lp15@55321: (* Title: HOL/Number_Theory/Pocklington.thy lp15@55321: Author: Amine Chaieb lp15@55321: *) lp15@55321: wenzelm@58889: section {* Pocklington's Theorem for Primes *} lp15@55321: lp15@55321: theory Pocklington lp15@55321: imports Residues lp15@55321: begin lp15@55321: lp15@55321: subsection{*Lemmas about previously defined terms*} lp15@55321: lp15@55321: lemma prime: lp15@55321: "prime p \ p \ 0 \ p\1 \ (\m. 0 < m \ m < p \ coprime p m)" lp15@55321: (is "?lhs \ ?rhs") lp15@55321: proof- lp15@55321: {assume "p=0 \ p=1" hence ?thesis lp15@55321: by (metis one_not_prime_nat zero_not_prime_nat)} lp15@55321: moreover lp15@55321: {assume p0: "p\0" "p\1" lp15@55321: {assume H: "?lhs" lp15@55321: {fix m assume m: "m > 0" "m < p" lp15@55321: {assume "m=1" hence "coprime p m" by simp} lp15@55321: moreover lp15@55321: {assume "p dvd m" hence "p \ m" using dvd_imp_le m by blast with m(2) lp15@55321: have "coprime p m" by simp} lp15@55321: ultimately have "coprime p m" lp15@55321: by (metis H prime_imp_coprime_nat)} lp15@55321: hence ?rhs using p0 by auto} lp15@55321: moreover lp15@55321: { assume H: "\m. 0 < m \ m < p \ coprime p m" lp15@55321: obtain q where q: "prime q" "q dvd p" lp15@55321: by (metis p0(2) prime_factor_nat) lp15@55321: have q0: "q > 0" lp15@55321: by (metis prime_gt_0_nat q(1)) lp15@55321: from dvd_imp_le[OF q(2)] p0 have qp: "q \ p" by arith lp15@55321: {assume "q = p" hence ?lhs using q(1) by blast} lp15@55321: moreover lp15@55321: {assume "q\p" with qp have qplt: "q < p" by arith lp15@55337: from H qplt q0 have "coprime p q" by arith lp15@55337: hence ?lhs using q lp15@55337: by (metis gcd_semilattice_nat.inf_absorb2 one_not_prime_nat)} lp15@55321: ultimately have ?lhs by blast} lp15@55321: ultimately have ?thesis by blast} lp15@55321: ultimately show ?thesis by (cases"p=0 \ p=1", auto) lp15@55321: qed lp15@55321: lp15@55321: lemma finite_number_segment: "card { m. 0 < m \ m < n } = n - 1" lp15@55321: proof- lp15@55321: have "{ m. 0 < m \ m < n } = {1..x. [a * x = b] (mod n)" lp15@55321: proof- lp15@55321: {assume "a=0" hence ?thesis using an by (simp add: cong_nat_def)} lp15@55321: moreover lp15@55321: {assume az: "a\0" lp15@55321: from bezout_add_strong_nat[OF az, of n] lp15@55321: obtain d x y where dxy: "d dvd a" "d dvd n" "a*x = n*y + d" by blast lp15@55321: from dxy(1,2) have d1: "d = 1" lp15@55321: by (metis assms coprime_nat) lp15@55321: hence "a*x*b = (n*y + 1)*b" using dxy(3) by simp lp15@55337: hence "a*(x*b) = n*(y*b) + b" lp15@55321: by (auto simp add: algebra_simps) lp15@55321: hence "a*(x*b) mod n = (n*(y*b) + b) mod n" by simp lp15@55321: hence "a*(x*b) mod n = b mod n" by (simp add: mod_add_left_eq) lp15@55321: hence "[a*(x*b) = b] (mod n)" unfolding cong_nat_def . lp15@55321: hence ?thesis by blast} lp15@55321: ultimately show ?thesis by blast lp15@55321: qed lp15@55321: lp15@55321: lemma cong_solve_unique: lp15@55321: fixes n::nat assumes an: "coprime a n" and nz: "n \ 0" lp15@55321: shows "\!x. x < n \ [a * x = b] (mod n)" lp15@55321: proof- lp15@55321: let ?P = "\x. x < n \ [a * x = b] (mod n)" lp15@55321: from cong_solve[OF an] obtain x where x: "[a*x = b] (mod n)" by blast lp15@55321: let ?x = "x mod n" lp15@55321: from x have th: "[a * ?x = b] (mod n)" lp15@55321: by (simp add: cong_nat_def mod_mult_right_eq[of a x n]) lp15@55321: from mod_less_divisor[ of n x] nz th have Px: "?P ?x" by simp lp15@55321: {fix y assume Py: "y < n" "[a * y = b] (mod n)" lp15@55321: from Py(2) th have "[a * y = a*?x] (mod n)" by (simp add: cong_nat_def) lp15@55321: hence "[y = ?x] (mod n)" lp15@55321: by (metis an cong_mult_lcancel_nat) lp15@55321: with mod_less[OF Py(1)] mod_less_divisor[ of n x] nz lp15@55321: have "y = ?x" by (simp add: cong_nat_def)} lp15@55321: with Px show ?thesis by blast lp15@55321: qed lp15@55321: lp15@55321: lemma cong_solve_unique_nontrivial: lp15@55321: assumes p: "prime p" and pa: "coprime p a" and x0: "0 < x" and xp: "x < p" lp15@55321: shows "\!y. 0 < y \ y < p \ [x * y = a] (mod p)" lp15@55321: proof- lp15@55321: from pa have ap: "coprime a p" lp15@55321: by (metis gcd_nat.commute) lp15@55321: have px:"coprime x p" lp15@55321: by (metis gcd_nat.commute p prime x0 xp) lp15@55321: obtain y where y: "y < p" "[x * y = a] (mod p)" "\z. z < p \ [x * z = a] (mod p) \ z = y" lp15@55321: by (metis cong_solve_unique neq0_conv p prime_gt_0_nat px) lp15@55321: {assume y0: "y = 0" lp15@55321: with y(2) have th: "p dvd a" lp15@55321: by (metis cong_dvd_eq_nat gcd_lcm_complete_lattice_nat.top_greatest mult_0_right) lp15@55321: have False lp15@55321: by (metis gcd_nat.absorb1 one_not_prime_nat p pa th)} lp15@55321: with y show ?thesis unfolding