reserve i,i1,i2,i3,i4,i5,j,r,a,b,x,y for Integer,
  d,e,k,n for Nat,
  fp,fk for FinSequence of INT,
  f,f1,f2 for FinSequence of REAL,
  p for Prime;
reserve fr for FinSequence of REAL;
reserve fr,f for FinSequence of INT;
reserve b,m for Nat;

theorem Th18:
  p>2 & b gcd p = 1 & not b is_quadratic_residue_mod p implies
  b|^((p-'1) div 2) mod p = p - 1
proof
  assume that
A1: p>2 and
A2: b gcd p = 1 and
A3: not b is_quadratic_residue_mod p;
  reconsider b as Element of NAT by ORDINAL1:def 12;
A4: p>1 by INT_2:def 4;
  then
A5: 1 mod p = 1 by NAT_D:14;
  p is odd by A1,PEPIN:17;
  then p-1 is even by HILBERT3:2;
  then p-'1 is even by A4,XREAL_1:233;
  then 2 divides (p-'1) by PEPIN:22;
  then p-'1 = 2*((p-'1) div 2);
  then
A6: b|^(p-'1) - 1 = (b|^((p-'1) div 2))|^2 - 1 by NEWTON:9
    .= (b|^((p-'1) div 2))^2 - 1 by NEWTON:81
    .= (b|^((p-'1) div 2) +1)*(b|^((p-'1) div 2)-1);
  b,p are_coprime by A2,INT_2:def 3;
  then (b|^(p-'1)) mod p = 1 by PEPIN:37;
  then (b|^(p-'1) - 1) mod p = 0 by A5,INT_4:22;
  then
A7: p divides (b|^((p-'1) div 2) +1)*(b|^((p-'1) div 2)-1) by A6,Lm1;
  p-1 > 2-1 by A1,XREAL_1:9;
  then p-1 >= 1 + 1 by INT_1:7;
  then p-'1 >= 2 by A4,XREAL_1:233;
  then (p-'1) div 2 >= 2 div 2 by NAT_2:24;then
A8: (p-'1) div 2 >= 1;
  per cases by A8,XXREAL_0:1;
  suppose
A9: (p-'1) div 2 = 1;
A10: now
      assume p divides (b - 1);
      then p divides -(b - 1) by INT_2:10;
      then (1^2 - b) mod p = 0 by Lm1;
      hence contradiction by A3;
    end;
    p divides (b +1)*(b|^1 -1) by A7,A9;
    then p divides (b - (-1)) by A10,Th7;
    then b,(-1) are_congruent_mod p;
    then
A11: b mod p = (-1) mod p by NAT_D:64;
    -p < -2 by A1,XREAL_1:24;
    then -p < -2+1 by XREAL_1:39;
    then b mod p = p - 1 by A11,NAT_D:63;
    hence thesis by A9;
  end;
  suppose
A12: (p-'1) div 2 > 1;
    set l = (p-'1) div 2;
    set K1 = <*-1*>^((l-'1) |-> 0);
A14: len ((l-'1) |-> 0) = l-'1 by CARD_1:def 7;
A15: len K1 = 1 + (l-'1) by CARD_1:def 7
      .= l by A12,XREAL_1:235;
    set fs = <*-1*>^((l-'1) |-> 0)^<*1*>;
    reconsider fs as FinSequence of INT by FINSEQ_1:75;
A17: len fs = 1 + ((l-'1) +1) by CARD_1:def 7
      .= 1 + l by A12,XREAL_1:235;
A18: fs.1 = (<*-1*>^(((l-'1) |-> 0)^<*1*>)).1 by FINSEQ_1:32
      .= -1 by FINSEQ_1:41;
A19: for x being Element of INT holds (Poly-INT fs).x = x|^l -1
    proof
      let x be Element of INT;
      consider fr such that
A20:  len fr = len fs and
A21:  for d st d in dom fr holds fr.d = (fs.d) * x|^(d-'1) and
A22:  (Poly-INT fs).x = Sum fr by Def1;
      fr = <*-1*>^((l-'1) |-> 0)^<*x|^l*>
      proof
        set K = <*-1*>^((l-'1) |-> 0)^<*x|^l*>;
A23:    for d being Nat st d in dom fr holds fr.d = K.d
        proof
          let d be Nat;
          assume
A24:      d in dom fr; then
A25:      d in Seg(l + 1) by A17,A20,FINSEQ_1:def 3; then
A26:      d>=1 by FINSEQ_1:1;
A27:      d<=l+1 by A25,FINSEQ_1:1;
          per cases by A26,A27,XXREAL_0:1;
          suppose
A28:        d=1; then
A29:        fr.1 = (fs.1) * x|^(1-'1) by A21,A24
              .= (fs.1) * x|^0 by XREAL_1:232
