There is provided a pairing computation device provided with a CPU which computes pairing e(S,Q) with SεG1, QεG2, χ being a given integer variable, and F being a rational function calculated using Miller's algorithm with respect to multi-pairing (MMA). An order r, a trace t of the Frobenius endomorphism φp are specified preliminarily using the integer variable χ according to an embedding degree k. The CPU performs pairing computation by means of: an input unit which inputs the integer variable χ, the rational point S, and the rational point Q into respective predetermined registers; a computation unit which computes F; a computation unit which computes a value at a rational point Q(xQ, yQ) of a straight line passing through given rational points; a computation unit which computes f′ χ,S(Q) using the aforementioned F and the value; and a computation unit which computes the pairing e(S,Q) using aforementioned f′ χ,S(Q) as [F83].[F83] e(S,Q)=f′χ,S(Q)(pk−1)/r.