Ex1_def using neq0_conv by blast lp15@55321: qed lp15@55321: lp15@55321: lemma cong_unique_inverse_prime: lp15@55321: assumes p: "prime p" and x0: "0 < x" and xp: "x < p" lp15@55321: shows "\!y. 0 < y \ y < p \ [x * y = 1] (mod p)" lp15@55321: by (metis cong_solve_unique_nontrivial gcd_lcm_complete_lattice_nat.inf_bot_left gcd_nat.commute assms) lp15@55321: lp15@55321: lemma chinese_remainder_coprime_unique: lp15@55321: fixes a::nat lp15@55321: assumes ab: "coprime a b" and az: "a \ 0" and bz: "b \ 0" lp15@55321: and ma: "coprime m a" and nb: "coprime n b" lp15@55321: shows "\!x. coprime x (a * b) \ x < a * b \ [x = m] (mod a) \ [x = n] (mod b)" lp15@55321: proof- lp15@55321: let ?P = "\x. x < a * b \ [x = m] (mod a) \ [x = n] (mod b)" lp15@55321: from binary_chinese_remainder_unique_nat[OF ab az bz] lp15@55321: obtain x where x: "x < a * b" "[x = m] (mod a)" "[x = n] (mod b)" lp15@55321: "\y. ?P y \ y = x" by blast lp15@55321: from ma nb x lp15@55321: have "coprime x a" "coprime x b" lp15@55321: by (metis cong_gcd_eq_nat)+ lp15@55321: then have "coprime x (a*b)" lp15@55321: by (metis coprime_mul_eq_nat) lp15@55321: with x show ?thesis by blast lp15@55321: qed lp15@55321: lp15@55321: lp15@55321: subsection{*Lucas's theorem*} lp15@55321: lp15@55321: lemma phi_limit_strong: "phi(n) \ n - 1" lp15@55321: proof - lp15@55321: have "phi n = card {x. 0 < x \ x < int n \ coprime x (int n)}" lp15@55321: by (simp add: phi_def) lp15@55321: also have "... \ card {0 <..< int n}" lp15@55321: by (rule card_mono) auto lp15@55321: also have "... = card {0 <..< n}" lp15@55321: by (simp add: transfer_nat_int_set_functions) lp15@55321: also have "... \ n - 1" lp15@55321: by (metis card_greaterThanLessThan le_refl One_nat_def) lp15@55321: finally show ?thesis . lp15@55321: qed lp15@55321: lp15@55321: lemma phi_lowerbound_1: assumes n: "n \ 2" lp15@55321: shows "phi n \ 1" lp15@55321: proof - lp15@55321: have "1 \ card {0::int <.. 1}" lp15@55321: by auto lp15@55321: also have "... \ card {x. 0 < x \ x < n \ coprime x n}" lp15@55321: apply (rule card_mono) using assms lp15@55337: by auto (metis dual_order.antisym gcd_1_int gcd_int.commute int_one_le_iff_zero_less) lp15@55321: also have "... = phi n" lp15@55321: by (simp add: phi_def) lp15@55321: finally show ?thesis . lp15@55321: qed lp15@55321: lp15@55321: lemma phi_lowerbound_1_nat: assumes n: "n \ 2" lp15@55321: shows "phi(int n) \ 1" lp15@55321: by (metis n nat_le_iff nat_numeral phi_lowerbound_1) lp15@55321: lp15@55321: lemma euler_theorem_nat: lp15@55321: fixes m::nat lp15@55321: assumes "coprime a m" lp15@55321: shows "[a ^ phi m = 1] (mod m)" lp15@55321: by (metis assms le0 euler_theorem [transferred]) lp15@55321: lp15@55321: lemma lucas_coprime_lemma: lp15@55321: fixes n::nat lp15@55321: assumes m: "m\0" and am: "[a^m = 1] (mod n)" lp15@55321: shows "coprime a n" lp15@55321: proof- lp15@55321: {assume "n=1" hence ?thesis by simp} lp15@55321: moreover lp15@55321: {assume "n = 0" hence ?thesis using am m lp15@55321: by (metis am cong_0_nat gcd_nat.right_neutral power_eq_one_eq_nat)} lp15@55321: moreover lp15@55321: {assume n: "n\0" "n\1" lp15@55321: from m obtain m' where m': "m = Suc m'" by (cases m, blast+) lp15@55321: {fix d lp15@55321: assume d: "d dvd a" "d dvd n" lp15@55321: from n have n1: "1 < n" by arith lp15@55321: from am mod_less[OF n1] have am1: "a^m mod n = 1" unfolding cong_nat_def by simp lp15@55321: from dvd_mult2[OF d(1), of "a^m'"] have dam:"d dvd a^m" by (simp add: m') lp15@55321: from dvd_mod_iff[OF d(2), of "a^m"] dam am1 lp15@55321: have "d = 1" by simp } lp15@55321: hence ?thesis by auto lp15@55321: } lp15@55321: ultimately show ?thesis by blast lp15@55321: qed lp15@55321: lp15@55321: lemma lucas_weak: lp15@55321: fixes n::nat lp15@55321: assumes n: "n \ 2" and an:"[a^(n - 1) = 1] (mod n)" lp15@55321: and nm: "\m. 0 m < n - 1 \ \ [a^m = 1] (mod n)" lp15@55321: shows "prime n" lp15@55321: proof- lp15@55321: from n have n1: "n \ 1" "n\0" "n - 1 \ 0" "n - 1 > 0" "n - 1 < n" by arith+ lp15@55321: from lucas_coprime_lemma[OF n1(3) an] have can: "coprime a n" . lp15@55321: from euler_theorem_nat[OF can] have afn: "[a ^ phi n = 1] (mod n)" lp15@55321: by auto lp15@55321: {assume "phi n \ n - 1" lp15@55321: with phi_limit_strong phi_lowerbound_1_nat [OF n] lp15@55321: have c:"phi n > 0 \ phi n < n - 1" lp15@55321: by (metis gr0I leD less_linear not_one_le_zero) lp15@55321: from nm[rule_format, OF c] afn have False ..