Panther Protocol Documentation
WebsiteBlogTwitterGovernance ForumVoting
  • ๐Ÿ“˜Start Here
    • Get Started
    • What is Panther?
    • Who is Panther for?
    • Realized vision and use cases
  • ๐Ÿ”ฉPanther Core
    • Testnet dApp
    • Mainnet Beta (Canary)
    • Panther Transactions
      • Shielded Pool
      • zAssets
      • zAccount
      • zTrade (OTC Trading)
    • Panther Compliance
      • User Reveals
        • History CSV Export
      • Forensic Reveals
  • ๐ŸŒŒEcosystem
    • Ecosystem roles
      • Compliance Providers
      • Relayer
      • zMiner
        • Get Started
      • Zone Manager
        • Get Started
    • Fees & Rewards
  • โš™๏ธInteroperability
    • DeFi Adaptors
      • zSwap
        • Economic optimization of swaps
    • Multi-chain
  • ๐Ÿ“šLEARN
    • Glossary
    • UTXOs
      • UTXO Model
      • UTXO Cryptography
      • Merkle Trees
    • โš—๏ธCryptographic Primitives
      • ZK proofs
      • ZK SNARKs
        • Groth16
      • Homomorphic encryption
      • Hash functions
      • Poseidon
      • Other Privacy Enhancing Technologies (PETs) used by Panther
      • Elliptic curves
      • Pairings
    • ๐Ÿ”“Security Audits
    • ๐ŸคCommunity
    • ๐Ÿ“šResources
  • Panther DAO
    • DAO and Decentralization
      • Governance Framework
    • Road to decentralization
      • Decentralization Tool
  • Changelog
    • Product versions
    • Oshiya
    • Panther Testnet
      • Stage 0
      • Stage 1
      • Stage 2
      • Stage 3
      • Stage 4
      • Stage 5
      • Stage 6
      • Stage 7
      • Stage 8
      • Mainnet Beta (Canary)
Powered by GitBook
On this page
Export as PDF
  1. LEARN
  2. Cryptographic Primitives

Pairings

PreviousElliptic curvesNextSecurity Audits

Last updated 11 months ago

Pairings, or bilinear pairings or Weil pairings, are mathematical operations defined on certain types of elliptic curves. Pairings have important applications in modern cryptography and enable various cryptographic protocols and constructions. Generally, a pairing is a bilinear map that takes two points from different groups and maps them to a target group. The bilinearity property means that the pairing operation satisfies specific algebraic properties, such as linearity and distributivity. Pairings are typically defined on elliptic curves with special properties, such as those that are pairing-friendly or provide a suitable algebraic structure for efficient computation of pairings. Pairing-friendly curves are carefully chosen curves that allow for efficient and secure implementation of pairings.

Some key properties and applications of pairings include:

  1. Bilinearity: Pairings exhibit a bilinear property, meaning they preserve the properties of addition and scalar multiplication in the groups involved. This property allows for computations involving pairings to be distributed across different groups and enables the construction of complex cryptographic protocols.

  2. Cryptographic Constructions: Pairings are used in various cryptographic constructions and protocols, including identity-based encryption, attribute-based encryption, cryptographic accumulators, and non-interactive Zero-Knowledge proofs. Pairings provide the necessary mathematical operations to achieve desired security properties in these applications.

  3. Homomorphic Properties: Some pairings, such as those on specific curves like the BLS12-381 curve, exhibit homomorphic properties. Homomorphic pairings enable computation on encrypted or encoded data without decrypting or revealing the underlying values. This property is particularly useful in privacy-preserving computations and protocols.

  4. Efficiency and Security: Pairings can be efficiently computed on pairing-friendly curves, which enables the practical implementation of cryptographic protocols. Pairings are based on hard mathematical problems, such as the decisional Diffie-Hellman problem or the bilinear Diffie-Hellman problem, providing a foundation for cryptographic security. Pairings have revolutionized many areas of modern cryptography by enabling advanced cryptographic primitives and protocols. They provide a versatile and powerful toolset for achieving security, privacy, and efficient computation in various cryptographic applications.

Mathematically speaking, a pairing is a bilinear mapping as follows:

e:G1ร—G2โ†’GT.e : G_1 ร— G_2 โ†’ G_T .e:G1โ€‹ร—G2โ€‹โ†’GTโ€‹.

It is this bilinearity property that makes pairings such a powerful primitive in cryptography. Let Fqk\mathbb{F}_{q^k}Fqkโ€‹be a finite extension of Fp\mathbb{F}pFp with kโ‰ฅ1k \geq 1kโ‰ฅ1. The groups G1\mathbb{G}_1G1โ€‹ and G2\mathbb{G}2G2 are defined in E(Fqk)E(\mathbb{F}_{q^k})E(Fqkโ€‹) and the target group GT\mathbb{G}_TGTโ€‹ is defined in the multiplicative group Fqkโˆ—\mathbb{F}^*_{q^k}Fqkโˆ—โ€‹, so we usually write G1\mathbb{G}_1G1โ€‹and G2\mathbb{G}_2G2โ€‹ additively, whilst we write GT\mathbb{G}_TGTโ€‹ multiplicatively. Thus, for P,Pโ€ฒ;โˆˆG1P, P^{\prime} ;\in \mathbb{G}_1P,Pโ€ฒ;โˆˆG1โ€‹ and Q,Qโ€ฒ;โˆˆG2Q,Q^{\prime} ;\in \mathbb{G}_2Q,Qโ€ฒ;โˆˆG2โ€‹, the bilinearity of eee means that

e(P+Pโ€ฒ,Q)=e(P,Q)โ‹…e(Pโ€ฒ,Q),e(P + P^{\prime},Q) = e(P,Q) ยท e(P^{\prime},Q),e(P+Pโ€ฒ,Q)=e(P,Q)โ‹…e(Pโ€ฒ,Q),

e(P,Q+Qโ€ฒ)=e(P,Q)โ‹…e(P,Qโ€ฒ)e(P,Q + Q^{\prime}) = e(P,Q) ยท e(P,Q^{\prime})e(P,Q+Qโ€ฒ)=e(P,Q)โ‹…e(P,Qโ€ฒ)

๐Ÿ“š
โš—๏ธ