标签：cryptographic What 14 G1 pairing 52 pairings 配对 G2

52 Things: Number 14: What is a cryptographic pairing?

52件事：第14条：什么是密码配对？

  This is the latest in a series of blog posts to address the list of '52 Things Every PhD Student Should Know' to do Cryptography: a set of questions compiled to give PhD candidates a sense of what they should know by the end of their first year. We build on the previous few weeks by introducing the notion of a pairing.
这是一系列博客文章中的最新一篇，旨在解决“每个博士生都应该知道的52件事”做密码学：这是一组问题，旨在让博士生在第一年结束时了解他们应该知道什么。在前几周的基础上，我们引入了配对的概念。

Pairing definition: Given 3 cyclic groups G1,G2,G3 of order q with generators g1,g2,g3 respectively. We say a function e:G1×G2→G3 is a pairing if the following hold:
配对定义：给定3个循环群 G1,G2,G3 ，顺序为 q ，分别具有生成器 g1,g2,g3 。如果以下条件成立，我们称函数 e:G1×G2→G3 是一对：

1. [bilinearity] ∀A,B∈G1,C,D∈G2: e(A+B,C)=e(A,C)⋅e(B,C) and e(A,C+D)=e(A,C)⋅e(A,D)
   [双线性] ∀A,B∈G1,C,D∈G2 ： e(A+B,C)=e(A,C)⋅e(B,C) 和 e(A,C+D)=e(A,C)⋅e(A,D)
2. [non-dengeneracy] e(g1,g2)≠1 [不确定性] e(g1,g2)≠1
3. [efficiency] e is efficiently computable
   [efficiency] e 是可高效计算的

Types of pairing: There are 3 type of pairings that will be described below:
配对类型：有3种类型的配对，将在下面进行描述：

1. G1=G2
2. G1≠G2 but there is an efficiently computable isomorphism from G2 to G1 and maps the generator g2 to g1
   G1≠G2 ，但存在从 G2 到 G1 的有效可计算同构，并将生成器 g2 映射到 g1
3. G1≠G2 and there is no efficiently computable isomorphism
   G1≠G2 并且不存在有效可计算同构

The last two are asymmetric pairings while the first is a symmetric pairing.
最后两个是不对称配对，而第一个是对称配对。

A warning on pairings: It feels like I am always having a warning section in each of my blogs but these are important and I feel should be included. In type 1 (and can be shown similarly for type 2) pairings (this doesn't mean type 3 are safe) the DDH problem (given g,gx,gy,gz does z=x⋅y) is easy since you can check if e(gx,gy)=$e(gz,g). Another thing to be careful of is that it is possible to make a pairing that does everything you want it to,
关于配对的警告：感觉我的每个博客中都有一个警告部分，但这些都很重要，我觉得应该包括在内。在类型1（对于类型2可以类似地显示）配对中（这并不意味着类型3是安全的），DDH问题（给定 g,gx,gy,gz 做 z=x⋅y ）很容易，因为你可以检查#2是否存在。另一件需要注意的事情是，可以进行任何你想进行的配对，

Uses of pairings: Pairings have a wide range of uses, including; cryptanalysis, Identity Based Encryption, Attribute Based Encryption and Leakage Resilient Cryptography.
配对的用途：配对有广泛的用途，包括；密码分析、基于身份的加密、基于属性的加密和泄漏弹性密码学。

Instantiation of pairings: The only way we know how to instantiate pairings is over elliptic curves (see the last few blogs in the 52 things series) and this is another reason why elliptic curves have become so desirable in cryptography. More recently Multi-Linear Maps have appeared in the literature which work over different groups. However, that is a story for another time...
配对的实例化：我们知道如何实例化配对的唯一方法是在椭圆曲线上（请参阅52件事系列的最后几篇博客），这也是椭圆曲线在密码学中如此受欢迎的另一个原因。最近，多线性映射出现在针对不同群体的文献中。然而，这是另一个时代的故事。。。

标签：cryptographic,What,14,G1,pairing,52,pairings,配对,G2
From： https://www.cnblogs.com/3cH0-Nu1L/p/18106048