:: PEPIN semantic presentation

Lemma1: for b1, b2 being Integer
for b3, b4 being Nat st b1 = b3 & b2 = b4 holds
( b1 divides b2 iff b3 divides b4 )
proof end;

Lemma2: for b1 being Nat
for b2 being Integer st b1 > 1 & b1 * b2 > 0 holds
b2 > 0
by XREAL_1:133;

Lemma3: for b1, b2, b3 being Nat st b1 > 1 & b2 >= 1 & b3 >= 0 & 1 = (((b2 * b3) * b1) + b2) + b3 holds
( b2 = 1 & b3 = 0 )
proof end;

Lemma4: for b1 being Nat holds 2 |^ (2 |^ b1) > 1
proof end;

Lemma5: for b1 being Nat st b1 <> 0 holds
b1 - 1 >= 0
proof end;

Lemma6: for b1 being Nat st b1 <> 0 holds
(b1 -' 1) + 1 = (b1 + 1) -' 1
proof end;

theorem Th1: :: PEPIN:1
for b1 being Nat holds b1,b1 + 1 are_relative_prime
proof end;

theorem Th2: :: PEPIN:2
for b1, b2 being Nat holds
( not b1 is prime or b2,b1 are_relative_prime or b2 hcf b1 = b1 )
proof end;

theorem Th3: :: PEPIN:3
for b1, b2, b3 being Nat st b1 divides b2 * b3 & b2,b1 are_relative_prime holds
b1 divides b3
proof end;

theorem Th4: :: PEPIN:4
for b1, b2, b3 being Nat st b1 divides b2 & b3 divides b2 & b1,b3 are_relative_prime holds
b1 * b3 divides b2
proof end;

definition
let c1 be Nat;
redefine func ^2 as c1 ^2 -> Nat;
coherence
c1 ^2 is Nat
proof end;
end;

theorem Th5: :: PEPIN:5
for b1 being Integer st b1 > 1 holds
1 mod b1 = 1
proof end;

theorem Th6: :: PEPIN:6
for b1, b2 being Nat st b2 <> 0 holds
( b2 divides b1 iff b1 mod b2 = 0 )
proof end;

theorem Th7: :: PEPIN:7
for b1, b2 being Nat st b1 <> 0 & b1 divides b2 mod b1 holds
b1 divides b2
proof end;

theorem Th8: :: PEPIN:8
for b1, b2, b3 being Nat st 0 < b1 & b2 mod b1 = b3 holds
b1 divides b2 - b3
proof end;

theorem Th9: :: PEPIN:9
for b1, b2, b3 being Nat st b1 * b2 <> 0 & b2 is prime & b3 mod (b1 * b2) < b2 holds
b3 mod (b1 * b2) = b3 mod b2
proof end;

theorem Th10: :: PEPIN:10
for b1 being Nat
for b2 being Integer holds ((b2 * b1) + 1) mod b1 = 1 mod b1
proof end;

theorem Th11: :: PEPIN:11
for b1, b2, b3 being Nat st 1 < b1 & (b2 * b3) mod b1 = b3 mod b1 & b3,b1 are_relative_prime holds
b2 mod b1 = 1
proof end;

theorem Th12: :: PEPIN:12
for b1, b2, b3 being Nat holds (b1 |^ b2) mod b3 = ((b1 mod b3) |^ b2) mod b3
proof end;

Lemma15: for b1, b2 being Nat holds (b1 * (2 |^ (b2 + 1))) div 2 = b1 * (2 |^ b2)
proof end;

Lemma16: for b1, b2, b3 being Nat st b1 <= b2 holds
b3 |^ b1 divides b3 |^ b2
proof end;

Lemma17: 2 |^ 2 = 4
proof end;

Lemma18: 2 |^ 3 = 8
proof end;

Lemma19: 2 |^ 4 = 16
proof end;

