
  <  /0/1=!" % 2#  
        $ GH
GH GF%H G)H  G"H! 8! ! B 
        ! "  
         !!
"     ;    <  
 ! )& !3=         !
>  -# .!!        & 
              
 ! ! 1  !##! 7  !  
             
!
" % )#         % 
        %    
%    D ! 8! ! 3   
%             
   "  !     
!     3 7
@
      ! " &##    
1   !         
   ! '        
             !
! " #$%
"   %        
      E   ! )&! @9J  
            
     ! -   <   % =
 6;    %        
     ! 0    
   $    &     # AD
    ! ! (     !   
 %  %      ! ! !  
B      !     
      ,        
        ! ! '   
       <3=    
   61B   ;    3  
 16   3 !         
            
               
! )      &   
%              
   B  <  @6 =      
;    %       %!
& '
   !  "
  
            
#  C#  CK
#        #    C 6
#  #   
#    C# K
  C 6
#  C 6 C K
#  C 6 C 6   
#    K
# K
K
  
# K
<   C=#  CK
L  
!   # $ %#  :66:
  &A
B      A
&   "
9
 !
  
      
  
      
  
 
 
       

 
 
 
       

 
 
 
  
 
       


 
 
 
  
 
       


 
 
 
  
 
  
 
 



4
  !
 !
 
  !  !  !! 

  !
 !
 
  !    ! 

 ! 
 !    !! 
 ! 
 !
 
  !
 !!
  

 !
 !    !! 
 
 
 
  
 
  
 
 



 
 
 
  
 
  )   !  %2(   !    
C!#     !  "     5 6
/   ! 0      ""  
 ! %&*(#         ! /.0 
/<0  -""D . 2#   ! !  "    
6
  
 
 



 
 
 
       

 
 
 
       

 #$ !  "
 " 
            
 " 
 
 
      " 

 "# 
 
 
      "# 

 " 
 
 
  
 
  
 "
 "




<= <=<= C <4= < =< = C
<3= M<=<= C <6= M< =< = C
<1= M<=  <= <= M< =  < =
<B= <=<3= < =
<=  < = <  = C <1= < =< = C
<;=  M< = < = C <B= M3< =< = C
<@=  M< =  < = <= M3< =  < =
<9=  < =<;= < =
 % "
     

      

      

     !
!

!
!
!
     
 
 
  


 !    
 


    



-!! !  !!      
3
 !    

 



      !
!
!!

      !
!!
       !
!
!!

     ! 
!

!!


