Advances in Mathematics of Communications Web site: http://www.aimSciences.

org
Volume 2, No. 2, 2008, 159–173

A COMBINATORIAL INTERPRETATION OF DOUBLE BASE

NUMBER SYSTEM AND SOME CONSEQUENCES

Pradeep Kumar Mishra

Center for Information Security and Cryptography
University of Calgary
2500 University Drive NW
Calgary, AB T2N 1N4, Canada

Vassil Dimitrov
Center for Information Security and Cryptography
University of Calgary
2500 University Drive NW
Calgary, AB T2N 1N4, Canada

(Communicated by Renate Scheidler)

Abstract. In Signal Processing and Cryptography a non-standard number

representation, called Double Base Number System (DBNS) has found many
applications. This representation has many interesting and useful properties.
In traditional number systems, there is one radix used to represent numbers.
For example in decimal systems, numbers are expressed as sum of powers of 10.
In DBNS numbers are represented as sum of product of powers of 2 radices. In
the current article we present a scheme to represent numbers in double (and
multi-) base format by combinatorial objects like graphs and diagraphs. The
combinatorial representation leads to proof of some interesting results about
the double and multibase representation of integers. These proofs are based
on simple combinatorial arguments. In this article we have provided a graph
theoretic proof of the recurrence relation satisfied by the number of double base
representations of a given integer. The result has been further generalized to
more than 2 bases. Also, we have uncovered some interesting properties of
the sequence representing the number of double (multi-) base representation
of a positive integer n. It is expected that the combinatorial representation
can serve as a tool for a better understanding of the double (and multi-) base
number systems and uncover some of the mysteries still associated with it.

1. Introduction
For last couple of years, there have been many papers emphasizing the use of
double base number system (DBNS) in cryptography ([2, 1, 6, 8, 9, 10, 14, 16, 17]).
In [5] and [13], authors have discussed elliptic curve scalar multiplication using a
representation of the scalar in more than one base. Double base number system,
first time proposed in [12], is a non-traditional way of representing numbers. Unlike
traditional systems, which use only one radix to represent numbers, DBNS uses 2
radices to represent a number. For example, if 2 and 3 are used as the radices,
an integer n is expressed as sum of terms like ±2bi 3ti , where bi , ti are integers.

2000 Mathematics Subject Classification: Primary: 05A15.

Key words and phrases: Double base number system, DBNS-graphs, MB-graphs.
The authors are affiliated with Dept of Electrical and Computer Engg., University of Calgary,
Canada.

159 2008
c AIMS-SDU
160 P. K. Mishra and V. Dimitrov

Recently, in [16] an elliptic curve scalar multiplication scheme has been presented
which uses 3 bases to represent the scalar. The proposed algorithm performs even
better than its 2 base counterparts. This indicates that the DBNS can be easily
generalized to more than 2 bases, which will greatly enhance their applicability
to real life situations. The current article is devoted to analyse and explore some
interesting propeties of double (and multi) base number system using combinatorial
and graph theoretic arguments.
Graphs are very interesting combinatorial objects widely used in discrete math-
ematics and computer science. In the current article we will represent a number in
DBNS by means of a bipartite graph or a diagraph. We will prove some interest-
ing results about DBNS representations using simple combinatorial arguments on
these objects. Usual arithmetic operations like addition, multiplication can now be
described by graph theoretic operations. This representation may be of interest to
people working in various areas of computer science.
Two most interesting properties of DBNS are: (i) sparsity and (ii) redundancies.
Sparsity means that a number can be represented as a sum of very few terms of the
form ±2bi 3ti . This is important in cryptographic applications like exponentiation or
scalar multiplication. In fact, it is the number of point addition operation needed to
compute the scalar multiplication. In [1], it has been proved that in certain DBNS
representations, the number of addition could be sublinear in the size of the scalar.
Redundancy means that such representation is not unique. Redundancy implies
that one can choose a particular representation a given number depending upon
the application in which it is used. Also, these properties raise some interesting
questions about the DBNS representations. Given a number n, what is the shortest
DBNS representation for n requiring the minimum number of summands? Such
representations are called cannonical representations. A number can have several
cannonical representations. Computing a cannonical representation is again a very
difficult computational problem. Also, given an integer n, exactly how many DBNS
representationcan help in finding solutions to these problems.
In the current article, we tackle the problem of redundancy. Let P (n) represent
the number of DBNS representation of the integer n. Then the sequence P (n)
satisifies an interesting recurrence relation. In the current article, we will provide a
graph theoretic proof of the recurrence relation. The relation can be proved using
other mathematical tools. In [9], authors have provided one proof using generating
functions. However, the proof can not be extended to more than 2 bases. The
beauty of the proof given in this article is that it can be generalized to any number
of radices. In the current article we have also provided a general version of the
recurrence relation and proved it using a special type of graphs and combinatorial
arguments.

2. Background: double base number system

For the last decade, a new number representation scheme has been a subject of
intensive studies, due to its applicability to digital signal processing and cryptog-
raphy. This number representation is called double base number system. We start
with the following definition from B. M. M. de Weger [7].