Lemma20: 2 |^ 8 = 256
proof end;

theorem Th13: :: PEPIN:13
for b1 being Nat st b1 <> 0 holds
(b1 ^2 ) mod (b1 + 1) = 1
proof end;

theorem Th14: :: PEPIN:14
for b1, b2, b3 being Nat st b1 ^2 < b2 & b3 mod b2 = b1 holds
(b3 ^2 ) mod b2 = b1 ^2
proof end;

theorem Th15: :: PEPIN:15
for b1, b2 being Nat st b1 is prime & b2 mod b1 = - 1 holds
(b2 ^2 ) mod b1 = 1
proof end;

theorem Th16: :: PEPIN:16
for b1 being Nat st b1 is even holds
not b1 + 1 is even
proof end;

theorem Th17: :: PEPIN:17
for b1 being Nat st b1 > 2 & b1 is prime holds
not b1 is even
proof end;

theorem Th18: :: PEPIN:18
for b1 being Nat st b1 > 0 holds
2 to_power b1 is even
proof end;

Lemma22: for b1, b2 being Nat st b1 is even & b2 is even holds
b1 * b2 is even
proof end;

theorem Th19: :: PEPIN:19
for b1, b2 being Nat st not b1 is even & not b2 is even holds
not b1 * b2 is even
proof end;

theorem Th20: :: PEPIN:20
for b1, b2 being Nat st not b1 is even holds
not b1 |^ b2 is even
proof end;

theorem Th21: :: PEPIN:21
for b1, b2 being Nat st b1 > 0 & b2 is even holds
b2 |^ b1 is even
proof end;

theorem Th22: :: PEPIN:22
for b1 being Nat holds
( 2 divides b1 iff b1 is even )
proof end;

theorem Th23: :: PEPIN:23
for b1, b2 being Nat holds
( not b1 * b2 is even or b1 is even or b2 is even ) by Th19;

theorem Th24: :: PEPIN:24
for b1 being Nat holds b1 |^ 2 = b1 ^2
proof end;

theorem Th25: :: PEPIN:25
canceled;

theorem Th26: :: PEPIN:26
for b1, b2 being Nat st b1 > 1 & b2 > 0 holds
b1 |^ b2 > 1
proof end;

Lemma27: for b1 being Nat holds (2 |^ (2 |^ b1)) ^2 = 2 |^ (2 |^ (b1 + 1))
proof end;

theorem Th27: :: PEPIN:27
for b1, b2 being Nat st b1 <> 0 & b2 <> 0 holds
b1 |^ b2 = b1 * (b1 |^ (b2 -' 1))
proof end;

theorem Th28: :: PEPIN:28
for b1, b2 being Nat st b2 mod 2 = 0 holds
(b1 |^ (b2 div 2)) ^2 = b1 |^ b2
proof end;

theorem Th29: :: PEPIN:29
for b1, b2 being Nat st b1 <> 0 & 1 <= b2 holds
(b1 |^ b2) div b1 = b1 |^ (b2 -' 1)
proof end;

theorem Th30: :: PEPIN:30
for b1 being Nat holds 2 |^ (b1 + 1) = (2 |^ b1) + (2 |^ b1)
proof end;

theorem Th31: :: PEPIN:31
for b1, b2, b3 being Nat st b1 > 1 & b1 |^ b2 = b1 |^ b3 holds
b2 = b3
proof end;

Lemma32: for b1, b2, b3 being Nat st b1 > b2 & b3 > 1 holds
b3 |^ b1 > b3 |^ b2
proof end;