} lp15@55321: hence "phi n = n - 1" by blast lp15@55321: with prime_phi phi_prime n1(1,2) show ?thesis lp15@55321: by auto lp15@55321: qed lp15@55321: lp15@55321: lemma nat_exists_least_iff: "(\(n::nat). P n) \ (\n. P n \ (\m < n. \ P m))" lp15@55337: by (metis ex_least_nat_le not_less0) lp15@55321: lp15@55321: lemma nat_exists_least_iff': "(\(n::nat). P n) \ (P (Least P) \ (\m < (Least P). \ P m))" lp15@55321: (is "?lhs \ ?rhs") lp15@55321: proof- lp15@55321: {assume ?rhs hence ?lhs by blast} lp15@55321: moreover lp15@55321: { assume H: ?lhs then obtain n where n: "P n" by blast lp15@55321: let ?x = "Least P" lp15@55321: {fix m assume m: "m < ?x" lp15@55321: from not_less_Least[OF m] have "\ P m" .} lp15@55321: with LeastI_ex[OF H] have ?rhs by blast} lp15@55321: ultimately show ?thesis by blast lp15@55321: qed lp15@55321: lp15@55321: theorem lucas: lp15@55321: assumes n2: "n \ 2" and an1: "[a^(n - 1) = 1] (mod n)" lp15@55321: and pn: "\p. prime p \ p dvd n - 1 \ [a^((n - 1) div p) \ 1] (mod n)" lp15@55321: shows "prime n" lp15@55321: proof- lp15@55321: from n2 have n01: "n\0" "n\1" "n - 1 \ 0" by arith+ lp15@55321: from mod_less_divisor[of n 1] n01 have onen: "1 mod n = 1" by simp lp15@55321: from lucas_coprime_lemma[OF n01(3) an1] cong_imp_coprime_nat an1 lp15@55321: have an: "coprime a n" "coprime (a^(n - 1)) n" lp15@55321: by (auto simp add: coprime_exp_nat gcd_nat.commute) lp15@55321: {assume H0: "\m. 0 < m \ m < n - 1 \ [a ^ m = 1] (mod n)" (is "EX m. ?P m") lp15@55321: from H0[unfolded nat_exists_least_iff[of ?P]] obtain m where lp15@55321: m: "0 < m" "m < n - 1" "[a ^ m = 1] (mod n)" "\k ?P k" by blast lp15@55321: {assume nm1: "(n - 1) mod m > 0" lp15@55321: from mod_less_divisor[OF m(1)] have th0:"(n - 1) mod m < m" by blast lp15@55321: let ?y = "a^ ((n - 1) div m * m)" lp15@55321: note mdeq = mod_div_equality[of "(n - 1)" m] lp15@55321: have yn: "coprime ?y n" lp15@55321: by (metis an(1) coprime_exp_nat gcd_nat.commute) lp15@55321: have "?y mod n = (a^m)^((n - 1) div m) mod n" lp15@55321: by (simp add: algebra_simps power_mult) lp15@55321: also have "\ = (a^m mod n)^((n - 1) div m) mod n" lp15@55321: using power_mod[of "a^m" n "(n - 1) div m"] by simp lp15@55321: also have "\ = 1" using m(3)[unfolded cong_nat_def onen] onen lp15@55321: by (metis power_one) lp15@55321: finally have th3: "?y mod n = 1" . lp15@55321: have th2: "[?y * a ^ ((n - 1) mod m) = ?y* 1] (mod n)" lp15@55321: using an1[unfolded cong_nat_def onen] onen lp15@55321: mod_div_equality[of "(n - 1)" m, symmetric] lp15@55321: by (simp add:power_add[symmetric] cong_nat_def th3 del: One_nat_def) lp15@55321: have th1: "[a ^ ((n - 1) mod m) = 1] (mod n)" haftmann@57512: by (metis cong_mult_rcancel_nat mult.commute th2 yn) lp15@55321: from m(4)[rule_format, OF th0] nm1 lp15@55321: less_trans[OF mod_less_divisor[OF m(1), of "n - 1"] m(2)] th1 lp15@55321: have False by blast } lp15@55321: hence "(n - 1) mod m = 0" by auto lp15@55321: then have mn: "m dvd n - 1" by presburger lp15@55321: then obtain r where r: "n - 1 = m*r" unfolding dvd_def by blast lp15@55321: from n01 r m(2) have r01: "r\0" "r\1" by - (rule ccontr, simp)+ lp15@55321: obtain p where p: "prime p" "p dvd r" lp15@55321: by (metis prime_factor_nat r01(2)) lp15@55321: hence th: "prime p \ p dvd n - 1" unfolding r by (auto intro: dvd_mult) lp15@55321: have "(a ^ ((n - 1) div p)) mod n = (a^(m*r div p)) mod n" using r lp15@55321: by (simp add: power_mult) lp15@55337: also have "\ = (a^(m*(r div p))) mod n" lp15@55337: using div_mult1_eq[of m r p] p(2)[unfolded dvd_eq_mod_eq_0] lp15@55337: by simp lp15@55321: also have "\ = ((a^m)^(r div p)) mod n" by (simp add: power_mult) lp15@55337: also have "\ = ((a^m mod n)^(r div p)) mod n" using power_mod .. lp15@55337: also have "\ = 1" using m(3) onen by (simp add: cong_nat_def) lp15@55321: finally have "[(a ^ ((n - 1) div p))= 1] (mod n)" lp15@55321: using onen by (simp add: cong_nat_def) lp15@55337: with pn th have False by blast} lp15@55321: hence th: "\m. 0 < m \ m < n - 1 \ \ [a ^ m = 1] (mod n)" by blast lp15@55321: from lucas_weak[OF n2 an1 th] show ?thesis . lp15@55321: qed lp15@55321: lp15@55321: lp15@55321: subsection{*Definition of the order of a number mod n (0 in non-coprime case)*} lp15@55321: lp15@55321: definition "ord n a = (if coprime n a then Least (\d. d > 0 \ [a ^d = 1] (mod n)) else 0)" lp15@55321: lp15@55321: (* This has the expected properties. *) lp15@55321: lp15@55321: lemma coprime_ord: lp15@55321: fixes n::nat lp15@55321: assumes "coprime n a" lp15@55321: shows "ord n a > 0 \ [a ^(ord n a) = 1] (mod n) \ (\m. 0 < m \ m < ord n a \ [a^ m \ 1] (mod n))" lp15@55321: proof- lp15@55321: let ?P = "\d. 0 < d \ [a ^ d = 1] (mod n)" lp15@55321: from bigger_prime[of a] obtain p where p: "prime p" "a < p" by blast lp15@55321: from assms have o: "ord n a = Least ?P" by (simp add: ord_def) lp15@55321: {assume "n=0 \ n=1" with