Definition 1. Given a set P of primes, a P -integer is a positive integer all of whose

prime divisors are in P .
Advances in Mathematics of Communications Volume 2, No. 2 (2008), 159–173
 Combinatorial interpretation of DBNS 161

The double base number system is a representation scheme in which every posi-
tive integer k is represented as the sum or difference of {2, 3}-integers (i.e., numbers
of the form 2b 3t ) as
Xm
(1) k= si 2bi 3ti , with si ∈ {−1, 1}, and bi , ti ≥ 0.
i=1

The term 2-integer is also used for terms of the form 2b 3t . This number representa-
tion scheme is highly redundant. If one considers the DBNS with only positive signs
(si = 1), then it is seen that, 10 has exactly five different DBNS representations,
100 has exactly 402 different DBNS representations and 1000 has exactly 1 295 579
different DBNS representations. Probably, the most important theoretical result
about the double base number system is the following theorem from [11].
Theorem
 1. Every positive integer k can be represented as the sum of at most
log k
O {2, 3}-integers.
log log k
The proof is based on Baker’s theory of linear forms of logarithms and more
specifically on a result by R. Tijdeman [20]. Another simpler proof can be found
in [1].

Table 1. Table indicating sparseness of DBNS representation

range of n maximum #2-integers in the

canonical represention of n
1 ≤ n ≤ 22 2
23 ≤ n ≤ 430 3
432 ≤ n ≤ 18, 430 4
18432 ≤ n ≤ 3 448 732 5

Some of these representations are of special interest, most notably the ones that
require the minimal number of {2, 3}-integers; i.e., an integer can be represented
as the sum of m terms ({2, 3}-integers), but cannot be represented as the sum of
m− 1 or less. These representations are called canonical representations. Even such
representations are not unique for numbers greater than 8. For example, 10 has two
canonical representations, 2+8, 1+9. In Table 1, we present some numerical figures
to demonstrate sparseness of DBNS.
Finding one of the canonical DBNS representations, especially for very large
integers, seems to be a very difficult task. One can apply a greedy algorithm to find
a fairly sparse representation very quickly: given k > 0, find the largest number of
the form z = 2b 3t less than or equal to k, and apply the same procedure with k − z
until reaching zero. The greedy algorithm returns near canonical solutions, but not
the real canonical ones. A small example is 41. Greedy returns 36 + 4 + 1, a 3-term
representation, where as the canonical solution is 32+9. However, greedy algorithm
is easy to implement and it guarantees a representation satisfying the asymptotic
bound given by Theorem 1 (see [11]).

3. Graphical representation of numbers: the DBNS graphs

We can represent natural numbers by means of a special type of bipartite graphs,
we call DBNS-graphs. Let V1 = {1, 2, 22, · · · } and let V2 = {1, 3, 32, · · · } be two sets
Advances in Mathematics of Communications Volume 2, No. 2 (2008), 159–173
162 P. K. Mishra and V. Dimitrov

S
of vertices. A DBNS-graph is a bipartite graph whose vertex set is V1 V2 and the
set of edges is a subset of {(2a , 3b ) : a ≥ 0, b ≥ 0}. In practice, we will take V1 and
V2 to be finite sets.
Let n be a natural number and let n = 2a1 3b1 + · · · + 2ak 3bk be a DBNS rep-
resentation of n. We can represent n by a DBNS-graph Dn defined as follows:
Let a = max1≤i≤k {ai } and let b = max1≤i≤k {bi }. Then the vertex set of Dn is
V = {1, 2, · · · 2a } {1, 3, · · · , 3b } and the edge set is E = {(2a1 , 3b1 ), · · · , (2ak , 3bk )}.
S
Due to redundancy of the DBNS, for every natural number n, there are several
DBNS graphs representing n. We can represent 0 by the null bipartite graph.
Thus, the null graph is also a DBNS-graph.

1 0 0 1 1 0 0 1

1 0 0 1 1 0 0 1
2 3 2 3
2 2
2 0 0 2 0 0
2 3 2 3
3 3 3 3
0 0 3 0 0 3
2 2

Figure 1. A DBNS-graph representing 33 = 23 31 + 20 32 and a

DBNS-digraph representing 80 = 23 32 + 22 31 − 21 30 − 20 31 + 20 30

To accommodate negative integers, we can use bipartite digraphs. We use the

following convention: the arcs of the type (2i , 3j ) are taken to be positive (represent
the summand 2i 3j in the DBNS representation of the number) and the arcs of
type (3j , 2i ) to be negative (represent −2i 3j ). We use this convention throughout
this paper, although one can use the other sign convention too. Thus any integer,
positive, negative or zero can be represented by a DBNS-digraph. If n is represented
by a DBNS digraph Dn , then −n can be represented by the digraph −Dn , obtained
from Dn by just reversing the directions of the arcs of Dn . In Figure 1, a DBNS-
graph representing 33 and a DBNS-digraph representing 80 have been shown. Same
types of graphs can be used to represent numbers with more than 2 bases. We defer
the discussion of such graphs to Section 4 and concentrate on 2 bases here, 2 and 3
only.

3.1. Some special DBNS-graphs. It is simple to see that the binary and ternary
representation are special cases of DBNS. In fact, if we restrict the vertex set to V2
to be {30 = 1} only, then we get the binary number system. The DBNS-digraphs
with this restriction will represent the signed binary system with both positive and
negative coefficients. The NAF representation [19] is a further restriction, in which
no two consecutive vertices in V1 (like 2a and 2a+1 ) are of positive degree.
If we impose the restriction V1 = {1, 2} on the DBNS-graphs (resp. digraph),
the representations obtained are the (resp signed) ternary representations.
In [8], the authors use a special type of DBNS representation, in which the
binary and ternary indices form two monotonic sequences. Such representations
have DBNS-graphs with non-intersecting edges.
It is an interesting question to see which numbers are represented S by complete
DBNS-graphs. A DBNS-graph with vertex set V1 = {1, 2, · · · , 2m } {1, 3, · · · , 3n }
is complete if it contains all the edges (2i , 3j ), 0 ≤ i ≤ m, 0 ≤ j ≤ n. It is simple to
Advances in Mathematics of Communications Volume 2, No. 2 (2008), 159–173
 Combinatorial interpretation of DBNS 163

