Let <math>G_1, G_2</math> be two additive cyclic groups of prime order <math>q</math>, and <math>G_T</math> another cyclic group of order <math>q</math> written multiplicatively. A pairing is a map: <math> e: G_1 \times G_2 \rightarrow G_T </math>, which satisfies the following properties:
#; Computability: there exists an efficient algorithm to compute <math>e</math>.
== Classification ==
Line 13:
Some researchers classify pairing instantiations into three (or more) basic types:
* '''Type 1''':# <math> G_1 = G_2</math>;
* '''Type 2''':# <math> G_1 \ne G_2</math> but there is an ''efficiently computable'' [[homomorphism]] <math>\phi : G_2 \to G_1</math>;
* '''Type 3''':# <math> G_1 \ne G_2</math> and there are no ''efficiently computable'' homomorphisms between <math>G_1</math> and <math>G_2</math>.<ref name="pfc">{{cite journal|last1=Galbraith|first1=Steven|last2=Paterson|first2=Kenneth|last3=Smart|first3=Nigel|title=Pairings for Cryptographers|journal=Discrete Applied Mathematics|date=2008|volume=156|issue=16|pages=3113–3121|doi=10.1016/j.dam.2007.12.010}}</ref>