              .= (fs.1) * 1 by NEWTON:4
              .= -1 by A18;
            K.1 = (<*-1*>^(((l-'1) |-> 0)^<*x|^l*>)).1 by FINSEQ_1:32
              .= fr.1 by A29,FINSEQ_1:41;
            hence thesis by A28;
          end;
          suppose
A30:        d>1 & d<l+1;
            then reconsider w = d-1 as Element of NAT by INT_1:3;
            d-1<l+1-1 by A30,XREAL_1:9; then
A31:        w <= l-'1 by NAT_D:49;
A32:        w >= 0+1 by A30,INT_1:7,XREAL_1:50;
A33:        ((l-'1) |-> 0).w = 0;
            w in Seg(l-'1) by A31,A32,FINSEQ_1:1; then
A34:        w in dom ((l-'1) |-> 0) by A14,FINSEQ_1:def 3; then
A35:        w in dom (((l-'1) |-> 0)^<*1*>) by FINSEQ_2:15;
A36:        w in dom (((l-'1) |-> 0)^<*x|^l*>) by A34,FINSEQ_2:15;
A37:        fs.d = (<*-1*>^(((l-'1) |-> 0)^<*1*>)).(w+1) by FINSEQ_1:32
              .= (((l-'1) |-> 0)^<*1*>).w by A35,FINSEQ_3:103
              .= 0 by A33,A34,FINSEQ_1:def 7;
            thus K.d = (<*-1*>^(((l-'1) |-> 0)^<*x|^l*>)).(w+1) by FINSEQ_1:32
              .= (((l-'1) |-> 0)^<*x|^l*>).w by A36,FINSEQ_3:103
              .= (fs.d)*x|^(d-'1) by A33,A34,A37,FINSEQ_1:def 7
              .= fr.d by A21,A24;
          end;
          suppose
A38:        d=l+1;
            then d in dom fs by A17,FINSEQ_5:6;
            then
A39:        d in dom fr by A20,FINSEQ_3:29;
            fs.d = 1 by A15,A38,FINSEQ_1:42;
            hence fr.d = 1 * x|^(l+1-'1) by A21,A38,A39
              .= x|^l by NAT_D:34
              .= K.d by A15,A38,FINSEQ_1:42;
          end;
        end;
        len K = 1 + ((l-'1) +1) by CARD_1:def 7
          .= len fr by A12,A17,A20,XREAL_1:235;
        hence thesis by A23,FINSEQ_3:29;
      end;
      then Sum fr = Sum (<*-1*>^(((l-'1) |-> 0)^<*x|^l*>)) by FINSEQ_1:32
        .= -1 + Sum (((l-'1) |-> 0)^<*x|^l*>) by RVSUM_1:76
        .= -1 + (Sum ((l-'1) |-> 0) + x|^l) by RVSUM_1:74
        .= -1 + ((l-'1)*0 + x|^l) by RVSUM_1:80;
      hence thesis by A22;
    end;
    consider fp being FinSequence of NAT such that
A40: len fp = l and
A41: for d st d in dom fp holds fp.d gcd p = 1 and
A42: for d st d in dom fp holds fp.d is_quadratic_residue_mod p and
A43: for d,e st d in dom fp & e in dom fp & d<>e holds not fp.d,fp.e
    are_congruent_mod p by A1,Th16;
A44: fs.(l+1) = 1 by A15,FINSEQ_1:42;
    now
      assume p divides (b|^l - 1);
      then
A45:  (b|^l - 1) mod p = 0 by Lm1;
      reconsider b as Element of INT by INT_1:def 2;
      set f = fp^<*b*>;
      reconsider f as FinSequence of NAT by FINSEQ_1:75;
A46:  len f = l+1 by A40,FINSEQ_2:16;
A47:  for d,e st d in dom f & e in dom f & d<>e holds not f.d,f.e
      are_congruent_mod p
      proof
        let d,e;
        assume that
A48:    d in dom f and
A49:    e in dom f and
A50:    d<>e;
A51:    e>=1 by A49,FINSEQ_3:25;
A52:    d<= l+1 by A46,A48,FINSEQ_3:25;
A53:    e<=l+1 by A46,A49,FINSEQ_3:25;
        per cases by A48,A52,FINSEQ_3:25,XXREAL_0:1;
        suppose
A54:      d>=1 & d<l+1;
          then d<=l by NAT_1:13;
          then
A55:      d in dom fp by A40,A54,FINSEQ_3:25;
          then
