cleaned up

CHANGELOG.md

@@ -5,6 +5,7 @@
 ### Breaking changes
 
 - [\#300](https://github.com/arkworks-rs/algebra/pull/300) (`ark-ec`) Change the implementation of `Hash` trait of `GroupProjective` to use the affine co-ordinates.
+- [\#302](https://github.com/arkworks-rs/algebra/pull/302) (`ark-ff`) Rename `find_wnaf` to `find_naf`.
 - [\#310](https://github.com/arkworks-rs/algebra/pull/310) (`ark-ec`, `ark-ff`) Remove unnecessary internal `PhantomData`.
 - [\#333](https://github.com/arkworks-rs/algebra/pull/333) (`ark-poly`) Expose more properties of `EvaluationDomain`s.
 - [\#338](https://github.com/arkworks-rs/algebra/pull/338) (`ark-ec`) Add missing `UniformRand` trait bound to `GroupAffine`.

ff/src/biginteger/arithmetic.rs

@@ -66,8 +66,8 @@ pub(crate) fn mac_discard(a: u64, b: u64, c: u64, carry: &mut u64) {
     *carry = (tmp >> 64) as u64;
 }
 
-/// Compute the Window NAF (non-adjacent form) of num
-pub fn find_wnaf(num: &[u64]) -> Vec<i64> {
+/// Compute the NAF (non-adjacent form) of num
+pub fn find_naf(num: &[u64]) -> Vec<i64> {
     let is_zero = |num: &[u64]| num.iter().all(|x| *x == 0u64);
     let is_odd = |num: &[u64]| num[0] & 1 == 1;
     let sub_noborrow = |num: &mut [u64], z: u64| {
@@ -120,8 +120,21 @@ pub fn find_wnaf(num: &[u64]) -> Vec<i64> {
     res
 }
 
+// We define relaxed NAF as a variant of NAF with a very small tweak.
+//
+// Note that the cost of scalar multiplication grows with the length of the sequence (for doubling)
+// plus the Hamming weight of the sequence (for addition, or subtraction).
+//
+// NAF is optimizing for the Hamming weight only and therefore can be suboptimal.
+// For example, NAF may generate a sequence (in little-endian) of the form ...0 -1 0 1.
+//
+// This can be rewritten as ...0 1 1 to avoid one doubling, at the cost that we are making an
+// exception of non-adjacence for the most significant bit.
+//
+// Since this representation is no longer a strict NAF, we call it ``relaxed NAF''.
+//
 pub fn find_relaxed_naf(num: &[u64]) -> Vec<i64> {
-    let mut res = find_wnaf(num);
+    let mut res = find_naf(num);
 
     let len = res.len();
     if res[len - 2] == 0 && res[len - 3] == -1 {

ff/src/fields/models/fp12_2over3over2.rs

@@ -59,7 +59,7 @@ impl<P: Fp12Parameters> QuadExtConfig for Fp12ParamsWrapper<P> {
         fe_inverse.conjugate();
 
         let mut found_nonzero = false;
-        let naf = crate::biginteger::arithmetic::find_wnaf(exponent.as_ref());
+        let naf = crate::biginteger::arithmetic::find_naf(exponent.as_ref());
 
         for &value in naf.iter().rev() {
             if found_nonzero {

ff/src/fields/models/quadratic_extension.rs

@@ -103,7 +103,7 @@ pub trait QuadExtConfig: 'static + Send + Sync + Sized {
         self_inverse.conjugate();
 
         let mut found_nonzero = false;
-        let naf = crate::biginteger::arithmetic::find_wnaf(exponent.as_ref());
+        let naf = crate::biginteger::arithmetic::find_naf(exponent.as_ref());
 
         for &value in naf.iter().rev() {
             if found_nonzero {