:: High-speed algorithms for RSA cryptograms
:: by Yasushi Fuwa and Yoshinori Fujisawa
::
:: Received February 1, 2000
:: Copyright (c) 2000 Association of Mizar Users


theorem :: RADIX_2:1
for a being Nat holds a mod 1 = 0
proof end;

theorem Th2: :: RADIX_2:2
for a, b being Integer
for n being Nat st n > 0 holds
((a mod n) + (b mod n)) mod n = (a + (b mod n)) mod n
proof end;

theorem Th3: :: RADIX_2:3
for a, b being Integer
for n being Nat st n > 0 holds
(a * b) mod n = (a * (b mod n)) mod n
proof end;

theorem Th4: :: RADIX_2:4
for a, b, i being Nat st 1 <= i & 0 < b holds
(a mod (b |^ i)) div (b |^ (i -' 1)) = (a div (b |^ (i -' 1))) mod b
proof end;

theorem Th5: :: RADIX_2:5
for i, n being Nat st i in Seg n holds
i + 1 in Seg (n + 1)
proof end;

theorem Th6: :: RADIX_2:6
for k being Nat holds Radix k > 0
proof end;

theorem Th7: :: RADIX_2:7
for k being Nat
for x being Tuple of 1,(k -SD ) holds SDDec x = DigA x,1
proof end;

theorem Th8: :: RADIX_2:8
for k being Nat
for x being Integer holds (SD_Add_Data x,k) + ((SD_Add_Carry x) * (Radix k)) = x
proof end;

theorem Th9: :: RADIX_2:9
for k, n being Nat
for x being Tuple of (n + 1),(k -SD )
for xn being Tuple of n,(k -SD ) st ( for i being Nat st i in Seg n holds
x . i = xn . i ) holds
Sum (DigitSD x) = Sum ((DigitSD xn) ^ <*(SubDigit x,(n + 1),k)*>)
proof end;

theorem Th10: :: RADIX_2:10
for k, n being Nat
for x being Tuple of (n + 1),(k -SD )
for xn being Tuple of n,(k -SD ) st ( for i being Nat st i in Seg n holds
x . i = xn . i ) holds
(SDDec xn) + (((Radix k) |^ n) * (DigA x,(n + 1))) = SDDec x
proof end;

theorem :: RADIX_2:11
for k, n being Nat st n >= 1 holds
for x, y being Tuple of n,(k -SD ) st k >= 2 holds
(SDDec (x '+' y)) + ((SD_Add_Carry ((DigA x,n) + (DigA y,n))) * ((Radix k) |^ n)) = (SDDec x) + (SDDec y)
proof end;

definition
let i, k, n be Nat;
let x be Tuple of n,NAT ;
func SubDigit2 x,i,k -> Element of NAT equals :: RADIX_2:def 1
((Radix k) |^ (i -' 1)) * (x . i);
coherence
((Radix k) |^ (i -' 1)) * (x . i) is Element of NAT ;
end;

:: deftheorem defines SubDigit2 RADIX_2:def 1 :
for i, k, n being Nat
for x being Tuple of n,NAT holds SubDigit2 x,i,k = ((Radix k) |^ (i -' 1)) * (x . i);

definition
let n, k be Nat;
let x be Tuple of n,NAT ;
func DigitSD2 x,k -> Tuple of n,NAT means :Def2: :: RADIX_2:def 2
for i being Nat st i in Seg n holds
it /. i = SubDigit2 x,i,k;
existence
ex b1 being Tuple of n,NAT st
for i being Nat st i in Seg n holds
b1 /. i = SubDigit2 x,i,k
proof end;
uniqueness
for b1, b2 being Tuple of n,NAT st ( for i being Nat st i in Seg n holds
b1 /. i = SubDigit2 x,i,k ) & ( for i being Nat st i in Seg n holds
b2 /. i = SubDigit2 x,i,k ) holds
b1 = b2
proof end;
end;

:: deftheorem Def2 defines DigitSD2 RADIX_2:def 2 :
for n, k being Nat
for x, b4 being Tuple of n,NAT holds
( b4 = DigitSD2 x,k iff for i being Nat st i in Seg n holds
b4 /. i = SubDigit2 x,i,k );

definition
let n, k be Nat;
let x be Tuple of n,NAT ;
func SDDec2 x,k -> Element of NAT equals :: RADIX_2:def 3
 Sum (DigitSD2 x,k);
coherence
Sum (DigitSD2 x,k) is Element of NAT ;
end;