#%
& "4EE    EE
: "4EE  D EEE"EED !
2 + , F  G , H   & - # I J#
&;>;
* + , F  G , H - H!    !!  
9! ! #$ %# 2&/204**&K*.<# &;<*
. + , F  G , H  ?  +,- ! L @"
-!  % %# ;&/204&<&K&<;# &;<*
' H G ? M  H! '   &(  
!    & ?  # ?#
&;;2
> G M!# F G#  M = ,!  # & ) -
!# +# H# &;;'
<  9# F =# ? ,!# G ,#  ,"#  - !"
   N ,"" @ 1 H ? M!  G 
# # '$ $  " % ! *"%!+# ! &6.& 
& ,  ) '# I J# &;;' ,"N!
; H L  G , H -?=:4 - 1! , N  IO9H
1 -./( 00  $   # M# H
!# &;;' I! 1  ,  !
1
&6 , C# G +#  I , N,4 - ""   1 $
00 '$ $   1 *1!.2+# ! '6>  &
,  ) '# I J# &;;: ,"N!
&& = ? ! '(    # ! <:<  & , 
  ,"N!# I J# &;;*
&:  +  L1N -""  , N 1 H F  , G#
# 3 4 ( %5 &       
6# ! &66;  & ,    ,"N!#
&;;.
&2 ? ! H! 1 1 M# ? 9#  G +
# # 7  &  ) '  & #
! :# " &:>K::> CD  # CD# &;;*
&* ? ! C     -!  H )
'# >&/&04&6&K&.># &;;*
&. ? !  , ,   M ! +" N+ 6:E6&#
#   # :66:
&' ? !  , , - N  F , ! +"
N+ 6:E6:# #   # :66:
B
... may be replaced by the corresponding instance of y = z in a goalterm whenever the cor- 8 Of course, more than one clause set S inj f may exists for f , e.g. C inj ! ...
... (t 2 , t 1 )] for each recursive call f (t 1 , t 2 ) in body f , cf. [6]. 15 E.g., procedure plus as given by (8) must not be "opened up" under commutativity as otherwise plus(n, + (m))`+ H,A plus( + (n), m)`+ H,A plus(n, + (m)) results. ...
... Symbolic evaluation as presented here has been developed, refined and optimized by surveying theorem proving power and runtime performance for a large number of case studies, see [1], [7], [8], [9], [11], [12] for examples. It has been integrated into the X eriFun system and proved successful upon verification of functional programs. ...
Technical Report
Full-text available
We report about a first-order theorem prover which is implemented in the interactive verification tool VeriFun to prove the base and step cases of an induction proof. The use in an interactive environment requires a terminating system providing a satisfying balance between theorem proving power and runtime performance as well as the supply of results being useful for carrying on with a proof attempt (by some user interaction, say) if a proof cannot be found. The latter requirement is particularly important because non-valid formulas are frequently encountered when proving theorems by induction. Our prover is based on symbolic evaluation, i.e. a method which combines symbolic execution of programs with techniques from classical theorem proving and term rewriting. We illustrate how to integrate the use of lemmas and induction hypotheses into symbolic evaluation and discuss the incorporation of equality reasoning in particular. We call our approach "pragmatic" because no interesting formal qualities (except soundness) can be assigned to it, but it successfully performs when running VeriFun to prove statements about programs.
... Here the symbol P denotes a recursively-defined function, which returns true if its argument is a prime number and f alse otherwise. Its definition and correctness proof is provided in [14]. ...
Article
Full-text available
The Elliptic Curve Cryptography (ECC) is widely known as secure and reliable cryptographic scheme. In many situations the original cryptographic algorithm is modified to improve its efficiency in terms like power consumption or memory consumption which were not in the focus of the original algorithm. For all this modification it is crucial that the functionality and correctness of the original algorithm is preserved. In particular, various projective coordinate systems are applied in order to reduce the computational complexity of elliptic curve encryption by avoiding division in finite fields. This work investigates the possibilities of automated proofs on the correctness of different algorithmic variants. We introduce the theorems which are required to prove the correctness of a modified algorithm variant and the lemmas and definitions which are necessary to prove these goals. The correctness proof of the projective coordinate system transformation has practically been performed with the help of the an interactive formal verification system XeriFun.
... The value for the automated calls of Use Lemma is unusually high as compared to other case studies performed with eriFun , e.g. [19], [25], which is caused by the fact that the induction hypotheses had been disabled upon symbolic evaluation of the key lemmas so that Use Lemma could succeed following Simplification. Whereas the Induction rule performed perfectly here, the values for Unfold Procedure and for Case Analysis are unusually high, which reflects the need for frequent interactive calls for symbolic execution of machine programs when proving (1), and also reflects the separation into subcases needed for the proofs of the key lemmas. ...
Conference Paper
Full-text available
We consider the machine-supported verification of a code generator computing machine code from WHILE-programs, i.e. abstract syntax trees which may be obtained by a parser from programs of an imperative programming language. We motivate the representation of states developed for the verification, which is crucial for success, as the interpretation of tree-structured WHILE-programs differs significantly in its operation from the interpretation of the linear machine code. This work has been developed for a course to demonstrate to the students the support gained by computer-aided verification in a central subject of computer science, boiled down to the classroom-level. We report about the insights obtained into the properties of machine code as well as the challenges and efforts encountered when verifying the correctness of the code generator. We also illustrate the performance of the VeriFun system that was used for this work.
... Quite often a value of more than 80% is obtained as proved in several cases, e.g. [4], [8], [9] 2 . eriFun has been used so far in an industrial IT-security project concerned with electronic payment in public networks [3], in particular for the investigation of a public key infrastructure [2]. ...
Conference Paper
Full-text available
VeriFun is a semi-automated system for the verification of functional programs. It has been used so far in an industrial IT-security project concerned with electronic payment in public networks as well as for teaching semantics and verification in university courses both at the undergraduate and at the graduate level. On the development it has been attempted to achieve a high degree of automatization, to provide the system with a clear and intuitive user interface, and to care for an transparent mode of operation, as all these features strongly support the work with a system in particular for non-expert users.
ResearchGate has not been able to resolve any references for this publication.