see that these graphs represent the numbers

(2m+1 − 1)(3n+1 − 1)
(1 + 2 + · · · + 2m )(1 + 3 + · · · + 3n ) = .
2
For m = n = 0, the corresponding complete DBNS-graph represents 1, for m =
n = 1 it represents 12 and so on. If we take m = 0, and allow n to vary, the
complete DBNS-graphs so obtained will represent the numbers 1, 4, 13, 40, · · · . On
the other hand if we take n = 0 and allow m to vary, then we get the numbers
1, 3, 7, 15, 31, · · · , which are the binary numbers (1)2 , (11)2 , (111)2 , (1111)2 , · · · .
3.2. Operations on DBNS-graphs. We assume that all DBNS-graphs are sim-
ple, i.e. without any parallel edges. If during any graph theoretic operation on
a DBNS-graph a pair of parallel edges appear in it, we use the following rule to
resolve the parallel edges:
D-Rule: If some operation on a DBNS-graph Dn creates a pair of parallel edges
between the vertices 2a and 3b , then replace the pair of edges by a single edge
between 2a+1 and 3b . The rationale behind the rule is trivial.
In case of digraphs, the D-rule has to be slightly modified:
Modified D-Rule If there are parallel edges between the vertices 2a and 3b then
1. If the edges are in opposite directions (i.e. edges are (2a , 3b ) and (3b , 2a )), just
eliminate them.
2. If they are in the direction (2a , 3b ), then replace them by (2a+1 , 3b ).
3. If they are in the direction (3b , 2a ), then replace them by (3b , 2a+1 ).
Conversion from Binary to Non-adjacent Form(NAF) Non-adjacent form of
representation [19] is extensively used in cryptography due to the fact that it is the
signed binary representation of an integer with minimal Hamming weight [4]. In the
last Section we have indicated that NAF representations are DBNS-digraphs with
V2 = {1} with the restriction that no two consecutive vertices in V1 are of degree
one. We can obtain the NAF representation of a number n with the following
simple operations. Let Dn be the DBNS-graph representing the binary expansion
of n. Then starting from the vertex 1 ∈ V1 , see if any two consecutive vertices
are of degree 1. If such a pair of vertices found with edges (2a , 30 ) and (2a+1 , 30 ),
then replace the edges by the arcs (2a+2 , 30 ) and (30 , 2a ). This may lead to parallel
edges. If so, remove them using modified D-rule. Repeat the process till the last
vertex in V1 is reached.
Note that, if both the last two vertices (say, 2m−1 and 2m ) in V1 have degree
1, then one has to extend V1 to one more vertex (namely 2m+1 ). This explains,
why the length NAF representation of n is at most 1 more than that of the binary
representation.
We define the following simple operations on a DBNS-graph.
SUCC: If Dn is a DBNS-graph, then SU CC(Dn ) is the graph obtained by
adding the edge (20 , 30 ) = (1, 1) to Dn . Note that addition of this new edge
may introduce a pair of parallel edges in Dn . In that case the parallel edge has
to be avoided using the D-rule, maybe once or more than once. Also, note that
SU CC(Dn ) is a DBNS-graph representing n + 1.
RT-operation: Let Dn be a DBNS-graph. Then RT (Dn ) is a graph obtained
by replacing each edge (2a , 3b ) ∈ Dn by (2a , 3b+1 ). Note that RT operation always
creates a isolated vertex at 30 . RT stands for right-twist. The operation twists the
graph in the right side. It is simple to show that if the graph Dn stands for the
number n, then RT (Dn ) stands for 3n.
Advances in Mathematics of Communications Volume 2, No. 2 (2008), 159–173
164 P. K. Mishra and V. Dimitrov

Similarly we can define the LT-operation, where LT stands for left-twist and
it is the inverse operation of RT. If in Dn , the vertex 30 is an isolated vertex, then
LT (Dn) is the graph obtained by replacing each edge (2a , 3b ) of Dn by (2a , 3b−1 ).
LT (Dn) is undefined if the vertex 30 is not an isolated vertex in Dn . It is obvious
that if the graph Dn stands for n, then LT (Dn) stands for n/3.
Also, we define the following notation. If S is a set of DBNS-graphs and X is
one of the above operations, then by X(S), we mean the set of graphs obtained
by applying operation X to each member of the set S, provided such application
is possible, otherwise X(S) is undefined. For example, SU CC(S) = {SU CC(G) :
G ∈ S}.
Due to high redundancy of DBNS, every integer n > 3 can be represented by
several DBNS-graphs. Let Sn represent the set of all DBNS-graphs representing n.
Clearly, S1 is {D1 } = {(20 , 30 )}. Also, S2 = SU CC(S1 ) = {D2 } = {(21 , 30 )}. We
know, 1 and 2 have unique DBNS representations. These representations are given
by the singleton sets S1 and S2 respectively.
What is S3 ? We know 3 has two DBNS representations, namely 1 + 2 and 3.
That is, S3 ) = (20 , 30 ), (21 , 30 ), (20 , 31 ). So SU CC(S2 ) is a proper subset of S3 .
This implies that, Sn+1 6= S SU CC(Sn ). How can one obtain Sn+1 from Sn+ ? It is
simple to see that S3 = S2 RT (S1 ). That is the second graph representing 3 can
be obtained by applying RT-operation to the graph representing 1. In fact, we have
the following general theorem.