Lemma33: for b1, b2 being Nat st 2 |^ b1 divides 2 |^ b2 holds
b1 <= b2
proof end;

theorem Th32: :: PEPIN:32
for b1, b2 being Nat holds
( b1 <= b2 iff 2 |^ b1 divides 2 |^ b2 ) by Lemma16, Lemma33;

theorem Th33: :: PEPIN:33
for b1, b2, b3 being Nat st b1 is prime & b2 divides b1 |^ b3 & not b2 = 1 holds
ex b4 being Nat st b2 = b1 * b4
proof end;

theorem Th34: :: PEPIN:34
for b1, b2, b3 being Nat st b3 <> 0 & b1 is prime & b3 < b1 |^ (b2 + 1) holds
( b3 divides b1 |^ (b2 + 1) iff b3 divides b1 |^ b2 )
proof end;

theorem Th35: :: PEPIN:35
for b1, b2, b3 being Nat st b1 is prime & b2 divides b1 |^ b3 & b2 <> 0 holds
ex b4 being Nat st
( b2 = b1 |^ b4 & b4 <= b3 )
proof end;

theorem Th36: :: PEPIN:36
for b1, b2, b3 being Nat st b1 > 1 & b2 mod b1 = 1 holds
(b2 |^ b3) mod b1 = 1
proof end;

theorem Th37: :: PEPIN:37
for b1, b2 being natural number st b1 > 0 holds
(b2 |^ b1) mod b2 = 0
proof end;

theorem Th38: :: PEPIN:38
for b1, b2 being Nat st b1 is prime & b2,b1 are_relative_prime holds
(b2 |^ (b1 -' 1)) mod b1 = 1
proof end;

theorem Th39: :: PEPIN:39
for b1, b2, b3 being Nat st b1 is prime & b2 > 1 & b2 divides b1 |^ b3 & not b2 divides (b1 |^ b3) div b1 holds
b2 = b1 |^ b3
proof end;

definition
let c1 be Integer;
redefine func ^2 as c1 ^2 -> Nat;
coherence
c1 ^2 is Nat
proof end;
end;

theorem Th40: :: PEPIN:40
for b1, b2 being Nat st b2 > 1 holds
( b1 mod b2 = 1 iff b1,1 are_congruent_mod b2 )
proof end;

Lemma41: for b1, b2 being Nat st b1 > 1 & b2 > 1 & b2,1 are_congruent_mod b1 holds
b2 mod b1 = 1
proof end;

theorem Th41: :: PEPIN:41
for b1, b2, b3 being Integer st b1,b2 are_congruent_mod b3 holds
b1 ^2 ,b2 ^2 are_congruent_mod b3 by INT_1:39;

theorem Th42: :: PEPIN:42
canceled;

theorem Th43: :: PEPIN:43
for b1, b2, b3, b4 being Integer st b1,b2 are_congruent_mod b3 & b1,b4 are_congruent_mod b3 holds
b2,b4 are_congruent_mod b3
proof end;

theorem Th44: :: PEPIN:44
3 is prime
proof end;

theorem Th45: :: PEPIN:45
for b1 being Nat st b1 <> 0 holds
Euler b1 <> 0
proof end;

theorem Th46: :: PEPIN:46
for b1 being Nat st b1 <> 0 holds
- b1 < b1 ;

theorem Th47: :: PEPIN:47
canceled;

theorem Th48: :: PEPIN:48
for b1 being Nat st b1 <> 0 holds
b1 div b1 = 1
proof end;

definition
let c1, c2, c3 be Nat;
func Crypto c2,c3,c1 -> Nat equals :: PEPIN:def 1
(a2 |^ a1) mod a3;
coherence
(c2 |^ c1) mod c3 is Nat ;
end;

:: deftheorem Def1 defines Crypto PEPIN:def 1 :
for b1, b2, b3 being Nat holds Crypto b2,b3,b1 = (b2 |^ b1) mod b3;

theorem Th49: :: PEPIN:49
for b1, b2, b3, b4, b5 being Nat st b1 is prime & b2 is prime & b1 <> b2 & b3 = b1 * b2 & b4, Euler b3 are_relative_prime & (b4 * b5) mod (Euler b3) = 1 holds
for b6 being Nat st b6 < b3 holds
Crypto (Crypto b6,b3,b4),b3,b5 = b6
proof end;

