Formal Verification of Robertson-Type Uncertainty Relation

Formal verification using interactive theorem provers have been noticed as a method of verification of proofs that are too big for humans to check the validity of them. The purpose of this work is to verify the validity of Robertson-type uncertainty relation toward verifying unconditional security of quantum key distributions. We verify the validity of the relation by using proof assistant Coq and it is turned out that the theorem regarding the relation formally holds. The source code for Coq which represents the validity of the theorem is printed in Appendix.


Introduction
Formal verification is a technique for verifying the validity of proofs in mathematics, algorithms, computer systems, and so on.In the formal verification by using logical reasoning, interactive theorem provers (HOL [1], ACL2 [2], Isabelle [3], Coq [4], just to a name a few) are used for verifying mathematical proofs.In accordance with the Curry-Howard correspondence [5], the validity is verified through coding of the proofs in functional languages.
Formal verification by using the interactive theorem provers has been noticed as a technique for verifying proofs of theorems which are too large for humans to check the validity.Such a theorem as the Feit-Thompson theorem (also known as the odd order theorem) [6] can be enumerated as an example.This theorem was proven in 1963.However, the verification of the validity of the proof was highly difficult at 1980s [7] since its total number of pages are about 300.Gonthier et al. [8] verified the proof by using SSReflect which is an extension of the proof assistant Coq.The formalized theorem and lemmas which are formalized in the process of the verification are utilized for the formalization of mathematical science.Therefore, the formal verification of rela-tively small lemmas which are used for large proofs is useful as a library for the verification of the other large proofs.
The formal verification is considered valid at information theory which is a branch of mathematical science.Affeldt et al. [9] formally verify basic definitions and theorems in information theory by using SSReflect, and also Shannon's channel coding theorem and source coding theorem [10] which are famous theorems of all results of information theory.These formalized theorems are valuable not only toward the formally verification of integrity between coding and decoding algorithms and the software implemented ones, but also further facilitating of the formal verification by utilizing the formalized types.
In quantum information theory, the axioms of quantum physics are described mathematically [11].Therefore, the formal verification can be applied to verifying the validity of quantum information theory.In this work, we verify the validity of uncertainty relation toward verifying unconditional security of quantum key distributions and encouraging the formal verification of large proofs in quantum information theory.Specifically, we verify the validity of Robertson-type uncertainty relation [12] by using the proof assistant Coq.
This paper is organized as follows.In Section 2, we review the theorem regarding Robertson-type uncertainty relation and its mathematically proof.In Section 3, we formally verify the validity of the theorem with Coq.In Section 4, this paper is summarized.Coq source code is printed in Appendix.

Robertson-Type Uncertainty Relation
Robertson-type uncertainty relation imposes a restriction on probability distributions of measurement outcomes with observables.In this type, uncertainty of the measurement is characterized by standard deviation of the distribution.
In quantum information theory, a quantum system and a quantum pure state in the system are regarded in the same light as a Hilbert space and a unit vector in the space, respectively.In addition, an observable is regarded as an Hermitian operator on the Hilbert space.Let [ ] V A ψ be variance of outcomes which are obtained by measuring a quantum system in a quantum state ψ with an observable A. Then, [ ] holds.Standard deviation of the outcomes [ ] The following theorem was given by Robertson [12].
A relation between two observables represented by Equation ( 2) is called Robertson-type uncertainty relation.
The right-hand side of the inequality always takes 0 if the observables are commutative.Therefore, both of standard deviations of the observables may take 0. On the other hand, for non-commutative observables, the right-hand side of the inequality dose not take 0.Then, both of standard deviations of the observables dose not take 0. This implies that Equation ( 2) is a tradeoff between uncertainties of the observables.In this case, the uncertainty is characterized by standard deviation.
The relation between the non-commutative observables often plays crucial role in discussion of unconditional security of quantum key distributions.In BB84 [13] which is the most famous quantum key distribution protocol, eigenstates of non-commutative observables x σ and z σ are used for sharing secret key between a sender (called Alice) and a receiver (called Bob).Alice prepares random bits and sends quantum bits (qubits) to Bob, where each qubit is prepared in one of the eigenstates of x σ and z σ with a procedure of the protocol.Bob measures each qubit with x σ or z σ randomly and obtains outcomes as a candidate key.For obtaining a sifted key, Alice and Bob check the choices of the observables in the state preparation and the quantum measurement.They calculate error rate of a part of the sifted key.The protocol is aboded if the rate is grater than preset value (this implies that they presume the existence of some kind of eavesdropping).Otherwise, they perform the leftover sifted key to make the secret key with error correction and privacy amplification.A purpose of a eavesdropper (called Eve) is to gain information of the secret key without being detected by Alice and Bob on the channel.Eve can gain information if she can distinguish the eigenstates of x σ and z σ .However, there is a tradeoff between information gain for Eve and the error rate.That is, she cannot gain information of the secret key generated by x σ without increasing the error rate of the part of the sifted key generated by z σ , and vice versa.The fact is known as the information disturbance theorem [14]- [16] and this theorem is applied to a proof of unconditional security of BB84 [14].The information disturbance theorem can be regarded as an information theoretic version of uncertainty relation [15].The theorem is obtained directly [16] from entropic uncertainty relation [17] [18] which is a kind of types of uncertainty relation.In this work, we verify the validity of Robertson-type uncertainty relation using the proof assistant Coq toward verifying entropic uncertainty relation, the information disturbance theorem, and unconditional security of quantum key distributions.