Theorem 2. For any positive integer n,

( S
SU CC(Sn−1 ) RT (Sn/3 ) if 3 | n,
(2) Sn =
SU CC(Sn−1 ) otherwise.

Proof. We use induction to prove the theorem. Clearly, it is true for n = 1, 2, 3. Let
it be true for all integers less than n. Now let us consider the case of n. Obviously,
the set in the right hand side is a subset of the set in the left hand side. We need
to prove the other inclusion only. Let D ∈ Sn . We wish to show that D is in the
set in the RHS. If D has the edge 1 = (20 , 30 ), then removing this edge from D,
we get a member D′ of Sn−1 . Hence D = SU CC(D′ ) is in the sets in RHS. If D
does not contain the edge 1, let it contain some edge 2j = (2j , 30 ). Let us consider
the graph D′′ ∈ Sn−1 obtained from D by removing the edge 2j and introducing
the edges 1 = (20 , 30 ), 2 = (21 , 30 ), · · · , 2j−1 = (2j−1 , 30 ). Clearly, D′′ ∈ Sn−1 and
SU CC(D′′ ) = D, hence D is in the set in right-hand side also. Suppose, D has no
edge of the form 2j = (2j , 30 ). Then, 30 must be an isolated vertex in D. Then
n must be a multiple of 3. Let us consider the graph D′′′ = LT (D). It is in Sn/3
and D = RT (D′′′ ). Hence, in this case also D belongs to the set in the RHS. This
completes the proof.

Theorem 2 has two implications. It gives us a methodology to compute the sets

Sn iteratively from Sn−1 and Sn/3 (if n is a multiple of 3). If these latter sets
are unknown, then we can start from S1 and compute all Si upto n to obtain Sn .
Another important implication of this theorem is the following corollary.

Corollary 1. For any positive integer n, let P (n) denote the number of distinct
DBNS representation of n. Then P (1) = 1 and for n > 1, P (n) satisfies the
Advances in Mathematics of Communications Volume 2, No. 2 (2008), 159–173
 Combinatorial interpretation of DBNS 165

following recurrence relation:

(
P (n − 1) + P (n/3) if 3 | n,
(3) P (n) =
P (n − 1) otherwise.
Proof. Clearly, |Sj | = P (j) for all S
j ≥ 1. We only need to prove that there is no
duplicate in the sets SU CC(Sn−1 ) RT (Sn/3 ) if 3|n or in SU CC(Sn−1 ) if n is not
a multiple of 3. Clearly SUCC operation on Sn−1 can not generate any duplicate.
Also RT on Sn/3 can not generate any duplicate. The only question is, can any
element of SU CC(Sn−1 ) be equal to one in RT (Sn/3 )? The answer is obviously no.
Because SUCC operation adds one edge (20 , 30 ) and eliminates any parallel edges
using the D-rule. So SUCC operation always adds one edge of the type (2i , 30 ).
But, the RT operation creates an isolated vertex at 30 . Hence no DBNS-graph
generated by an SUCC operation can be equal to any graph generated by an RT
operation. This completes the proof.
We note that, the recurrence (3) has been extensively studied in connection
with partition of integers for last six decades. In this article we have established the
connection of the recurrence relation with the number of double base representation
of a positive integer n. Unfortunately, the recurrence can not be solved as an explicit
function in n. There has been many attempts for approximate solutions. Interested
readers can go through Appendix A for a brief overview of these attempts.
Note that the above results can be generalized to any base {2, s}. Taking powers
of 2 and powers of s in the vertex sets of DBNS graphs and redefining the RT
operation, one can prove that,
Corollary 2. For any positive integer n, let Ps (n) denote the number of distinct
DBNS representation of n using the bases 2 and s. Then Ps (1) = 1 and for n >
1, Ps (n) satisfies the following recurrence relation:
(
Ps (n − 1) + Ps (n/s) if s | n,
(4) Ps (n) =
Ps (n − 1) otherwise.
It is worth mentioning here that the authors have also found alternative proofs of
Equation 3 and 4 using generating functions and Mahler’s functional equation [15].
However, those proofs can not be generalized to more than two bases. The proofs
provided in this article using the DBNS graphs can be easily extended to more than
2 bases, which will be dealt with in the next section. This justifies the use of the
graph theoretic representation.

4. Generalization to more than 2 bases

In this section we will generalize the results obtained in last section to more than
two bases. Let us first consider the simple case of 3 bases, namely, 2, 3 and 5.
A graph representing an integer in three or more bases will be called a multi-base
graph (MB-graph). An MB-graph, like a DBNS-graph, is a bipartite graph, with
the usual vertex sets V1 = {20 , 21 , · · · } and V2 = {30 , 31 , · · · }. To accommodate
each of the base elements other than 2 and 3, we will add an attribute to the edges.
For example in the case of bases 2, 3 and 5, the edges will have one attribute. This
attribute can be something like colour and we use an integer variable to represent it.
We will refer to the value of this attribute variable as the intensity of the attribute
or simply intensity of the edge. If a particular representation has k bases, then the
corresponding MB-graphs will have edges with k − 2 attributes.
Advances in Mathematics of Communications Volume 2, No. 2 (2008), 159–173
166 P. K. Mishra and V. Dimitrov

In an MB-graph with bases 2, 3 and 5, an edge of intensity c joining two vertices