:: deftheorem defines SDDec2 RADIX_2:def 3 :
for n, k being Nat
for x being Tuple of n,NAT holds SDDec2 x,k = Sum (DigitSD2 x,k);

definition
let i, k, x be Nat;
func DigitDC2 x,i,k -> Element of NAT equals :: RADIX_2:def 4
(x mod ((Radix k) |^ i)) div ((Radix k) |^ (i -' 1));
coherence
(x mod ((Radix k) |^ i)) div ((Radix k) |^ (i -' 1)) is Element of NAT ;
end;

:: deftheorem defines DigitDC2 RADIX_2:def 4 :
for i, k, x being Nat holds DigitDC2 x,i,k = (x mod ((Radix k) |^ i)) div ((Radix k) |^ (i -' 1));

definition
let k, n, x be Nat;
func DecSD2 x,n,k -> Tuple of n,NAT means :Def5: :: RADIX_2:def 5
for i being Nat st i in Seg n holds
it . i = DigitDC2 x,i,k;
existence
ex b1 being Tuple of n,NAT st
for i being Nat st i in Seg n holds
b1 . i = DigitDC2 x,i,k
proof end;
uniqueness
for b1, b2 being Tuple of n,NAT st ( for i being Nat st i in Seg n holds
b1 . i = DigitDC2 x,i,k ) & ( for i being Nat st i in Seg n holds
b2 . i = DigitDC2 x,i,k ) holds
b1 = b2
proof end;
end;

:: deftheorem Def5 defines DecSD2 RADIX_2:def 5 :
for k, n, x being Nat
for b4 being Tuple of n,NAT holds
( b4 = DecSD2 x,n,k iff for i being Nat st i in Seg n holds
b4 . i = DigitDC2 x,i,k );

theorem Th12: :: RADIX_2:12
for n, k being Nat
for x being Tuple of n,NAT
for y being Tuple of n,(k -SD ) st x = y holds
DigitSD2 x,k = DigitSD y
proof end;

theorem Th13: :: RADIX_2:13
for n, k being Nat
for x being Tuple of n,NAT
for y being Tuple of n,(k -SD ) st x = y holds
SDDec2 x,k = SDDec y
proof end;

theorem Th14: :: RADIX_2:14
for x, n, k being Nat holds DecSD2 x,n,k = DecSD x,n,k
proof end;

theorem Th15: :: RADIX_2:15
for n being Nat st n >= 1 holds
for m, k being Nat st m is_represented_by n,k holds
m = SDDec2 (DecSD2 m,n,k),k
proof end;

definition
let q be Integer;
let f, j, k, n be Nat;
let c be Tuple of n,(k -SD );
func Table1 q,c,f,j -> Integer equals :: RADIX_2:def 6
(q * (DigA c,j)) mod f;
correctness
coherence
(q * (DigA c,j)) mod f is Integer;
;
end;

:: deftheorem defines Table1 RADIX_2:def 6 :
for q being Integer
for f, j, k, n being Nat
for c being Tuple of n,(k -SD ) holds Table1 q,c,f,j = (q * (DigA c,j)) mod f;

definition
let q be Integer;
let k, f, n be Nat;
let c be Tuple of n,(k -SD );
assume A1: n >= 1 ;
func Mul_mod q,c,f,k -> Tuple of n,INT means :Def7: :: RADIX_2:def 7
( it . 1 = Table1 q,c,f,n & ( for i being Nat st 1 <= i & i <= n - 1 holds
ex I1, I2 being Integer st
( I1 = it . i & I2 = it . (i + 1) & I2 = (((Radix k) * I1) + (Table1 q,c,f,(n -' i))) mod f ) ) );
existence
ex b1 being Tuple of n,INT st
( b1 . 1 = Table1 q,c,f,n & ( for i being Nat st 1 <= i & i <= n - 1 holds
ex I1, I2 being Integer st
( I1 = b1 . i & I2 = b1 . (i + 1) & I2 = (((Radix k) * I1) + (Table1 q,c,f,(n -' i))) mod f ) ) )
proof end;
uniqueness
for b1, b2 being Tuple of n,INT st b1 . 1 = Table1 q,c,f,n & ( for i being Nat st 1 <= i & i <= n - 1 holds
ex I1, I2 being Integer st
( I1 = b1 . i & I2 = b1 . (i + 1) & I2 = (((Radix k) * I1) + (Table1 q,c,f,(n -' i))) mod f ) ) & b2 . 1 = Table1 q,c,f,n & ( for i being Nat st 1 <= i & i <= n - 1 holds
ex I1, I2 being Integer st
( I1 = b2 . i & I2 = b2 . (i + 1) & I2 = (((Radix k) * I1) + (Table1 q,c,f,(n -' i))) mod f ) ) holds
b1 = b2
proof end;
end;

