1 (* Author: Johannes Hoelzl, TU Muenchen *) |
1 (* Author: Johannes Hölzl, TU München *) |
2 |
2 |
3 header {* Formalization of a Countermeasure by Koepf & Duermuth 2009 *} |
3 header {* Formalization of a Countermeasure by Koepf \& Duermuth 2009 *} |
4 |
4 |
5 theory Koepf_Duermuth_Countermeasure |
5 theory Koepf_Duermuth_Countermeasure |
6 imports Information "~~/src/HOL/Library/Permutation" |
6 imports Information "~~/src/HOL/Library/Permutation" |
7 begin |
7 begin |
8 |
8 |
78 lemma (in prob_space) |
78 lemma (in prob_space) |
79 assumes "finite (X`space M)" |
79 assumes "finite (X`space M)" |
80 shows "bij_betw (ordered_variable_partition X) {0..<card (X`space M)} (X`space M)" |
80 shows "bij_betw (ordered_variable_partition X) {0..<card (X`space M)} (X`space M)" |
81 and "\<And>i j. \<lbrakk> i < card (X`space M) ; j < card (X`space M) ; i \<le> j \<rbrakk> \<Longrightarrow> |
81 and "\<And>i j. \<lbrakk> i < card (X`space M) ; j < card (X`space M) ; i \<le> j \<rbrakk> \<Longrightarrow> |
82 distribution X {ordered_variable_partition X i} \<le> distribution X {ordered_variable_partition X j}" |
82 distribution X {ordered_variable_partition X i} \<le> distribution X {ordered_variable_partition X j}" |
83 proof - |
83 oops |
84 |
|
85 qed |
|
86 |
84 |
87 definition (in prob_space) |
85 definition (in prob_space) |
88 "order_distribution X i = real (distribution X {ordered_variable_partition X i})" |
86 "order_distribution X i = real (distribution X {ordered_variable_partition X i})" |
89 |
87 |
90 definition (in prob_space) |
88 definition (in prob_space) |
91 "guessing_entropy b X = (\<Sum>i<card(X`space M). real i * log b (order_distribution X i))" |
89 "guessing_entropy b X = (\<Sum>i<card(X`space M). real i * log b (order_distribution X i))" |
92 |
90 |
93 abbreviation (in finite_information_space) |
91 abbreviation (in information_space) |
94 finite_guessing_entropy ("\<G>'(_')") where |
92 finite_guessing_entropy ("\<G>'(_')") where |
95 "\<G>(X) \<equiv> guessing_entropy b X" |
93 "\<G>(X) \<equiv> guessing_entropy b X" |
96 |
94 |
97 |
|
98 |
|
99 lemma zero_notin_Suc_image[simp]: "0 \<notin> Suc ` A" |
95 lemma zero_notin_Suc_image[simp]: "0 \<notin> Suc ` A" |
100 by auto |
96 by auto |
101 |
97 |
102 definition extensional :: "'b \<Rightarrow> 'a set \<Rightarrow> ('a \<Rightarrow> 'b) set" where |
98 definition extensional :: "'b \<Rightarrow> 'a set \<Rightarrow> ('a \<Rightarrow> 'b) set" where |
103 "extensional d A = {f. \<forall>x. x \<notin> A \<longrightarrow> f x = d}" |
99 "extensional d A = {f. \<forall>x. x \<notin> A \<longrightarrow> f x = d}" |
104 |
100 |
105 lemma extensional_empty[simp]: "extensional d {} = {\<lambda>x. d}" |
101 lemma extensional_empty[simp]: "extensional d {} = {\<lambda>x. d}" |
106 unfolding extensional_def by (simp add: expand_set_eq expand_fun_eq) |
102 unfolding extensional_def by (simp add: set_eq_iff fun_eq_iff) |
107 |
103 |
108 lemma funset_eq_UN_fun_upd_I: |
104 lemma funset_eq_UN_fun_upd_I: |
109 assumes *: "\<And>f. f \<in> F (insert a A) \<Longrightarrow> f(a := d) \<in> F A" |
105 assumes *: "\<And>f. f \<in> F (insert a A) \<Longrightarrow> f(a := d) \<in> F A" |