assms have "\m>0. ?P m" lp15@55321: by auto} lp15@55321: moreover lp15@55321: {assume "n\0 \ n\1" hence n2:"n \ 2" by arith lp15@55321: from assms have na': "coprime a n" lp15@55321: by (metis gcd_nat.commute) lp15@55321: from phi_lowerbound_1_nat[OF n2] euler_theorem_nat [OF na'] lp15@55321: have ex: "\m>0. ?P m" by - (rule exI[where x="phi n"], auto) } lp15@55321: ultimately have ex: "\m>0. ?P m" by blast lp15@55321: from nat_exists_least_iff'[of ?P] ex assms show ?thesis lp15@55321: unfolding o[symmetric] by auto lp15@55321: qed lp15@55321: lp15@55321: (* With the special value 0 for non-coprime case, it's more convenient. *) lp15@55321: lemma ord_works: lp15@55321: fixes n::nat lp15@55321: shows "[a ^ (ord n a) = 1] (mod n) \ (\m. 0 < m \ m < ord n a \ ~[a^ m = 1] (mod n))" lp15@55321: apply (cases "coprime n a") lp15@55321: using coprime_ord[of n a] lp15@55337: by (auto simp add: ord_def cong_nat_def) lp15@55321: lp15@55321: lemma ord: lp15@55321: fixes n::nat lp15@55321: shows "[a^(ord n a) = 1] (mod n)" using ord_works by blast lp15@55321: lp15@55321: lemma ord_minimal: lp15@55321: fixes n::nat lp15@55321: shows "0 < m \ m < ord n a \ ~[a^m = 1] (mod n)" lp15@55321: using ord_works by blast lp15@55321: lp15@55321: lemma ord_eq_0: lp15@55321: fixes n::nat lp15@55321: shows "ord n a = 0 \ ~coprime n a" lp15@55321: by (cases "coprime n a", simp add: coprime_ord, simp add: ord_def) lp15@55321: lp15@55321: lemma divides_rexp: lp15@55321: "x dvd y \ (x::nat) dvd (y^(Suc n))" lp15@55321: by (simp add: dvd_mult2[of x y]) lp15@55321: lp15@55321: lemma ord_divides: lp15@55321: fixes n::nat lp15@55321: shows "[a ^ d = 1] (mod n) \ ord n a dvd d" (is "?lhs \ ?rhs") lp15@55321: proof lp15@55321: assume rh: ?rhs lp15@55321: then obtain k where "d = ord n a * k" unfolding dvd_def by blast lp15@55321: hence "[a ^ d = (a ^ (ord n a) mod n)^k] (mod n)" lp15@55321: by (simp add : cong_nat_def power_mult power_mod) lp15@55321: also have "[(a ^ (ord n a) mod n)^k = 1] (mod n)" lp15@55321: using ord[of a n, unfolded cong_nat_def] lp15@55321: by (simp add: cong_nat_def power_mod) lp15@55321: finally show ?lhs . lp15@55321: next lp15@55321: assume lh: ?lhs lp15@55321: { assume H: "\ coprime n a" lp15@55321: hence o: "ord n a = 0" by (simp add: ord_def) lp15@55321: {assume d: "d=0" with o H have ?rhs by (simp add: cong_nat_def)} lp15@55321: moreover lp15@55321: {assume d0: "d\0" then obtain d' where d': "d = Suc d'" by (cases d, auto) lp15@55321: from H lp15@55321: obtain p where p: "p dvd n" "p dvd a" "p \ 1" by auto lp15@55321: from lh lp15@55321: obtain q1 q2 where q12:"a ^ d + n * q1 = 1 + n * q2" lp15@55321: by (metis H d0 gcd_nat.commute lucas_coprime_lemma) lp15@55321: hence "a ^ d + n * q1 - n * q2 = 1" by simp lp15@55337: with dvd_diff_nat [OF dvd_add [OF divides_rexp]] dvd_mult2 d' p lp15@55337: have "p dvd 1" lp15@55337: by metis lp15@55321: with p(3) have False by simp lp15@55321: hence ?rhs ..} lp15@55321: ultimately have ?rhs by blast} lp15@55321: moreover lp15@55321: {assume H: "coprime n a" lp15@55321: let ?o = "ord n a" lp15@55321: let ?q = "d div ord n a" lp15@55321: let ?r = "d mod ord n a" lp15@55321: have eqo: "[(a^?o)^?q = 1] (mod n)" lp15@55321: by (metis cong_exp_nat ord power_one) lp15@55321: from H have onz: "?o \ 0" by (simp add: ord_eq_0) lp15@55321: hence op: "?o > 0" by simp lp15@55321: from mod_div_equality[of d "ord n a"] lh haftmann@57512: have "[a^(?o*?q + ?r) = 1] (mod n)" by (simp add: cong_nat_def mult.commute) lp15@55321: hence "[(a^?o)^?q * (a^?r) = 1] (mod n)" lp15@55321: by (simp add: cong_nat_def power_mult[symmetric] power_add[symmetric]) lp15@55321: hence th: "[a^?r = 1] (mod n)" lp15@55321: using eqo mod_mult_left_eq[of "(a^?o)^?q" "a^?r" n] lp15@55321: apply (simp add: cong_nat_def del: One_nat_def) lp15@55321: by (simp add: mod_mult_left_eq[symmetric]) lp15@55321: {assume r: "?r = 0" hence ?rhs by (simp add: dvd_eq_mod_eq_0)} lp15@55321: moreover lp15@55321: {assume r: "?r \ 0" lp15@55321: with mod_less_divisor[OF op, of d] have r0o:"?r >0 \ ?r < ?o" by simp lp15@55321: from conjunct2[OF ord_works[of a n], rule_format, OF r0o] th lp15@55321: have ?rhs by blast} lp15@55321: ultimately have ?rhs by blast} lp15@55321: ultimately show ?rhs by blast lp15@55321: qed lp15@55321: lp15@55321: lemma order_divides_phi: lp15@55321: fixes n::nat shows "coprime n a \ ord n a dvd phi n" lp15@55321: by (metis ord_divides euler_theorem_nat gcd_nat.commute) lp15@55321: lp15@55321: lemma order_divides_expdiff: lp15@55321: fixes n::nat and a::nat assumes na: "coprime n a" lp15@55321: shows "[a^d = a^e] (mod n) \ [d = e] (mod (ord n a))" lp15@55321: proof- lp15@55321: {fix n::nat