Formal Verification of Robertson-Type Uncertainty Relation
In this section, we verify the validity of Robertson-type uncertainty relation by using the proof assistant Coq.We define types as follows: • C: a type of a complex number • Vec C n: a type of an n-dimensional complex vector • UnitVec C n: a type of an n-dimensional complex unit vector • Mat C v: a type of a v = n n × complex matrix • HMat v: a type of a v = n n × Hermitian matrix We define functions as follows: • var: takes a pair of a variable of UnitVec C n and a variable of HMat v and returns variant with respect to the variables (see Equation ( 1 Before giving the formally proof described by Coq, we show the broad outlines of it.Firstly, we define the types and the functions in linear algebra.The types and functions are already shown above.The next step is to obtain subgoals through applying small lemmas to some inequalities.The subgoals are formally verified through interactive proof sessions.Finally, we complete the verification of the the theorem regarding Robertson-type uncertainty relation when we have no new subgoals.
Proof.We execute the above statement and obtain a response from Coq: 1 subgoals ______________________________________(1/1) forall (n : nat) (v : mlengths n) (A B : HMat v) (psi : UnitVec), sqrt (var psi A) * sqrt (var psi B) >= 1/2* cabs (innerProd psi (mvMult (mMinus (mMult A B) (mMult B A)) psi)) For the above subgoal (statement), a command called tactic is inputted and executed, then, new subgoal which is rewritten according to the tactic is obtained as a response from Coq.We prove the statement through interactive proof sessions until there no exist new subgoals (for complete Coq source code, see Appendix).We input the following tactic and execute it: intros.
where intros is a tactic which adds a condition described by universal quantifier to preconditions.Then, we get the following response from Coq:  For proving the transitive relation . The lemma is applied to the subgoal by using a tactic apply: Accordingly, the inequality which was performed with assert is added to the precondition as an assumption H.
The assumption H is applied to the subgoal for proving ( ) We input a tactic split to split ( ) Then, we get the following response from Coq: definition of standard deviation and Hermiticity of the observable.

2 .
)) • cabs: takes a variable of C and returns absolute value of it • mMinus: takes a pair of variables of Mat C v and returns addition of them • mMinus: takes a pair of variables of Mat C v and returns subtraction of them • mMult: takes a pair of variables of Mat C v and returns product of them • innerProd: takes a pair of variables of Vec C n and returns inner product of them • mvMult: takes a pair of a variable of Mat C v and a variable of Vec C n and returns product of them Theorem We declare a formalized statement of Robertson-type uncertainty relation in Coq: Theorem RobertsonUR: forall (n : nat) (v : mlenghts n) (A B: HMat v) (psi : UnitVec C n), (sqrt (var psi A)) * (sqrt (var psi B)) >= (1/2) * (cabs ( innerProd psi (mvMult (mMinus (mMult A B) (mMult B A)) psi))).