110 and **: "\<And>f. f \<in> F (insert a A) \<Longrightarrow> f a \<in> G (f(a:=d))" |
106 and **: "\<And>f. f \<in> F (insert a A) \<Longrightarrow> f a \<in> G (f(a:=d))" |
111 and ***: "\<And>f x. \<lbrakk> f \<in> F A ; x \<in> G f \<rbrakk> \<Longrightarrow> f(a:=x) \<in> F (insert a A)" |
107 and ***: "\<And>f x. \<lbrakk> f \<in> F A ; x \<in> G f \<rbrakk> \<Longrightarrow> f(a:=x) \<in> F (insert a A)" |
136 assumes "finite A" "finite B" |
132 assumes "finite A" "finite B" |
137 shows "finite (extensional d A \<inter> (A \<rightarrow> B))" |
133 shows "finite (extensional d A \<inter> (A \<rightarrow> B))" |
138 using assms by induct auto |
134 using assms by induct auto |
139 |
135 |
140 lemma fun_upd_eq_iff: "f(a := b) = g(a := b') \<longleftrightarrow> b = b' \<and> f(a := d) = g(a := d)" |
136 lemma fun_upd_eq_iff: "f(a := b) = g(a := b') \<longleftrightarrow> b = b' \<and> f(a := d) = g(a := d)" |
141 by (auto simp: expand_fun_eq) |
137 by (auto simp: fun_eq_iff) |
142 |
138 |
143 lemma card_funcset: |
139 lemma card_funcset: |
144 assumes "finite A" "finite B" |
140 assumes "finite A" "finite B" |
145 shows "card (extensional d A \<inter> (A \<rightarrow> B)) = card B ^ card A" |
141 shows "card (extensional d A \<inter> (A \<rightarrow> B)) = card B ^ card A" |
146 using `finite A` proof induct |
142 using `finite A` proof induct |
203 and b_gt_1[simp, intro]: "1 < b" |
199 and b_gt_1[simp, intro]: "1 < b" |
204 |
200 |
205 lemma (in finite_information) positive_p_sum[simp]: "0 \<le> setsum p X" |
201 lemma (in finite_information) positive_p_sum[simp]: "0 \<le> setsum p X" |
206 by (auto intro!: setsum_nonneg) |
202 by (auto intro!: setsum_nonneg) |
207 |
203 |
208 sublocale finite_information \<subseteq> finite_information_space "\<lparr> space = \<Omega>, sets = Pow \<Omega> \<rparr>" "\<lambda>S. Real (setsum p S)" b |
204 sublocale finite_information \<subseteq> finite_measure_space "\<lparr> space = \<Omega>, sets = Pow \<Omega>, measure = \<lambda>S. Real (setsum p S)\<rparr>" |
209 proof - |
205 by (rule finite_measure_spaceI) (simp_all add: setsum_Un_disjoint finite_subset) |
210 show "finite_information_space \<lparr> space = \<Omega>, sets = Pow \<Omega> \<rparr> (\<lambda>S. Real (setsum p S)) b" |
206 |
211 unfolding finite_information_space_def finite_information_space_axioms_def |
207 sublocale finite_information \<subseteq> finite_prob_space "\<lparr> space = \<Omega>, sets = Pow \<Omega>, measure = \<lambda>S. Real (setsum p S)\<rparr>" |
212 unfolding finite_prob_space_def prob_space_def prob_space_axioms_def |
208 by default simp |
213 unfolding finite_measure_space_def finite_measure_space_axioms_def |
209 |
214 by (force intro!: sigma_algebra.finite_additivity_sufficient |
210 sublocale finite_information \<subseteq> information_space "\<lparr> space = \<Omega>, sets = Pow \<Omega>, measure = \<lambda>S. Real (setsum p S)\<rparr>" b |
215 simp: additive_def sigma_algebra_Pow positive_def Real_eq_Real |
211 by default simp |
216 setsum.union_disjoint finite_subset) |
|
217 qed |
|
218 |
|
219 lemma (in prob_space) prob_space_subalgebra: |