A56:      f.d = fp.d by FINSEQ_1:def 7;
          per cases by A49,A53,FINSEQ_3:25,XXREAL_0:1;
          suppose
A57:        e>=1 & e<l+1;
            then e<=l by NAT_1:13;
            then
A58:        e in dom fp by A40,A57,FINSEQ_3:25;
            then not fp.d,fp.e are_congruent_mod p by A43,A50,A55;
            hence thesis by A56,A58,FINSEQ_1:def 7;
          end;
          suppose
A59:        e=l+1;
            not f.d,b are_congruent_mod p
            proof
              f.d is_quadratic_residue_mod p by A42,A55,A56;
              then consider j being Integer such that
A60:          (j^2 - f.d) mod p = 0;
              assume a61: f.d,b are_congruent_mod p;
              p divides (j^2 - f.d) by A60,INT_1:62;
              then p divides ((j^2 - f.d)+(f.d - b)) by a61,WSIERP_1:4;
              then (j^2 - b) mod p = 0 by INT_1:62;
              hence contradiction by A3;
            end;
            hence thesis by A40,A59,FINSEQ_1:42;
          end;
        end;
        suppose
A62:      d=l+1;
          then e<=l by A50,A53,NAT_1:8;
          then
A63:      e in dom fp by A40,A51,FINSEQ_3:25;
          then f.e = fp.e by FINSEQ_1:def 7;
          then f.e is_quadratic_residue_mod p by A42,A63;
          then consider j being Integer such that
A64:      (j^2 - f.e) mod p = 0;
A65:      p divides (j^2 - f.e) by A64,INT_1:62;
          not b,f.e are_congruent_mod p
          proof
            assume b,f.e are_congruent_mod p;
            then p divides ((j^2 - f.e) - (b - f.e)) by A65,Th1;
            then (j^2 - b) mod p = 0 by INT_1:62;
            hence contradiction by A3;
          end;
          hence thesis by A40,A62,FINSEQ_1:42;
        end;
      end;
A66:  (Poly-INT fs).b mod p = 0 by A19,A45;
A67:  for d st d in dom f holds (Poly-INT fs).(f.d) mod p = 0
      proof
        let d;
        assume d in dom f;
        then
A68:    d in Seg (l+1) by A46,FINSEQ_1:def 3;
        then
A69:    d<=l+1 by FINSEQ_1:1;
        per cases by A68,A69,FINSEQ_1:1,XXREAL_0:1;
        suppose
A70:      d>=1 & d<l+1;
          reconsider k = fp.d as Element of INT by INT_1:def 2;
          d<=l by A70,NAT_1:13; then
A71:      d in dom fp by A40,A70,FINSEQ_3:25;
          then fp.d gcd p = 1 by A41;
          then (fp.d)|^l mod p = 1 mod p by A1,A5,A42,A71,Th17;
          then (k|^l - 1) mod p = 0 by INT_4:22;
          then (Poly-INT fs).k mod p = 0 by A19;
          hence thesis by A71,FINSEQ_1:def 7;
        end;
        suppose
          d=l+1;
          hence thesis by A40,A66,FINSEQ_1:42;
        end;
      end;
      reconsider f as FinSequence of INT by FINSEQ_2:24,NUMBERS:17;
      not p divides fs.(l+1) by A4,A44,NAT_D:7;
      then len f <= l by A1,A17,A67,A47,Th8;
      hence contradiction by A46,XREAL_1:29;
    end;
    then p divides (b|^l + 1) by A7,Th7;
    then consider k being Nat such that
A72: (b|^l + 1) = p*k by NAT_D:def 3;
    -p < -1 by A4,XREAL_1:24;
    then
A73: (-1) mod p = (-1) + p by NAT_D:63;
    b|^l mod p = (p*k + (- 1)) mod p by A72
      .= p - 1 by A73,NAT_D:61;
    hence thesis;
  end;
end;
