Results 1 
6 of
6
Setoids in Type Theory
, 2000
"... Formalising mathematics in dependent type theory often requires to use setoids, i.e. types with an explicit equality relation, as a representation of sets. This paper surveys some possible denitions of setoids and assesses their suitability as a basis for developing mathematics. In particular, we ..."
Abstract

Cited by 30 (4 self)
 Add to MetaCart
Formalising mathematics in dependent type theory often requires to use setoids, i.e. types with an explicit equality relation, as a representation of sets. This paper surveys some possible denitions of setoids and assesses their suitability as a basis for developing mathematics. In particular, we argue that a commonly advocated approach to partial setoids is unsuitable, and more generally that total setoids seem better suited for formalising mathematics. 1
A machinechecked formalization of the generic model and the random oracle model
 in Proceedings of IJCAR’04, vol. 3097, Lecture Notes in Computer Science
"... Abstract. Most approaches to the formal analyses of cryptographic protocols make the perfect cryptography assumption, i.e. the hypothese that there is no way to obtain knowledge about the plaintext pertaining to a ciphertext without knowing the key. Ideally, one would prefer to rely on a weaker hypo ..."
Abstract

Cited by 22 (5 self)
 Add to MetaCart
Abstract. Most approaches to the formal analyses of cryptographic protocols make the perfect cryptography assumption, i.e. the hypothese that there is no way to obtain knowledge about the plaintext pertaining to a ciphertext without knowing the key. Ideally, one would prefer to rely on a weaker hypothesis on the computational cost of gaining information about the plaintext pertaining to a ciphertext without knowing the key. Such a view is permitted by the Generic Model and the Random Oracle Model which provide nonstandard computational models in which one may reason about the computational cost of breaking a cryptographic scheme. Using the proof assistant Coq, we provide a machinechecked account of the Generic Model and the Random Oracle Model. 1
Constructive Reals in Coq: Axioms and Categoricity
"... We describe a construction of the real numbers carried out in the Coq proof assistant. The basis is a set of axioms for the constructive real numbers as used in the FTA (Fundamental Theorem of Algebra) project, carried out at Nijmegen University. The aim of this work is to show that these axioms can ..."
Abstract

Cited by 15 (2 self)
 Add to MetaCart
We describe a construction of the real numbers carried out in the Coq proof assistant. The basis is a set of axioms for the constructive real numbers as used in the FTA (Fundamental Theorem of Algebra) project, carried out at Nijmegen University. The aim of this work is to show that these axioms can be satisfied, by constructing a model for them. Apart from that, we show the robustness of the set of axioms for constructive real numbers, by proving (in Coq) that any two models of it are isomorphic. Finally, we show that our axioms are equivalent to the set of axioms for constructive reals introduced by Bridges in [2]. The construction of the reals is done in the ‘classical way’: first the rational numbers are built and they are shown to be a (constructive) ordered field and then the constructive real numbers are introduced as the usual Cauchy completion of the rational numbers. 1
OpenTheory: Package Management for Higher Order Logic Theories
"... Interactive theorem proving has grown from toy examples to major projects formalizing mathematics and verifying software, and there is now a critical need for theory engineering techniques to support these efforts. This paper introduces the OpenTheory project, which aims to provide an effective pack ..."
Abstract

Cited by 5 (3 self)
 Add to MetaCart
Interactive theorem proving has grown from toy examples to major projects formalizing mathematics and verifying software, and there is now a critical need for theory engineering techniques to support these efforts. This paper introduces the OpenTheory project, which aims to provide an effective package management system for logical theories. The OpenTheory article format allows higher order logic theories to be exported from one theorem prover, compressed by a standalone tool, and imported into a different theorem prover. Articles naturally support theory interpretations, which is the mechanism by which theories can be cleanly transferred from one theorem prover context to another, and which also leads to more efficient developments of standard theories.
C.A.: Inversive meadows and divisive meadows
, 2009
"... Abstract. An inversive meadow is a commutative ring with identity and a total multiplicative inverse operation satisfying 0 −1 = 0. Previously, inversive meadows were shortly called meadows. In this paper, we introduce divisive meadows, which are inversive meadows with the multiplicative inverse ope ..."
Abstract

Cited by 2 (2 self)
 Add to MetaCart
Abstract. An inversive meadow is a commutative ring with identity and a total multiplicative inverse operation satisfying 0 −1 = 0. Previously, inversive meadows were shortly called meadows. In this paper, we introduce divisive meadows, which are inversive meadows with the multiplicative inverse operation replaced by a division operation. We introduce a translation from the terms over the signature of divisive meadows into the terms over the signature of inversive meadows and a translation the other way round to show that it depends on the angle from which they are viewed whether inversive meadows or divisive meadows must be considered more basic. Divisive meadows are more basic if variants with a partial multiplicative inverse or division operation are considered as well. We also take a survey of firstorder logics that are appropriate to handle those partial variants of inversive and divisive meadows.
Lightweight Probability Theory for Verification
"... There are many algorithms that make use of probabilistic choice, but a lack of tools available to specify and verify their operation. The primary contribution of this paper is a lightweight modelling of such algorithms in higherorder logic, together with some key properties that enable verification ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
There are many algorithms that make use of probabilistic choice, but a lack of tools available to specify and verify their operation. The primary contribution of this paper is a lightweight modelling of such algorithms in higherorder logic, together with some key properties that enable verification. The theory is applied to a uniform random number generator and some basic properties are established. As a secondary contribution, all the theory developed has been mechanized in the hol98 theoremprover.