|
220 assumes "N \<subseteq> sets M" "sigma_algebra (M\<lparr> sets := N \<rparr>)" |
|
221 shows "prob_space (M\<lparr> sets := N \<rparr>) \<mu>" sorry |
|
222 |
|
223 lemma (in measure_space) measure_space_subalgebra: |
|
224 assumes "N \<subseteq> sets M" "sigma_algebra (M\<lparr> sets := N \<rparr>)" |
|
225 shows "measure_space (M\<lparr> sets := N \<rparr>) \<mu>" sorry |
|
226 |
212 |
227 locale koepf_duermuth = K: finite_information keys K b + M: finite_information messages M b |
213 locale koepf_duermuth = K: finite_information keys K b + M: finite_information messages M b |
228 for b :: real |
214 for b :: real |
229 and keys :: "'key set" and K :: "'key \<Rightarrow> real" |
215 and keys :: "'key set" and K :: "'key \<Rightarrow> real" |
230 and messages :: "'message set" and M :: "'message \<Rightarrow> real" + |
216 and messages :: "'message set" and M :: "'message \<Rightarrow> real" + |
256 proof (induct n) |
242 proof (induct n) |
257 case 0 then show ?case by (simp cong: conj_cong) |
243 case 0 then show ?case by (simp cong: conj_cong) |
258 next |
244 next |
259 case (Suc n) |
245 case (Suc n) |
260 then show ?case |
246 then show ?case |
261 by (simp add: comp_def set_of_list_extend |
247 by (simp add: comp_def set_of_list_extend lessThan_Suc_eq_insert_0 |
262 lessThan_eq_Suc_image setsum_reindex setprod_reindex) |
248 setsum_reindex setprod_reindex) |
263 qed |
249 qed |
264 then show "setsum P msgs = 1" |
250 then show "setsum P msgs = 1" |
265 unfolding msgs_def P_def by simp |
251 unfolding msgs_def P_def by simp |
266 |
|
267 fix x |
252 fix x |
268 have "\<And> A f. 0 \<le> (\<Prod>x\<in>A. M (f x))" by (auto simp: setprod_nonneg) |
253 have "\<And> A f. 0 \<le> (\<Prod>x\<in>A. M (f x))" by (auto simp: setprod_nonneg) |
269 then show "0 \<le> P x" |
254 then show "0 \<le> P x" |
270 unfolding P_def by (auto split: prod.split simp: zero_le_mult_iff) |
255 unfolding P_def by (auto split: prod.split simp: zero_le_mult_iff) |
271 qed auto |
256 qed auto |
301 apply (case_tac i) |
286 apply (case_tac i) |
302 by force+ |
287 by force+ |
303 show ?case unfolding * |
288 show ?case unfolding * |
304 using Suc[of "\<lambda>i. P (Suc i)"] |
289 using Suc[of "\<lambda>i. P (Suc i)"] |
305 by (simp add: setsum_reindex split_conv setsum_cartesian_product' |
290 by (simp add: setsum_reindex split_conv setsum_cartesian_product' |
306 lessThan_eq_Suc_image setprod_reindex setsum_left_distrib[symmetric] setsum_right_distrib[symmetric]) |
291 lessThan_Suc_eq_insert_0 setprod_reindex setsum_left_distrib[symmetric] setsum_right_distrib[symmetric]) |
307 qed |
292 qed |
308 |
293 |
309 context koepf_duermuth |
294 context koepf_duermuth |
310 begin |
295 begin |
311 |
296 |
345 |
330 |
346 abbreviation conditional_probability ("\<P>'(_|_') _") where |
331 abbreviation conditional_probability ("\<P>'(_|_') _") where |
347 "\<P>(X|Y) x \<equiv> \<P>(X, Y) x / \<P>(Y) (snd`x)" |
332 "\<P>(X|Y) x \<equiv> \<P>(X, Y) x / \<P>(Y) (snd`x)" |
348 |
333 |
349 notation |
334 notation |
350 finite_entropy ("\<H>'( _ ')") |
335 entropy_Pow ("\<H>'( _ ')") |
351 |
336 |