definition
let c1, c2 be Nat;
assume E47: ( c2 > 1 & c1,c2 are_relative_prime ) ;
func order c1,c2 -> Nat means :Def2: :: PEPIN:def 2
( a3 > 0 & (a1 |^ a3) mod a2 = 1 & ( for b1 being Nat st b1 > 0 & (a1 |^ b1) mod a2 = 1 holds
( 0 < a3 & a3 <= b1 ) ) );
existence
ex b1 being Nat st
( b1 > 0 & (c1 |^ b1) mod c2 = 1 & ( for b2 being Nat st b2 > 0 & (c1 |^ b2) mod c2 = 1 holds
( 0 < b1 & b1 <= b2 ) ) )
proof end;
uniqueness
for b1, b2 being Nat st b1 > 0 & (c1 |^ b1) mod c2 = 1 & ( for b3 being Nat st b3 > 0 & (c1 |^ b3) mod c2 = 1 holds
( 0 < b1 & b1 <= b3 ) ) & b2 > 0 & (c1 |^ b2) mod c2 = 1 & ( for b3 being Nat st b3 > 0 & (c1 |^ b3) mod c2 = 1 holds
( 0 < b2 & b2 <= b3 ) ) holds
b1 = b2
proof end;
end;

:: deftheorem Def2 defines order PEPIN:def 2 :
for b1, b2 being Nat st b2 > 1 & b1,b2 are_relative_prime holds
for b3 being Nat holds
( b3 = order b1,b2 iff ( b3 > 0 & (b1 |^ b3) mod b2 = 1 & ( for b4 being Nat st b4 > 0 & (b1 |^ b4) mod b2 = 1 holds
( 0 < b3 & b3 <= b4 ) ) ) );

theorem Th50: :: PEPIN:50
for b1 being Nat st b1 > 1 holds
order 1,b1 = 1
proof end;

theorem Th51: :: PEPIN:51
canceled;

theorem Th52: :: PEPIN:52
for b1, b2, b3 being Nat st b1 > 1 & b2 > 0 & (b3 |^ b2) mod b1 = 1 & b3,b1 are_relative_prime holds
order b3,b1 divides b2
proof end;

theorem Th53: :: PEPIN:53
for b1, b2, b3 being Nat st b1 > 1 & b2,b1 are_relative_prime & order b2,b1 divides b3 holds
(b2 |^ b3) mod b1 = 1
proof end;

theorem Th54: :: PEPIN:54
for b1, b2 being Nat st b1 is prime & b2,b1 are_relative_prime holds
order b2,b1 divides b1 -' 1
proof end;

definition
let c1 be Nat;
func Fermat c1 -> Nat equals :: PEPIN:def 3
(2 |^ (2 |^ a1)) + 1;
correctness
coherence
(2 |^ (2 |^ c1)) + 1 is Nat;
;
end;

:: deftheorem Def3 defines Fermat PEPIN:def 3 :
for b1 being Nat holds Fermat b1 = (2 |^ (2 |^ b1)) + 1;

theorem Th55: :: PEPIN:55
Fermat 0 = 3
proof end;

theorem Th56: :: PEPIN:56
Fermat 1 = 5
proof end;

theorem Th57: :: PEPIN:57
Fermat 2 = 17
proof end;

theorem Th58: :: PEPIN:58
Fermat 3 = 257
proof end;

theorem Th59: :: PEPIN:59
Fermat 4 = (256 * 256) + 1
proof end;

theorem Th60: :: PEPIN:60
for b1 being Nat holds Fermat b1 > 2
proof end;

Lemma57: for b1 being Nat holds Fermat b1 > 1
proof end;

Lemma58: for b1 being Nat holds ((Fermat b1) -' 1) mod 2 = 0
proof end;

Lemma59: for b1 being Nat holds (Fermat b1) -' 1 > 0
proof end;

Lemma60: for b1 being Nat holds (Fermat b1) mod (2 |^ (2 |^ b1)) = 1
proof end;