2a and 3b will represent the summand 2a 3b 5c in the multi-base representation of
an integer. We can represent such an edge by an ordered triple, (2a , 3b , c), where
the third component is the intensity of the edge. Note that if in an MB-graph all
the edges are of intensity 0, then it is a DBNS-graph. Two edges with different
intensities between the same pair of vertices will not be treated as parallel edges.
In other words we will allow parallel edges between a pair of vertices if the edges
are of different intensity (e.g. colour). If the parallel edges are of same intensity
then they are to be eliminated by D-rule.
We define a new operation σ on MB-graphs as follows. Let D be a MB-graph.
Then σ(D) is the graph obtained from D by increasing intensity of each of its edges
by 1. For example, if D has edges {(2a1 , 3b1 , c1 ), (2a2 , 3b2 , c2 ), · · · } then σ(D) has
edges {(2a1 , 3b1 , c1 + 1), (2a2 , 3b2 , c2 + 1), · · · }. Clearly, if D represents n, then σ(D)
represents 5n.
Let Tn denote the set of all MB-graphs representing an integer n using the bases
2, 3 and 5 and let Q(n) be the cardinality of the set Tn . Then obviously Sn = Tn and
P (n) = Q(n) for n = 1, 2, 3, 4. To illustrate how Q(n) differs from P (n) for n ≥ 5,
let us define Un and R(n) as follows. Let Un be the set of MB-graphs representing
n such that each edge in each of the graphs in Un has intensity at least one. Let
R(n) denote the size of Un . In other words, R(n) is the number of representation
of n using terms of the form 2a 3b 5c , where c ≥ 1. Clearly, each of these terms is a
multiple of 5. So, n has such a representation if and only if 5 | n. Thus we have the
following result:
For any n ≥ 5, we have
(
σ(Tn/5 ) if 5 | n,
(5) Un =
∅ otherwise.
Hence, taking cardinalities in both sides, we obtain,
(
Q(n/5) if 5 | n,
(6) R(n) =
0 otherwise.
We define a binary operation ⊕ as follows. Let A and B be two sets of graphs.
Then,
[
A ⊕ B = {G1 G2 | G1 ∈ A ∧ G2 ∈ B}.
Let us now look at the graphs in Tn . Clearly, Sn ⊂ Tn . What else is there in Tn ?
Let k = ⌊n/5⌋. Let i ≤ k and let us consider the graphs in the set
Sn−5i ⊕ U5i .
Clearly each graph in this set represents n. Hence Sn−5i ⊕ U5i ⊂ Tn . So,
k
[ [
Sn ( Sn−5i ⊕ U5i ) ⊂ Tn .
i=0

Conversely, let Mn be a multi-base graph in Tn . If the intensity of each of its edges

is zero, then it is a DBNS-graph in Sn . Otherwise, the non-DBNS component of Mn
(i.e. the subgraph of Mn containing all the edges of Mn with nonzero intensity) can
have a value 5 or 10 or · · · or 5k. If it is 5i for some 1 ≤ i ≤ k, then Mn ∈ Sn−5i ⊕U5i .
Thus the other inclusion is also true. Thus we have proved the following theorem:
Advances in Mathematics of Communications Volume 2, No. 2 (2008), 159–173
 Combinatorial interpretation of DBNS 167

Theorem 3. For any positive integer n,

[ [ [
Tn = Sn (Sn−5 ⊕ U5 ) · · · (Sn−5k ⊕ U5k )
k
[
= (Sn−5i ⊕ U5 i)
(7) i=1
k
[
= (Sn−5i ⊕ σ(Ti )) (by (5))
i=1

where k = ⌊n/5⌋ and U0 = T0 = the set containing the null MB-graph only.
As the graphs in Sn−5i ⊕U5i have non-DBNS component 5i, Sn−5i ⊕U5i , 0 ≤ i ≤ k
is a union of pairwise disjoint sets. Taking the cardinality of the sets in (7) we get,
Corollary 3. Let Q(n) be the number of multibase expansion of an integer n using
a bases 2, 3 and 5. Then Q(1) = 1 and
Q(n) = P (n) + P (n − 5)R(5) + · · · + P (n − 5k)R(5k)
(8) = P (n) + P (n − 5)Q(1) + · · · + P (n − 5k)Q(k) (using Equ. (6))
= Σki=0 P (n − 5i)Q(i)
where k = ⌊n/5⌋.
Let us now consider the more general case, i.e. the case of any number of bases.
We choose our bases from the set of primes {2, 3, 5, 7, · · · }. Let Bk be the set of
first k primes. Although, any set of primes or relatively prime integers can be used
as base of a representation, to align with the theory developed so far we use Bk as
(k)
our base set. Let Sn be the set of multi-base graphs representing n using the set
(k)
of bases Bk . Let P (n) be the number of multi-base representation of n using the
base set Bk . The correspondence between this new notation and the older one is:
Sn = Sn(2) ,

P (n) = P (2) (n),

Tn = Sn(3) ,

Q(n) = P (3) (n).

Moreover, we have now these notations for the binary representations also. The
number of binary representation of an integer n is P (1) (n), which is 1 for all n.
The following theorem can be proved by induction on l.
Theorem 4. For any positive integer n,
[ (l−1) (l)
[ [ (l−1) (l)
(9) Sn(l) = Sn(l−1) (Sn−bl ⊕ S1 ) · · · (Sn−bl k ⊕ Sk )

where bl is the l-th prime base and k = ⌊n/bl ⌋.

Also,

P (l) (n) = P (l−1) (n) + P (l−1) (n − bl )P (l) (1) + · · · + P (l−1) (n − bl k)P (l) (k)
(10)
= Σki=0 P (l−1) (n − 5i)P (l) (i).