352 notation |
337 notation |
353 finite_conditional_entropy ("\<H>'( _ | _ ')") |
338 conditional_entropy_Pow ("\<H>'( _ | _ ')") |
354 |
339 |
355 notation |
340 notation |
356 finite_mutual_information ("\<I>'( _ ; _ ')") |
341 mutual_information_Pow ("\<I>'( _ ; _ ')") |
357 |
342 |
358 lemma t_eq_imp_bij_func: |
343 lemma t_eq_imp_bij_func: |
359 assumes "t xs = t ys" |
344 assumes "t xs = t ys" |
360 shows "\<exists>f. bij_betw f {..<length xs} {..<length ys} \<and> (\<forall>i<length xs. xs ! i = ys ! (f i))" |
345 shows "\<exists>f. bij_betw f {..<length xs} {..<length ys} \<and> (\<forall>i<length xs. xs ! i = ys ! (f i))" |
361 proof - |
346 proof - |
362 have "count (multiset_of xs) = count (multiset_of ys)" |
347 have "count (multiset_of xs) = count (multiset_of ys)" |
363 using assms by (simp add: expand_fun_eq count_multiset_of t_def) |
348 using assms by (simp add: fun_eq_iff count_multiset_of t_def) |
364 then have "xs <~~> ys" unfolding multiset_of_eq_perm count_inject . |
349 then have "xs <~~> ys" unfolding multiset_of_eq_perm count_inject . |
365 then show ?thesis by (rule permutation_Ex_func) |
350 then show ?thesis by (rule permutation_Ex_bij) |
366 qed |
351 qed |
367 |
352 |
368 lemma \<P>_k: assumes "k \<in> keys" shows "\<P>(fst) {k} = K k" |
353 lemma \<P>_k: assumes "k \<in> keys" shows "\<P>(fst) {k} = K k" |
369 proof - |
354 proof - |
370 from assms have *: |
355 from assms have *: |
469 note CP_T_eq_CP_O = this |
454 note CP_T_eq_CP_O = this |
470 |
455 |
471 let "?H obs" = "(\<Sum>k\<in>keys. \<P>(fst|OB) {(k, obs)} * log b (\<P>(fst|OB) {(k, obs)})) :: real" |
456 let "?H obs" = "(\<Sum>k\<in>keys. \<P>(fst|OB) {(k, obs)} * log b (\<P>(fst|OB) {(k, obs)})) :: real" |
472 let "?Ht obs" = "(\<Sum>k\<in>keys. \<P>(fst|t\<circ>OB) {(k, obs)} * log b (\<P>(fst|t\<circ>OB) {(k, obs)})) :: real" |
457 let "?Ht obs" = "(\<Sum>k\<in>keys. \<P>(fst|t\<circ>OB) {(k, obs)} * log b (\<P>(fst|t\<circ>OB) {(k, obs)})) :: real" |
473 |
458 |
474 note [[simproc del: finite_information_space.mult_log]] |
|
475 |
|
476 { fix obs assume obs: "obs \<in> OB`msgs" |
459 { fix obs assume obs: "obs \<in> OB`msgs" |
477 have "?H obs = (\<Sum>k\<in>keys. \<P>(fst|t\<circ>OB) {(k, t obs)} * log b (\<P>(fst|t\<circ>OB) {(k, t obs)}))" |
460 have "?H obs = (\<Sum>k\<in>keys. \<P>(fst|t\<circ>OB) {(k, t obs)} * log b (\<P>(fst|t\<circ>OB) {(k, t obs)}))" |
478 using CP_T_eq_CP_O[OF _ obs] |
461 using CP_T_eq_CP_O[OF _ obs] |
479 by simp |
462 by simp |
480 then have "?H obs = ?Ht (t obs)" . } |
463 then have "?H obs = ?Ht (t obs)" . } |
493 by (force simp add: * intro!: setsum_nonneg) } |
476 by (force simp add: * intro!: setsum_nonneg) } |
494 note P_t_sum_P_O = this |
477 note P_t_sum_P_O = this |
495 |
478 |
496 txt {* Lemma 3 *} |
479 txt {* Lemma 3 *} |
497 have "\<H>(fst | OB) = -(\<Sum>obs\<in>OB`msgs. \<P>(OB) {obs} * ?Ht (t obs))" |
480 have "\<H>(fst | OB) = -(\<Sum>obs\<in>OB`msgs. \<P>(OB) {obs} * ?Ht (t obs))" |
498 unfolding conditional_entropy_eq_ce_with_hypothesis using * by simp |
481 unfolding conditional_entropy_eq_ce_with_hypothesis[OF |
|