:: deftheorem Def7 defines Mul_mod RADIX_2:def 7 :
for q being Integer
for k, f, n being Nat
for c being Tuple of n,(k -SD ) st n >= 1 holds
for b6 being Tuple of n,INT holds
( b6 = Mul_mod q,c,f,k iff ( b6 . 1 = Table1 q,c,f,n & ( for i being Nat st 1 <= i & i <= n - 1 holds
ex I1, I2 being Integer st
( I1 = b6 . i & I2 = b6 . (i + 1) & I2 = (((Radix k) * I1) + (Table1 q,c,f,(n -' i))) mod f ) ) ) );

theorem :: RADIX_2:16
for n being Nat st n >= 1 holds
for q being Integer
for ic, f, k being Nat st ic is_represented_by n,k & f > 0 holds
for c being Tuple of n,(k -SD ) st c = DecSD ic,n,k holds
(Mul_mod q,c,f,k) . n = (q * ic) mod f
proof end;

definition
let n, f, j, m be Nat;
let e be Tuple of n,NAT ;
func Table2 m,e,f,j -> Element of NAT equals :: RADIX_2:def 8
(m |^ (e /. j)) mod f;
correctness
coherence
(m |^ (e /. j)) mod f is Element of NAT ;
;
end;

:: deftheorem defines Table2 RADIX_2:def 8 :
for n, f, j, m being Nat
for e being Tuple of n,NAT holds Table2 m,e,f,j = (m |^ (e /. j)) mod f;

definition
let k, f, m, n be Nat;
let e be Tuple of n,NAT ;
assume A1: n >= 1 ;
func Pow_mod m,e,f,k -> Tuple of n,NAT means :Def9: :: RADIX_2:def 9
( it . 1 = Table2 m,e,f,n & ( for i being Nat st 1 <= i & i <= n - 1 holds
ex i1, i2 being Nat st
( i1 = it . i & i2 = it . (i + 1) & i2 = (((i1 |^ (Radix k)) mod f) * (Table2 m,e,f,(n -' i))) mod f ) ) );
existence
ex b1 being Tuple of n,NAT st
( b1 . 1 = Table2 m,e,f,n & ( for i being Nat st 1 <= i & i <= n - 1 holds
ex i1, i2 being Nat st
( i1 = b1 . i & i2 = b1 . (i + 1) & i2 = (((i1 |^ (Radix k)) mod f) * (Table2 m,e,f,(n -' i))) mod f ) ) )
proof end;
uniqueness
for b1, b2 being Tuple of n,NAT st b1 . 1 = Table2 m,e,f,n & ( for i being Nat st 1 <= i & i <= n - 1 holds
ex i1, i2 being Nat st
( i1 = b1 . i & i2 = b1 . (i + 1) & i2 = (((i1 |^ (Radix k)) mod f) * (Table2 m,e,f,(n -' i))) mod f ) ) & b2 . 1 = Table2 m,e,f,n & ( for i being Nat st 1 <= i & i <= n - 1 holds
ex i1, i2 being Nat st
( i1 = b2 . i & i2 = b2 . (i + 1) & i2 = (((i1 |^ (Radix k)) mod f) * (Table2 m,e,f,(n -' i))) mod f ) ) holds
b1 = b2
proof end;
end;

:: deftheorem Def9 defines Pow_mod RADIX_2:def 9 :
for k, f, m, n being Nat
for e being Tuple of n,NAT st n >= 1 holds
for b6 being Tuple of n,NAT holds
( b6 = Pow_mod m,e,f,k iff ( b6 . 1 = Table2 m,e,f,n & ( for i being Nat st 1 <= i & i <= n - 1 holds
ex i1, i2 being Nat st
( i1 = b6 . i & i2 = b6 . (i + 1) & i2 = (((i1 |^ (Radix k)) mod f) * (Table2 m,e,f,(n -' i))) mod f ) ) ) );

theorem :: RADIX_2:17
for n being Nat st n >= 1 holds
for m, k, f, ie being Nat st ie is_represented_by n,k & f > 0 holds
for e being Tuple of n,NAT st e = DecSD2 ie,n,k holds
(Pow_mod m,e,f,k) . n = (m |^ ie) mod f
proof end;