Advances in Mathematics of Communications Volume 2, No. 2 (2008), 159–173

168 P. K. Mishra and V. Dimitrov

n P (n) P5 (n) P (3) (n) P (4) (n)

10 5 3 8 10
20 12 5 32 48
50 72 18 489 1266
100 402 55 8425 43777
150 1296 119 63446 586862
200 3027 223 316557 4827147
300 11820 569 4016749 142196718
Table 2. Values of P (n), P5 (n), P (3) (n) and P (4) (n) for some
small values of n

For example, if we use 4 bases, namely, the base set B4 = {2, 3, 5, 7}, then the
sequence P (4) (n) of number of multi-base representations of an integer n using B4 ,
satisfies the following recurrence relation:

P (4) (n) = P (3) (n) + P (3) (n − 7)P (4) (1) + · · · + P (3) (n − 7k)P (4) (k)
(11)
= Σki=0 P (3) (n − 7i)P (4) (i)

where k = ⌊n/7⌋.
We have carried out numerous experiments using the above relations. The num-
ber of representations of n grows very fast in the number of base elements. For
example 100 has 402 DBNS representation (base 2 and 3), 8425 representations
using the bases 2, 3 and 5 and has 43777 representations using the bases 2, 3, 5,
and 7. The number of representations for some values of P (l) (n) for l = 2, 3, 4 for
various n have been given in Table 4. This gives some idea about the degree of
redundancy of multi-base representations.

5. Consequences
In this section, we study some properties of the sequence, Ps (n), the number of
double base representations of n using the bases 2 and s. Note that P3 (n), P (2) (n)
and P (n) are the same sequence representing the number of DBNS representation
of n using 2 and 3 as bases. We first establish some properties of P (n)(= P3 (n))
and then generalize them to Ps (n) for any s ≥ 3.
Substituting l = 2 in Equation (10), we get

(12) P (2) (n) = P (1) (n) + P (1) (n − 3)P (2) (1) + · · · + P (1) (n − 3k)P (2) (k)

where k = ⌊n/3⌋. Using the older notation P (n) for P (2) (n) and the fact that
P (1) (n) = 1 for all n, we get

(13) P (n) = 1 + P (1) + · · · + P (⌊n/3⌋).

This is another interesting relation satisfied by P . It can be checked that for
n < 10, P (n) is a multiple of 3 for n = 6, 7, 8 only. But number of such n’s increase
rapidly as we consider bigger limits. An interesting question could be: for which n,
P (n) is a multiple of 3? More generally, for what values of n, is Ps (n) divisible by
n? We provide the answer in this section. We start with the following lemma:

Lemma 1. If 9 | n then P (n) ≡ P (n/3) (mod 3).

Advances in Mathematics of Communications Volume 2, No. 2 (2008), 159–173

 Combinatorial interpretation of DBNS 169

Proof. Let n = 9N . Then

P (n) = P (9N )
= 1 + P (1) + · · · + P (3N )
(14)
= 1 + P (1) + P (2) + · · · + P (3(N − 1)) + P (3(N − 1) + 1)
+ P (3(N − 1) + 2) + P (3N ).
But as P (3k) = P (3k + 1) = P (3k + 2) and P (1) = P (2) = 1, so the last expression
is same as
3 + 3P (3) + · · · + 3P (3(N − 1)) + P (3N ) ≡ P (3N ) (mod 3).
This proves the lemma.
As we know P (3) = 2 and P (3k) = P (3k +1) = P (3k +2), the following corollary
is immediate.
Corollary 4. For any l ≥ 0, P (3l + r) ≡ 2 (mod 3) for r = 0, 1, 2.
The following lemma is useful in proving the next theorem.
Lemma 2. If P (n) ≡ 0 (mod 3), then P (3n + r) ≡ 0 (mod 3) for r = 0, 1, 2.
Proof. Let n = 3q + r1 , r1 = 0, 1, 2. Then P (3q) = P (n) ≡ 0 (mod 3). We have
P (3n + r) = P (3n)
= 1 + P (1) + · · · + P (n)
(15)
= 1 + P (1) + · · · + r1 P (3q)
≡0 (mod 3),
because all P (i)’s before P (3q) occur in triples with equal values and P (3q) ≡ 0
(mod 3).
It is seen empirically that for a 16-bit numbers n, more than 95% of P (n)’s are
divisible by 3. What are the numbers for which P (n) is congruent to 0 modulo 3?
We answer this interesting question in the next theorem.
Theorem 5. For any integer n, 3 ∤ P (n) if and only if n = 3a1 + 3a2 + · · · + 3at + r,
for some integer t, a1 > · · · > at ≥ 1 and r = 0, 1, 2.
Proof. (Sufficiency) Let n be an integer in the given form. Let n = 3a1 + 3a2 + · · · +
3at + r. Without loss of generality, we can assume that r = 0. We use induction on
the highest power of 3 occurring in the ternary expansion of n to prove the result.
We know, P (3) = P (4) = P (5) = 2. Hence, the assertion is true if a1 = 1. Let
it be true for a1 = k. Let us consider P (N ) for some N = 3k+1 + 3a2 + · · · + 3al .
Clearly, al ≥ 1. If al ≥ 2, then 9 | N . Let N = 3L. Then by Lemma 1, P (N ) ≡
P (N/3) = P (L) (mod 3). But by induction hypothesis, P (L) ∤ 0 (mod 3). Thus,
the hypothesis is true if al ≥ 2. Let us consider the case al = 1. Then, N/3 =
3k + 3a2 −1 + · · · + 3al−1 + 1 = 3L + 1 (say).
Now,
P (N ) = 1 + P (1) + · · · + P (3L + 1)
(16) = 1 + P (1) + · · · + P (3L) + P (3L + 1)
≡ P (3L) + P (3L + 1) (mod 3).
By induction hypothesis, P (3L) = P (3L + 1) 6≡ 0 (mod 3). Hence, P (N ) 6≡ 0
(mod 3). This proves the sufficiency of the assertion.
Advances in Mathematics of Communications Volume 2, No. 2 (2008), 159–173
170 P. K. Mishra and V. Dimitrov