482 simple_function_finite simple_function_finite] using * by simp |
499 also have "\<dots> = -(\<Sum>obs\<in>t`OB`msgs. \<P>(t\<circ>OB) {obs} * ?Ht obs)" |
483 also have "\<dots> = -(\<Sum>obs\<in>t`OB`msgs. \<P>(t\<circ>OB) {obs} * ?Ht obs)" |
500 apply (subst SIGMA_image_vimage[symmetric, of "OB`msgs" t]) |
484 apply (subst SIGMA_image_vimage[symmetric, of "OB`msgs" t]) |
501 apply (subst setsum_reindex) |
485 apply (subst setsum_reindex) |
502 apply (fastsimp intro!: inj_onI) |
486 apply (fastsimp intro!: inj_onI) |
503 apply simp |
487 apply simp |
507 apply (safe intro!: setsum_cong) |
491 apply (safe intro!: setsum_cong) |
508 using P_t_sum_P_O |
492 using P_t_sum_P_O |
509 by (simp add: setsum_divide_distrib[symmetric] field_simps ** |
493 by (simp add: setsum_divide_distrib[symmetric] field_simps ** |
510 setsum_right_distrib[symmetric] setsum_left_distrib[symmetric]) |
494 setsum_right_distrib[symmetric] setsum_left_distrib[symmetric]) |
511 also have "\<dots> = \<H>(fst | t\<circ>OB)" |
495 also have "\<dots> = \<H>(fst | t\<circ>OB)" |
512 unfolding conditional_entropy_eq_ce_with_hypothesis |
496 unfolding conditional_entropy_eq_ce_with_hypothesis[OF |
|
497 simple_function_finite simple_function_finite] |
513 by (simp add: comp_def image_image[symmetric]) |
498 by (simp add: comp_def image_image[symmetric]) |
514 finally show ?thesis . |
499 finally show ?thesis . |
515 qed |
500 qed |
516 |
501 |
517 theorem "\<I>(fst ; OB) \<le> real (card observations) * log b (real n + 1)" |
502 theorem "\<I>(fst ; OB) \<le> real (card observations) * log b (real n + 1)" |
518 proof - |
503 proof - |
|
504 from simple_function_finite simple_function_finite |
519 have "\<I>(fst ; OB) = \<H>(fst) - \<H>(fst | OB)" |
505 have "\<I>(fst ; OB) = \<H>(fst) - \<H>(fst | OB)" |
520 using mutual_information_eq_entropy_conditional_entropy . |
506 by (rule mutual_information_eq_entropy_conditional_entropy) |
521 also have "\<dots> = \<H>(fst) - \<H>(fst | t\<circ>OB)" |
507 also have "\<dots> = \<H>(fst) - \<H>(fst | t\<circ>OB)" |
522 unfolding ce_OB_eq_ce_t .. |
508 unfolding ce_OB_eq_ce_t .. |
523 also have "\<dots> = \<H>(t\<circ>OB) - \<H>(t\<circ>OB | fst)" |
509 also have "\<dots> = \<H>(t\<circ>OB) - \<H>(t\<circ>OB | fst)" |
524 unfolding entropy_chain_rule[symmetric] sign_simps |
510 unfolding entropy_chain_rule[symmetric, OF simple_function_finite simple_function_finite] sign_simps |
525 by (subst entropy_commute) simp |
511 by (subst entropy_commute[OF simple_function_finite simple_function_finite]) simp |
526 also have "\<dots> \<le> \<H>(t\<circ>OB)" |
512 also have "\<dots> \<le> \<H>(t\<circ>OB)" |
527 using conditional_entropy_positive[of "t\<circ>OB" fst] by simp |
513 using conditional_entropy_positive[of "t\<circ>OB" fst] by simp |
528 also have "\<dots> \<le> log b (real (card ((t\<circ>OB)`msgs)))" |
514 also have "\<dots> \<le> log b (real (card ((t\<circ>OB)`msgs)))" |
529 using entropy_le_card[of "t\<circ>OB"] by simp |
515 using entropy_le_card[of "t\<circ>OB"] by simp |
530 also have "\<dots> \<le> log b (real (n + 1)^card observations)" |
516 also have "\<dots> \<le> log b (real (n + 1)^card observations)" |