Lemma61: for b1 being Nat holds not Fermat b1 is even
proof end;

theorem Th61: :: PEPIN:61
for b1, b2 being Nat st b1 is prime & b1 > 2 & b1 divides Fermat b2 holds
ex b3 being Nat st b1 = (b3 * (2 |^ (b2 + 1))) + 1
proof end;

theorem Th62: :: PEPIN:62
for b1 being Nat st b1 <> 0 holds
3, Fermat b1 are_relative_prime
proof end;

theorem Th63: :: PEPIN:63
for b1 being Nat st 3 |^ (((Fermat b1) -' 1) div 2), - 1 are_congruent_mod Fermat b1 holds
Fermat b1 is prime
proof end;

Lemma65: 3 |^ 2 = 9
proof end;

Lemma66: 3 |^ 4 = 81
proof end;

Lemma67: 3 |^ 8 = 6561
proof end;

Lemma68: 3 |^ 16 = 6561 * 6561
proof end;

Lemma69: for b1 being Nat holds Fermat 1 divides (3 |^ ((4 * b1) + 2)) + 1
proof end;

Lemma70: for b1 being Nat st b1 = 1 holds
3 |^ (((Fermat b1) -' 1) div 2), - 1 are_congruent_mod Fermat b1
proof end;

Lemma71: for b1 being Nat holds Fermat 2 divides (3 |^ ((16 * b1) + 8)) + 1
proof end;

Lemma72: (3 |^ 1) mod (Fermat 3) = 3
proof end;

Lemma73: (3 |^ 2) mod (Fermat 3) = 9
proof end;

Lemma74: (3 |^ 4) mod (Fermat 3) = 81
proof end;

Lemma75: (3 |^ 8) mod (Fermat 3) = 136
proof end;

Lemma76: (3 |^ 16) mod (Fermat 3) = 83 * 3
proof end;

Lemma77: (3 |^ 32) mod (Fermat 3) = 64
proof end;

Lemma78: (3 |^ 64) mod (Fermat 3) = 241
proof end;

Lemma79: (3 |^ 128) mod (Fermat 3) = 256
proof end;

Lemma80: (3 |^ 1) mod (Fermat 4) = 3
proof end;

Lemma81: (3 |^ 2) mod (Fermat 4) = 9
proof end;

Lemma82: (3 |^ 4) mod (Fermat 4) = 81
proof end;

Lemma83: (3 |^ 8) mod (Fermat 4) = 6561
proof end;

Lemma84: (3 |^ 16) mod (Fermat 4) = (164 * 332) + 1
proof end;

Lemma85: (3 |^ 32) mod (Fermat 4) = 123 * 503
proof end;

Lemma86: (3 |^ 64) mod (Fermat 4) = (14 * 1367) + 1
proof end;

Lemma87: (3 |^ 128) mod (Fermat 4) = 52 * 289
proof end;

Lemma88: (3 |^ 256) mod (Fermat 4) = 282
proof end;

Lemma89: (3 |^ (256 * 2)) mod (Fermat 4) = 71 * 197
proof end;

Lemma90: (3 |^ (256 * 4)) mod (Fermat 4) = 32 * 257
proof end;

Lemma91: (3 |^ (256 * 8)) mod (Fermat 4) = 81 * 809
proof end;

Lemma92: (3 |^ (256 * 16)) mod (Fermat 4) = 64
proof end;

Lemma93: (3 |^ (256 * 32)) mod (Fermat 4) = 256 * 16
proof end;

Lemma94: (3 |^ (256 * 64)) mod (Fermat 4) = 673 * 97
proof end;

Lemma95: (3 |^ (256 * 128)) mod (Fermat 4) = 256 * 256
proof end;

Lemma96: Fermat 3 divides (3 |^ ((32 * 0) + 128)) + 1
proof end;

Lemma97: Fermat 4 divides (3 |^ ((64 * 0) + (256 * 128))) + 1
proof end;

theorem Th64: :: PEPIN:64
5 is prime
proof end;

theorem Th65: :: PEPIN:65
17 is prime
proof end;

theorem Th66: :: PEPIN:66
257 is prime
proof end;

theorem Th67: :: PEPIN:67
(256 * 256) + 1 is prime
proof end;