(Necessity) To prove the necessity part, we have to show that if 3 ∤ P (n), then n
is in the form stated in the theorem. Again, we can neglect r.
We will prove that if n is not of the given form, then 3 | P (n). Let ct 3t + · · · +
c1 3 + c0 be the ternary representation of n. Note that, n is of the desired form if
ci = 0 or 1 for 1 ≤ i ≤ t and c0 = 0, 1 or 2. That is the ternary representation
does not contain 2 except possibly for the least significant place. Suppose n is
not in the desired form. So, n has at least one 2 at a place other than the least
significant place in its ternary representation. Also, without loss of generality we
can assume that n has 0 at the least significant place, i. e., n is divisible by 3.
Starting from the most significant place, let k be the first index where ci = 2. That
is n = ct 3t + · · ·+ ck+1 3k+1 + 2.3k + ck−1 3k−1 + · · ·+ c1 3. Let us consider the number
N1 = ct 3t−k+1 + · · · + ck+1 32 + 2 × 3. We have,
(17) n = 3(· · · 3(3(N1 + ck−1 ) + ck−2 ) + · · · + c1 ) + c0 .
Also, let N2 = ct 3t−k + · · · + ck+1 31 + 2, so that N1 = 3N2 . Also, let N3 =
ct 3t−k−1 + · · · + ck+1 , so that N2 = 3N3 + 2.
Now,
P (N1 ) = P (3N2 )
= 1 + P (1) + P (2) + · · · + P (N2 )
= 1 + P (1) + P (2) + · · · + P (3N3 + 2)
(18)
= 1 + P (1) + P (2) + · · · + P (3N3 ) + P (3N3 + 1) + P (3N3 + 2)
= 3 + · · · + 3P (3N3 )
≡0 (mod 3).
Now, applying Lemma 2, we see that
P (3N2 + ck−1 ) ≡ 0 (mod 3).
Continuing likewise and using Equation (17), we conclude that P (n) is a multiple
of 3. This completes the proof of the theorem.

From Theorem 5, we can conclude that there are exactly 3 × 2n−1 numbers be-
tween 0 and 3n − 1 for which P (n) is not divisible by 3.

Generalization to Ps
As defined before, Ps (n) stands for the number of DBNS representation of n
using the bases 2 and s. All the arguments given in the proofs of this section carry
over to this general case. Hence omitting the proofs, we can state the following
results about the sequence Ps (n).
It can be proved that if one uses 2 and s as the bases in the double base number
system and Ps represents the number of representation of an integer n then,
(19) Ps (n) = 1 + Ps (1) + · · · + Ps (⌊n/s⌋).
Lemma 1 and Corollary 4 about Ps (n) can be easily established.
Lemma 3. If s2 | n then Ps (n) ≡ Ps (n/s) (mod s).
Corollary 5. For any l ≥ 0, Ps (sl + r) 6≡ 0 (mod s) for r = 0, 1, · · · , (s − 1).
Lemma 4. If Ps (n) ≡ 0 (mod s), then Ps (sn+r) ≡ 0 (mod s) for r = 0, 1, · · · , (s−
1).
Advances in Mathematics of Communications Volume 2, No. 2 (2008), 159–173
 Combinatorial interpretation of DBNS 171

Theorem 6 which is a straightforward generalization of Theorem 5 can be proved

very similarly.
Theorem 6. For any integer n, s ∤ P (n) if and only if n = sa1 + sa2 + · · · + sat + r,
for some integer t, a1 > · · · > at ≥ 1 and r = 0, 1, · · · , (s − 1).

6. Conclusion
In the current article, we have proposed a graph theoretic representation of in-
tegers using double and multi-base number system. The representation can be
a powerful tool to study the structure of these system of representation. These
number representations are highly redundant. We have proposed and proved some
interesting relations satisfied by the number of double/multi- base representation
of an integer n. Most of the proofs are based on simple graph theoretic arguments.

Appendix A. A discussion on Corollary 1

For interested readers a few comments on the Corollary 1 are due. The recurrence
defined in (3) is not new. It has been studied in connection with partition of an
integer into in specific forms. Also, as we have mentioned in Section 2, the DBNS-
graphs can be easily generalized to the case of a representation of numbers as sum
of terms of the form 2a sb - where s is an odd integer larger than 1. In this case the
formula for the number of partitions of a positive integers as the sum of numbers
of the numbers of the form 2a sb becomes
(
Ps (n − 1) + Ps (n/s) if s | n,
(20) Ps (n) =
Ps (n − 1) otherwise.
Note that computing the values of Ps (n) for large n using a recursive program
would requires several level of recursion and hence a huge chunk of memory. There-
fore, there is need to find a function, which approximates Ps (n) reasonably well for
large values of n.
Apparently, Mahler [15] was the first who consider the problem to find a good
approximation of Ps (n). His work from 1940 on the Mordell’s functional equation
f (z + ω) − f (z)
(21) = f (qz)
ω
where ω and q are real constants. He succeeded in proving the first non-trivial
approximation of Ps (n), namely, that
(log n)2
(22) log Ps (sn) ≈ .
2 log s
In 1953, Pennington [18] has obtained an incredibly good approximation of
log Ps (sn)
1 n 2 1 1 log log s
(23) log Ps (sn) = (log ) +( + + ) log n
2 log s log n 2 log s log s
log log s
−(1 + ) log log n + O(1).
log s
The error term, O(1) in (23), is of the form
log n − log log n
ψ( ) + o(1)
log s
Advances in Mathematics of Communications Volume 2, No. 2 (2008), 159–173
172 P. K. Mishra and V. Dimitrov

