Class 17: Structural Induction

Transcript

1. Class 17: Structural Induction cs2102: Discrete Mathematics | F16 uvacs2102.github.io

   David Evans University of Virginia 0

2. Plan Recursive Data Types: Lists Recap List Operations Proving Properties

   about All Lists Structural Induction Trees 1

3. Recap: Lists null: prepend: × ⟶ first: List ⟶ rest:

   ⟶ empty: ⟶ Definition. A list is an ordered sequence of objects. A list is either the empty list (), or the result of prepend(, ) for some object and list . List Operations Constructors Observers 2

4. Defining List Operations null: prepend: × ⟶ first: List ⟶

   rest: ⟶ empty: ⟶ first prepend(, ) ⟶ rest prepend(, ) ⟶ empty prepend(, ) ⟶ empty null ⟶ 3

5. Length of a List 4

6. Length of a List Definition. The length of a list,

   , is: 0 if is null 1 + length otherwise = prepend , 5

7. Prove: for all lists, , list_length() returns the length of

   the list . Definition. The length of a list, , is: 0 if is null 1 + length otherwise = prepend , 6

8. Prove: for all lists, , list_length() returns the length of

   the list . Definition. The length of a list, , is: 0 if is null 1 + length otherwise = prepend , 7

9. Concatenation Definition. The concatenation of two lists, = U ,

   V , … , X and = U , V , … , Y is U , V , … , X , U , V , … , Y . How can we define this constructively? 8

10. Concatenation Definition. The concatenation of two lists, = U ,

    V , … , X and = U , V , … , Y is U , V , … , X , U , V , … , Y . How can we define this constructively? Also: poll on “slack breaks” Any questions about PS6, definitions so far, recursive data, etc. 9

11. 10

12. 11

13. Concatenation Definition. The concatenation ( + ) of two lists,

    and , is defined as: Base case: = (empty list) + = Constructor case: = prepend(, ) for some list , object + = prepend(, + ) 12

14. Length of Concatenation Prove. For any two lists, and ,

    length( + ) = length() + length() 13

15. Prove. For any two lists, and , length( + )

    = length() + length() Base case: = (empty list) + = Constructor case: = prepend(, ) + = prepend(, + ) 14

16. Structural Induction To prove for all objects of a data

    type: 1. Prove for all base objects . 2. Prove for all data type objects : ⇒ for all constructable from . 15

17. Structural Induction (Data Types) Invariant Principle (State Machines) (Regular) Induction

    (Natural Numbers) To prove ^ prove a base case prove an inductive step quod erat demonstrandum. 16

18. Structural Induction (Data Types) Invariant Principle (State Machines) (Regular) Induction

    (Natural Numbers) for all data type objects for all reachable states To prove ^ for all natural numbers prove a base case 0 _ base object prove an inductive step ⇒ ( + 1) ⇒ for all constructable from ⇒ for all reachable from quod erat demonstrandum. 17

19. Trick-or-Treat Protocols 18

20. “Trick or Treat” 19 Tricker initiates the protocol by making

    a threat and demanding tribute Victim either pays tribute (usually in the form of sugary snack) or risks being tricked

21. “Trick or Treat” 20 Tricker initiates the protocol by making

    a threat and demanding tribute Victim either pays tribute (usually in the form of sugary snack) or risks being tricked Tricker must convince Victim that she poses a credible threat: prove she is a qualified tricker

22. Trick-or-Treat Trickers? Victim 21 Any problems with this?

23. Proof without Disclosure How can the tricker prove their trickability,

    without allowing the victim to now impersonate a tricker? 22

24. Challenge-Response Protocol 23 Prover: proves knowledge of by revealing (,

    ) . Verifier: convinced prover knows , but learns nothing useful about . Verifier: picks random . Need a one-way function: hard to invert, but easy to compute.

25. Example: RSA 24 Ee (M ) = Me mod n

    Dd (C ) = Cd mod n Correctness property: Ee (Dd ()) =

26. Trick-or-Treat Trickers? Victim 25

27. Trick-or-Treat Trickers? Victim 26 How does victim know e and

    n? Verify: n = nmod =

28. 27 “Elsa #253224”, = 3482..., = 1234... signed by Tricker’s

    Buroo Verify: n = nmod = Verify Tricker’s Buroo signature on certificate

29. 28 “virginia.edi”, = 3482..., = 1234... signed by Certificate Authority

    Verify and Decrypt: p n () = Verify signature on certificate Server

30. 29

31. Binary Trees A binary tree is either: - null or

    - node: (Tree, Object, Tree) 30

32. Tree Operations A binary tree is either: - null or

    - node: (Tree, Object, Tree) 31

33. A binary tree is either: - null or - node:

    (Tree, Object, Tree) null: node: × × → label: → left: → right: → empty: → Tree Operations 32

34. Structural Induction To prove for all objects of a data

    type: 1. Prove for all base objects . 2. Prove for all data type objects : ⇒ for all constructable from . Does this work for trees? 33

35. Structural Induction To prove for all objects of a data

    type: 1. Prove for all base objects . 2. Prove for all data type objects : ⇒ for all constructable from . Tree Constructors null: node: × × → 34

36. Binary Structural Induction To prove for all objects of a

    data type: 1. Prove for all base objects . 2. Prove for all data type objects U , V : U ∧ V ⇒ for all constructable from U and V. 35

37. Number of Labels Prove: The number of labels in a

    binary tree with nodes is . null: node: × × → 36

38. Charge Enjoy Halloween Don’t be victimized by any unsubstantiated threats!

    Problem Set 7 due Friday 37