Unbalanced digit sets and the closest choice strategy for minimal weight integer representations

An online algorithm is presented that produces an optimal radix-2 representation of an input integer n using digits from the set D`,u = {a ∈ Z : ` ≤ a ≤ u}, where ` ≤ 0 and u ≥ 1. The algorithm works by scanning the digits of the binary representation of n from left-to-right (i.e., from most-significant to least-significant). The output representation is optimal in the sense that, of all radix-2 representations of n with digits from D`,u, it has as few nonzero digits as possible (i.e., it has minimal weight). Such representations are useful in the efficient implementation of elliptic curve cryptography. The strategy the algorithm utilizes is to choose an integer of the form d2, where d ∈ D`,u, that is closest to n with respect to a particular distance function. It is possible to choose values of ` and u so that the set D`,u is unbalanced in the sense that it contains more negative digits than positive digits, or more positive digits than negative digits. Our distance function takes the possible unbalanced nature of D`,u into account.