where ψ(x) is a certain periodic function with period 1. Formula (23) allows us
to obtain an extremely accurate estimation of the number of partitions of n as the
sum of integers of the form 2a sb :
nC1 log n nC2 (log n)C1 log log n
(24) Ps (sn) = eO(1) ( )
n2C1 log log n log nC3 log n
where C1 , C2 and C3 are constants depending upon s only. Our numerical simu-
lations the term eO(1) fluctuated between 1 and 2. We have investigated the case
s = 3 and found that formula (24) very well approximates the exact number of
partitions of positive integers as the sum of positive integers of the form 2a 3b . For-
mula (24) also gives a very precise idea about the redundancy of the double-base
representations.

References
[1] R. M. Avanzi, V. Dimitrov, C. Doche and F. Sica, Extending scalar multiplication to double
bases, in “ASIACRYPT 2006” (eds. X. Lai and K. Chen), Springer-Verlag, (2006), 130–144.
[2] R. M. Avanzi and F. Sica, Scalar multiplication on Koblitz curves using double bases, in
“Progressin Cryptology - VIETCRYPT 2006,” Springer-Verlag, (2006), 131–146.
[3] V. Berthé and L. Imbert, On converting numbers to the double-base number system, in “Ad-
vanced Signal Processing Algorithms, Architecture and Implementations XIV” (ed. F.T. Luk),
SPIE, (2004), 70–78.
[4] W. Bosma, Signed bits and fast exponentiation, J. Théor. Nombres Bordeaux, 13 (2001),
27–41.
[5] M. Ciet, M. Joye, K. Lauter and P. L. Montgomery, Trading inversions for multiplications
in elliptic curve cryptography, Des. Codes Cryptogr., 39 (2006), 189–206.
[6] M. Ciet and F. Sica, An analysis of double base number systems and a sublinear scalar
multiplication algorithm, in “Progress in Cryptology - Proceedings of Mycrypt 2005” (eds. E.
Dawson and S. Vaudenay), Springer, (2005), 171–182.
[7] B. M. M. de Weger, “Algorithms for Diophantine Equations,” Centrum voor Wiskunde en
Informatica, Amsterdam, 1989.
[8] V. Dimitrov, L. Imbert and P. K. Mishra, Efficient and secure elliptic curve point multiplica-
tion using double-base chains, in “Advances in Cryptology—ASIACRYPT 2005,” Springer,
(2005), 59–78.
[9] V. Dimitrov, L. Imbert and P. K. Mishra, The double base number system and its application
to elliptic curve cryptography, Math. Comp., 77 (2008), 1075–1104.
[10] V. Dimitrov, K. U. Järvinen, M. J. Jacobson, W. F. Chan and Z. Huang, FPGA implemen-
tation of point multiplication on Koblitz curves using Kleinian integers, in “Cryptographic
Hardware and Embedded Systems - CHES 2006” (eds. L. Goubin and M. Matsui), Springer-
Verlag, (2006), 445–459.
[11] V. S. Dimitrov, G. A. Jullien and W. C. Miller, An algorithm for modular exponentiation,
Inform. Process. Lett., 66 (1998), 155–159.
[12] V. S. Dimitrov, G. A. Jullien and W. C. Miller, Theory and applications of the double-base
number system, IEEE Transactions on Computers, 48 (1999), 1098–1106.
[13] C. Doche, T. Icart and D. Kohel, Efficient scalar multiplication by isogeny decompositions,
in “Proceedings of PKC 2006,” Springer-Verlag, (2006), 191–206.
[14] C. Doche and L. Imbert, Extended double-base number system with applications to ellip-
tic curve cryptography, in “Progress in Cryptology - INDOCRYPT 2006,” Springer-Verlag,
(2006), 335–348.
[15] K. Mahler, On a special functional equation, J. London Math. Soc., 15 (1940), 115–123.
[16] P. K. Mishra and V. Dimitrov, Efficient quintuple formulas and efficient elliptic curve scalar
multiplication using multibase number representation, in “Information Security Conference
2007,” Springer-Verlag, (2007), 390–404.
[17] P. K. Mishra and V. Dimitrov, Window-based elliptic curve scalar multiplication using double
base number representation, to appear in Inscrypt 2007.

Advances in Mathematics of Communications Volume 2, No. 2 (2008), 159–173

 Combinatorial interpretation of DBNS 173

[18] W. B. Pennington, On Mahler’s partition problem, Annals of Math., 57 (1953), 531–546.

[19] G. W. Reitwiesner, Binary arithmetic, Adv. Comput., 1 (1960), 231–308.
[20] R. Tijdeman, On the maximal distance between integers composed of small primes, Compo-
sitio Math., 28 (1974), 159–162.

Received September 2007; revised February 2008.

E-mail address: [email protected]
E-mail address: [email protected]

Advances in Mathematics of Communications Volume 2, No. 2 (2008), 159–173