and a::nat and d::nat and e::nat lp15@55321: assume na: "coprime n a" and ed: "(e::nat) \ d" lp15@55321: hence "\c. d = e + c" by presburger lp15@55321: then obtain c where c: "d = e + c" by presburger lp15@55321: from na have an: "coprime a n" lp15@55321: by (metis gcd_nat.commute) lp15@55321: have aen: "coprime (a^e) n" lp15@55321: by (metis coprime_exp_nat gcd_nat.commute na) lp15@55321: have acn: "coprime (a^c) n" lp15@55321: by (metis coprime_exp_nat gcd_nat.commute na) lp15@55321: have "[a^d = a^e] (mod n) \ [a^(e + c) = a^(e + 0)] (mod n)" lp15@55321: using c by simp lp15@55321: also have "\ \ [a^e* a^c = a^e *a^0] (mod n)" by (simp add: power_add) lp15@55321: also have "\ \ [a ^ c = 1] (mod n)" lp15@55321: using cong_mult_lcancel_nat [OF aen, of "a^c" "a^0"] by simp lp15@55321: also have "\ \ ord n a dvd c" by (simp only: ord_divides) lp15@55321: also have "\ \ [e + c = e + 0] (mod ord n a)" lp15@55321: using cong_add_lcancel_nat lp15@55321: by (metis cong_dvd_eq_nat dvd_0_right cong_dvd_modulus_nat cong_mult_self_nat nat_mult_1) lp15@55321: finally have "[a^d = a^e] (mod n) \ [d = e] (mod (ord n a))" lp15@55321: using c by simp } lp15@55321: note th = this lp15@55321: have "e \ d \ d \ e" by arith lp15@55321: moreover lp15@55321: {assume ed: "e \ d" from th[OF na ed] have ?thesis .} lp15@55321: moreover lp15@55321: {assume de: "d \ e" lp15@55321: from th[OF na de] have ?thesis lp15@55321: by (metis cong_sym_nat)} lp15@55321: ultimately show ?thesis by blast lp15@55321: qed lp15@55321: lp15@55321: subsection{*Another trivial primality characterization*} lp15@55321: lp15@55321: lemma prime_prime_factor: lp15@55337: "prime n \ n \ 1 \ (\p. prime p \ p dvd n \ p = n)" lp15@55337: (is "?lhs \ ?rhs") lp15@55337: proof (cases "n=0 \ n=1") lp15@55337: case True lp15@55337: then show ?thesis lp15@55337: by (metis bigger_prime dvd_0_right one_not_prime_nat zero_not_prime_nat) lp15@55337: next lp15@55337: case False lp15@55337: show ?thesis lp15@55337: proof lp15@55337: assume "prime n" lp15@55337: then show ?rhs lp15@55337: by (metis one_not_prime_nat prime_nat_def) lp15@55337: next lp15@55337: assume ?rhs lp15@55337: with False show "prime n" lp15@55337: by (auto simp: prime_def) (metis One_nat_def prime_factor_nat prime_nat_def) lp15@55337: qed lp15@55321: qed lp15@55321: lp15@55321: lemma prime_divisor_sqrt: lp15@55321: "prime n \ n \ 1 \ (\d. d dvd n \ d\<^sup>2 \ n \ d = 1)" lp15@55321: proof - lp15@55321: {assume "n=0 \ n=1" hence ?thesis lp15@55321: by (metis dvd.order_refl le_refl one_not_prime_nat power_zero_numeral zero_not_prime_nat)} lp15@55321: moreover lp15@55321: {assume n: "n\0" "n\1" lp15@55321: hence np: "n > 1" by arith lp15@55321: {fix d assume d: "d dvd n" "d\<^sup>2 \ n" and H: "\m. m dvd n \ m=1 \ m=n" lp15@55321: from H d have d1n: "d = 1 \ d=n" by blast lp15@55321: {assume dn: "d=n" lp15@55321: have "n\<^sup>2 > n*1" using n by (simp add: power2_eq_square) lp15@55321: with dn d(2) have "d=1" by simp} lp15@55321: with d1n have "d = 1" by blast } lp15@55321: moreover lp15@55321: {fix d assume d: "d dvd n" and H: "\d'. d' dvd n \ d'\<^sup>2 \ n \ d' = 1" lp15@55321: from d n have "d \ 0" lp15@55321: by (metis dvd_0_left_iff) lp15@55321: hence dp: "d > 0" by simp lp15@55321: from d[unfolded dvd_def] obtain e where e: "n= d*e" by blast lp15@55321: from n dp e have ep:"e > 0" by simp lp15@55321: have "d\<^sup>2 \ n \ e\<^sup>2 \ n" using dp ep lp15@55321: by (auto simp add: e power2_eq_square mult_le_cancel_left) lp15@55321: moreover lp15@55321: {assume h: "d\<^sup>2 \ n" lp15@55321: from H[rule_format, of d] h d have "d = 1" by blast} lp15@55321: moreover lp15@55321: {assume h: "e\<^sup>2 \ n" haftmann@57512: from e have "e dvd n" unfolding dvd_def by (simp add: mult.commute) lp15@55321: with H[rule_format, of e] h have "e=1" by simp lp15@55321: with e have "d = n" by simp} lp15@55321: ultimately have "d=1 \ d=n" by blast} lp15@55321: ultimately have ?thesis unfolding prime_def using np n(2) by blast} lp15@55321: ultimately show ?thesis by auto lp15@55321: qed lp15@55321: lp15@55321: lemma prime_prime_factor_sqrt: lp15@55321: "prime n \ n \ 0 \ n \ 1 \ \ (\p. prime p \ p dvd n \ p\<^sup>2 \ n)" lp15@55321: (is "?lhs \?rhs") lp15@55321: proof- lp15@55321: {assume "n=0 \ n=1" lp15@55321: hence ?thesis lp15@55321: by (metis one_not_prime_nat zero_not_prime_nat)} lp15@55321: moreover lp15@55321: {assume n: "n\0" "n\1" lp15@55321: {assume H: ?lhs lp15@55321: from H[unfolded prime_divisor_sqrt] n lp15@55321: have ?rhs lp15@55337: by (metis prime_prime_factor) } lp15@55321: moreover lp15@55321: {assume H: ?rhs lp15@55321: {fix d assume d: "d dvd n" "d\<^sup>2 \ n" "d\1" lp15@55321: