Background:
In Wikipedia (bilinear map definition), a condition listed as the following:
For any $lambda in F, {displaystyle B(lambda v,w)=B(v,lambda w)=lambda B(v,w)}$
In a math.stackexchange post, i saw this comment:
which defines bilinearity in the same way as the Wikipedia link. So I assume, the above definition of bilinearity is correct.
Now, the problem:
in the pairing-based cryptography setting:
the bilinearity is defined as such:
${displaystyle forall a,bin F_{q}^{*}, forall Pin G_{1},Qin G_{2}: eleft(aP,bQright)=eleft(P,Qright)^{ab}}$
The question:
in math: bilinearity is: $eleft(aP,bQright)=eleft(P,Qright)ab$ (a and b have become coefficients)
in crypto: bilinearity is: $eleft(aP,bQright)=eleft(P,Qright)^{ab}$ (a and b have become exponents)
Why is this difference? Aren’t the definitions conflicting with each other? In wicktionary I saw the following explanation:
Linear (preserving linear combinations) in each variable.
How come $eleft(aP,bQright)=eleft(P,Qright)^{ab}$ is preserving the linear combinations? Isn’t exponent and coefficients are very different and not linear with each other?
Obviously, math is correct, and crypto is also correct. So, I really appreciate if someone can point out to me where am I missing the details or misinterpreting them?
P.S: someone in crypto.stackexchange defined the bilinearity as:
Bilinear: for all g ∈ 𝐺1 and a; b ∈ $Z_{q}^{*}, e(g^a, g^b) = e(g,g)^{a,b}$
I haven’t seen this notation at all. Is the definition of bilinearity loose? So there can be multiple definitions? If so, why and how?