then obtain p where p: "prime p" "p dvd d" lp15@55321: by (metis prime_factor_nat) lp15@55337: from d(1) n have dp: "d > 0" lp15@55337: by (metis dvd_0_left neq0_conv) lp15@55321: from mult_mono[OF dvd_imp_le[OF p(2) dp] dvd_imp_le[OF p(2) dp]] d(2) lp15@55321: have "p\<^sup>2 \ n" unfolding power2_eq_square by arith lp15@55321: with H n p(1) dvd_trans[OF p(2) d(1)] have False by blast} lp15@55321: with n prime_divisor_sqrt have ?lhs by auto} lp15@55321: ultimately have ?thesis by blast } lp15@55321: ultimately show ?thesis by (cases "n=0 \ n=1", auto) lp15@55321: qed lp15@55321: lp15@55321: lp15@55321: subsection{*Pocklington theorem*} lp15@55321: lp15@55321: lemma pocklington_lemma: lp15@55321: assumes n: "n \ 2" and nqr: "n - 1 = q*r" and an: "[a^ (n - 1) = 1] (mod n)" lp15@55321: and aq:"\p. prime p \ p dvd q \ coprime (a^ ((n - 1) div p) - 1) n" lp15@55321: and pp: "prime p" and pn: "p dvd n" lp15@55321: shows "[p = 1] (mod q)" lp15@55321: proof - lp15@55321: have p01: "p \ 0" "p \ 1" using pp one_not_prime_nat zero_not_prime_nat by auto lp15@55321: obtain k where k: "a ^ (q * r) - 1 = n*k" lp15@55321: by (metis an cong_to_1_nat dvd_def nqr) lp15@55321: from pn[unfolded dvd_def] obtain l where l: "n = p*l" by blast lp15@55321: {assume a0: "a = 0" lp15@55321: hence "a^ (n - 1) = 0" using n by (simp add: power_0_left) lp15@55321: with n an mod_less[of 1 n] have False by (simp add: power_0_left cong_nat_def)} lp15@55321: hence a0: "a\0" .. lp15@55321: from n nqr have aqr0: "a ^ (q * r) \ 0" using a0 by simp lp15@55321: hence "(a ^ (q * r) - 1) + 1 = a ^ (q * r)" by simp lp15@55321: with k l have "a ^ (q * r) = p*l*k + 1" by simp haftmann@57514: hence "a ^ (r * q) + p * 0 = 1 + p * (l*k)" by (simp add: ac_simps) lp15@55321: hence odq: "ord p (a^r) dvd q" lp15@55321: unfolding ord_divides[symmetric] power_mult[symmetric] haftmann@57512: by (metis an cong_dvd_modulus_nat mult.commute nqr pn) lp15@55321: from odq[unfolded dvd_def] obtain d where d: "q = ord p (a^r) * d" by blast lp15@55321: {assume d1: "d \ 1" lp15@55321: obtain P where P: "prime P" "P dvd d" lp15@55321: by (metis d1 prime_factor_nat) lp15@55321: from d dvd_mult[OF P(2), of "ord p (a^r)"] have Pq: "P dvd q" by simp lp15@55321: from aq P(1) Pq have caP:"coprime (a^ ((n - 1) div P) - 1) n" by blast lp15@55321: from Pq obtain s where s: "q = P*s" unfolding dvd_def by blast lp15@55321: have P0: "P \ 0" using P(1) lp15@55321: by (metis zero_not_prime_nat) lp15@55321: from P(2) obtain t where t: "d = P*t" unfolding dvd_def by blast lp15@55321: from d s t P0 have s': "ord p (a^r) * t = s" haftmann@57512: by (metis mult.commute mult_cancel1 mult.assoc) lp15@55321: have "ord p (a^r) * t*r = r * ord p (a^r) * t" haftmann@57512: by (metis mult.assoc mult.commute) lp15@55321: hence exps: "a^(ord p (a^r) * t*r) = ((a ^ r) ^ ord p (a^r)) ^ t" lp15@55321: by (simp only: power_mult) lp15@55321: then have th: "[((a ^ r) ^ ord p (a^r)) ^ t= 1] (mod p)" lp15@55337: by (metis cong_exp_nat ord power_one) lp15@55321: have pd0: "p dvd a^(ord p (a^r) * t*r) - 1" lp15@55321: by (metis cong_to_1_nat exps th) lp15@55321: from nqr s s' have "(n - 1) div P = ord p (a^r) * t*r" using P0 by simp lp15@55321: with caP have "coprime (a^(ord p (a^r) * t*r) - 1) n" by simp lp15@55321: with p01 pn pd0 coprime_common_divisor_nat have False lp15@55321: by auto} lp15@55321: hence d1: "d = 1" by blast lp15@55321: hence o: "ord p (a^r) = q" using d by simp lp15@55321: from pp phi_prime[of p] have phip: "phi p = p - 1" by simp lp15@55321: {fix d assume d: "d dvd p" "d dvd a" "d \ 1" lp15@55321: from pp[unfolded prime_def] d have dp: "d = p" by blast lp15@55321: from n have "n \ 0" by simp lp15@55321: then have False using d lp15@55321: by (metis coprime_minus_one_nat dp lucas_coprime_lemma an coprime_nat lp15@55321: gcd_lcm_complete_lattice_nat.top_greatest pn)} lp15@55321: hence cpa: "coprime p a" by auto lp15@55321: have arp: "coprime (a^r) p" lp15@55321: by (metis coprime_exp_nat cpa gcd_nat.commute) lp15@55321: from euler_theorem_nat[OF arp, simplified ord_divides] o phip lp15@55321: have "q dvd (p - 1)" by simp lp15@55337: then obtain d where d:"p - 1 = q * d" lp15@55337: unfolding dvd_def by blast lp15@55321: have p0:"p \ 0" lp15@55321: by (metis p01(1)) lp15@55321: from p0 d have "p + q * 0 = 1 + q * d" by simp lp15@55321: then show ?thesis haftmann@57512: by (metis cong_iff_lin_nat mult.commute) lp15@55321: qed lp15@55321: lp15@55321: theorem pocklington: lp15@55321: assumes n: "n \ 2" and nqr: "n - 1 = q*r" and sqr: "n \ q\<^sup>2" lp15@55321: and an: "[a^ (n - 1) = 1] (mod n)" lp15@55321: and aq: "\p. prime p \ p dvd q \ coprime (a^ ((n - 1) div p) - 1) n" lp15@55321: shows "prime n" lp15@55321: unfolding prime_prime_factor_sqrt[of n] lp15@55321: proof- lp15@55321: let ?ths = "n \ 0 \ n \ 1 \ \ (\p. prime p \ p dvd n \ p\<^sup>2 \ n)" lp15@55321: from n have n01: "n\0" "n\1" by arith+ lp15@55321: {fix p assume p: "prime p" "p dvd n" "p\<^sup>2 \ n" lp15@55321: from p(3) sqr have "p^(Suc 1) \ q^(Suc 1)" by (simp add: power2_eq_square) lp15@55321: hence pq: "p \ q" lp15@55321: by (metis le0 power_le_imp_le_base) lp15@55321: from pocklington_lemma[OF n nqr an aq p(1,2)] lp15@55321: have th: "q dvd p - 1" lp15@55321: by (metis cong_to_1_nat) lp15@55321: have "p - 1 \ 0" using prime_ge_2_nat [OF p(1)] by arith lp15@55321: with pq p have False lp15@55321: by (metis Suc_diff_1 gcd_le2_nat gcd_semilattice_nat.inf_absorb1 not_less_eq_eq lp15@55321: prime_gt_0_nat th) } lp15@55321: with n01 show ?ths by blast lp15@55321: qed lp15@55321: lp15@55321: (* Variant for application, to separate the exponentiation. *) lp15@55321: lemma pocklington_alt: lp15@55321: assumes n: "n \ 2" and nqr: "n - 1 = q*r" and sqr: "n \ q\<^sup>2" lp15@55321: and an: "[a^ (n - 1) = 1] (mod n)" lp15@55321: and aq:"\p. prime p \ p dvd q \ (\b. [a^((n - 1) div p) = b] (mod n) \ coprime (b - 1) n)" lp15@55321: shows "prime n" lp15@55321: proof- lp15@55321: {fix p assume p: "prime p" "p dvd q" lp15@55321: from aq[rule_format] p obtain b where lp15@55321: b: "[a^((n - 1) div p) = b] (mod n)" "coprime (b - 1) n" by blast lp15@55321: {assume a0: "a=0" lp15@55321: from n an have "[0 = 1] (mod n)" unfolding a0 power_0_left by auto lp15@55321: hence False using n by (simp add: cong_nat_def dvd_eq_mod_eq_0[symmetric])} lp15@55321: hence a0: "a\ 0" .. lp15@55321: hence a1: "a \ 1" by arith lp15@55321: from one_le_power[OF a1] have ath: "1 \ a ^ ((n - 1) div p)" . lp15@55321: {assume b0: "b = 0" lp15@55321: from p(2) nqr have "(n - 1) mod p = 0" lp15@55321: by (metis mod_0 mod_mod_cancel mod_mult_self1_is_0) lp15@55321: with mod_div_equality[of "n - 1" p] lp15@55321: have "(n - 1) div p * p= n - 1" by auto lp15@55321: hence eq: "(a^((n - 1) div p))^p = a^(n - 1)" lp15@55321: by (simp only: power_mult[symmetric]) lp15@55321: have "p - 1 \ 0" using prime_ge_2_nat [OF p(1)] by arith lp15@55321: then have pS: "Suc (p - 1) = p" by arith lp15@55321: from b have d: "n dvd a^((n - 1) div p)" unfolding b0 lp15@55321: by (metis b0 diff_0_eq_0 gcd_dvd2_nat gcd_lcm_complete_lattice_nat.inf_bot_left lp15@55321: gcd_lcm_complete_lattice_nat.inf_top_left) lp15@55321: from divides_rexp[OF d, of "p - 1"] pS eq cong_dvd_eq_nat [OF an] n lp15@55321: have False lp15@55321: by simp} lp15@55321: then have b0: "b \ 0" .. lp15@55346: hence b1: "b \ 1" by arith lp15@55346: from cong_imp_coprime_nat[OF Cong.cong_diff_nat[OF cong_sym_nat [OF b(1)] cong_refl_nat[of 1] b1]] lp15@55346: ath b1 b nqr lp15@55321: have "coprime (a ^ ((n - 1) div p) - 1) n" lp15@55321: by simp} lp15@55321: hence th: "\p. prime p \ p dvd q \ coprime (a ^ ((n - 1) div p) - 1) n " lp15@55321: by blast lp15@55321: from pocklington[OF n nqr sqr an th] show ?thesis . lp15@55321: qed lp15@55321: lp15@55321: lp15@55321: subsection{*Prime factorizations*} lp15@55321: wenzelm@55370: (* FIXME some overlap with material in UniqueFactorization, class unique_factorization *) lp15@55321: lp15@55321: definition "primefact ps n = (foldr op * ps 1 = n \ (\p\ set ps. prime p))" lp15@55321: lp15@55321: lemma primefact: assumes n: "n \ 0" lp15@55321: shows "\ps. primefact ps n" lp15@55321: using n lp15@55321: proof(induct n rule: nat_less_induct) lp15@55321: fix n assume H: "\m 0 \ (\ps. primefact ps m)" and n: "n\0" lp15@55321: let ?ths = "\ps. primefact ps n" lp15@55321: {assume "n = 1" lp15@55321: hence "primefact [] n" by (simp add: primefact_def) lp15@55321: hence ?ths by blast } lp15@55321: moreover lp15@55321: {assume n1: "n \ 1" lp15@55321: with n have n2: "n \ 2" by arith lp15@55321: obtain p where p: "prime p" "p dvd n" lp15@55321: by (metis n1 prime_factor_nat) lp15@55321: from p(2) obtain m where m: "n = p*m" unfolding dvd_def by blast lp15@55321: from n m have m0: "m > 0" "m\0" by auto lp15@55321: have "1 < p" lp15@55321: by (metis p(1) prime_nat_def) lp15@55321: with m0 m have mn: "m < n" by auto lp15@55321: from H[rule_format, OF mn m0(2)] obtain ps where ps: "primefact ps m" .. lp15@55321: from ps m p(1) have "primefact (p#ps) n" by (simp add: primefact_def) lp15@55321: hence ?ths by blast} lp15@55321: ultimately show ?ths by blast lp15@55321: qed lp15@55321: lp15@55321: lemma primefact_contains: lp15@55321: assumes pf: "primefact ps n" and p: "prime p" and pn: "p dvd n" lp15@55321: shows "p \ set ps" lp15@55321: using pf p pn lp15@55321: proof(induct ps arbitrary: p n) lp15@55321: case Nil thus ?case by (auto simp add: primefact_def) lp15@55321: next lp15@55321: case (Cons q qs p n) lp15@55321: from Cons.prems[unfolded primefact_def] lp15@55321: have q: "prime q" "q * foldr op * qs 1 = n" "\p \set qs. prime p" and p: "prime p" "p dvd q * foldr op * qs 1" by simp_all lp15@55321: {assume "p dvd q" lp15@55321: with p(1) q(1) have "p = q" unfolding prime_def by auto lp15@55321: hence ?case by simp} lp15@55321: moreover lp15@55321: { assume h: "p dvd foldr op * qs 1" lp15@55321: from q(3) have pqs: "primefact qs (foldr op * qs 1)" lp15@55321: by (simp add: primefact_def) lp15@55321: from Cons.hyps[OF pqs p(1) h] have ?case by simp} lp15@55321: ultimately show ?case lp15@55321: by (metis p prime_dvd_mult_eq_nat) lp15@55321: qed lp15@55321: lp15@55321: lemma primefact_variant: "primefact ps n \ foldr op * ps 1 = n \ list_all prime ps" lp15@55321: by (auto simp add: primefact_def list_all_iff) lp15@55321: lp15@55321: (* Variant of Lucas theorem. *) lp15@55321: lp15@55321: lemma lucas_primefact: lp15@55321: assumes n: "n \ 2" and an: "[a^(n - 1) = 1] (mod n)" lp15@55321: and psn: "foldr op * ps 1 = n - 1" lp15@55321: and psp: "list_all (\p. prime p \ \ [a^((n - 1) div p) = 1] (mod n)) ps" lp15@55321: shows "prime n" lp15@55321: proof- lp15@55321: {fix p assume p: "prime p" "p dvd n - 1" "[a ^ ((n - 1) div p) = 1] (mod n)" lp15@55321: from psn psp have psn1: "primefact ps (n - 1)" lp15@55321: by (auto simp add: list_all_iff primefact_variant) lp15@55321: from p(3) primefact_contains[OF psn1 p(1,2)] psp lp15@55321: have False by (induct ps, auto)} lp15@55321: with lucas[OF n an] show ?thesis by blast lp15@55321: qed lp15@55321: lp15@55321: (* Variant of Pocklington theorem. *) lp15@55321: lp15@55321: lemma pocklington_primefact: lp15@55321: assumes n: "n \ 2" and qrn: "q*r = n - 1" and nq2: "n \ q\<^sup>2" lp15@55321: and arnb: "(a^r) mod n = b" and psq: "foldr op * ps 1 = q" lp15@55321: and bqn: "(b^q) mod n = 1" lp15@55321: and psp: "list_all (\p. prime p \ coprime ((b^(q div p)) mod n - 1) n) ps" lp15@55321: shows "prime n" lp15@55321: proof- lp15@55321: from bqn psp qrn lp15@55321: have bqn: "a ^ (n - 1) mod n = 1" lp15@55337: and psp: "list_all (\p. prime p \ coprime (a^(r *(q div p)) mod n - 1) n) ps" lp15@55337: unfolding arnb[symmetric] power_mod lp15@55321: by (simp_all add: power_mult[symmetric] algebra_simps) lp15@55321: from n have n0: "n > 0" by arith lp15@55321: from mod_div_equality[of "a^(n - 1)" n] lp15@55321: mod_less_divisor[OF n0, of "a^(n - 1)"] lp15@55321: have an1: "[a ^ (n - 1) = 1] (mod n)" lp15@55321: by (metis bqn cong_nat_def mod_mod_trivial) lp15@55321: {fix p assume p: "prime p" "p dvd q" lp15@55321: from psp psq have pfpsq: "primefact ps q" lp15@55321: by (auto simp add: primefact_variant list_all_iff) lp15@55321: from psp primefact_contains[OF pfpsq p] lp15@55321: have p': "coprime (a ^ (r * (q div p)) mod n - 1) n" lp15@55321: by (simp add: list_all_iff) lp15@55321: from p prime_def have p01: "p \ 0" "p \ 1" "p =Suc(p - 1)" lp15@55321: by auto lp15@55321: from div_mult1_eq[of r q p] p(2) lp15@55321: have eq1: "r* (q div p) = (n - 1) div p" haftmann@57512: unfolding qrn[symmetric] dvd_eq_mod_eq_0 by (simp add: mult.commute) lp15@55321: have ath: "\a (b::nat). a <= b \ a \ 0 ==> 1 <= a \ 1 <= b" by arith lp15@55321: {assume "a ^ ((n - 1) div p) mod n = 0" lp15@55321: then obtain s where s: "a ^ ((n - 1) div p) = n*s" lp15@55321: unfolding mod_eq_0_iff by blast lp15@55321: hence eq0: "(a^((n - 1) div p))^p = (n*s)^p" by simp lp15@55321: from qrn[symmetric] have qn1: "q dvd n - 1" unfolding dvd_def by auto haftmann@58834: from dvd_trans[OF p(2) qn1] haftmann@58834: have npp: "(n - 1) div p * p = n - 1" by simp lp15@55321: with eq0 have "a^ (n - 1) = (n*s)^p" lp15@55321: by (simp add: power_mult[symmetric]) lp15@55321: hence "1 = (n*s)^(Suc (p - 1)) mod n" using bqn p01 by simp haftmann@57512: also have "\ = 0" by (simp add: mult.assoc) lp15@55321: finally have False by simp } lp15@55321: then have th11: "a ^ ((n - 1) div p) mod n \ 0" by auto lp15@55321: have th1: "[a ^ ((n - 1) div p) mod n = a ^ ((n - 1) div p)] (mod n)" lp15@55321: unfolding cong_nat_def by simp lp15@55321: from th1 ath[OF mod_less_eq_dividend th11] lp15@55321: have th: "[a ^ ((n - 1) div p) mod n - 1 = a ^ ((n - 1) div p) - 1] (mod n)" lp15@55321: by (metis cong_diff_nat cong_refl_nat) lp15@55321: have "coprime (a ^ ((n - 1) div p) - 1) n" lp15@55321: by (metis cong_imp_coprime_nat eq1 p' th) } lp15@55321: with pocklington[OF n qrn[symmetric] nq2 an1] lp15@55321: show ?thesis by blast lp15@55321: qed lp15@55321: lp15@55321: end