With pairing-based cryptography we have two cyclic groups (\(G_1\) and \(G_2\)), and which are of an order of a prime number (\(n\)). A pairing on \((G_1,G_2,G_T)\) defines the function \(e:G_1 \times G_2 \rightarrow G_T\), and where \(g_1\) is a generator for \(G_1\) and \(g_2\) is a generator for \(G_2\). If we have the points of \(U_1\) and \(U_2\) on \(G_1\) and \(V_1\) and \(V_2\) on \(G_2\), we get the bilinear mapping of:
\(e(aP,bQ) = e(P,abQ) = e(abP,Q) = e(P,Q)^{ab}\)
and where \(P\) is a point on \(G_2\) and \(Q\) a point on \(G_1\). With BLS (Boneh–Lynn–Shacham) signatures [1], we create a private key (\(sk\)) and then generate a public key on the \(G_2\) group as \(pk=sk.G\) and where \(G\) is the base point on the \(G_2\) group. The message (\(Msg\)) is then hash to the \(G_1\) group, and the signature (\(S\)) is \(S=sk.HashToCurve(M)\). We can check the signature using pairings. Overall we hash the message (\(Msg\)) and the signature (\(S\)) to the \(G_1\) group and add the public key (\(P\)) to the \(G_1\) group, and then use pairings to check the signature: \(e(G,S) = e(P,H(Msg))\), and where \(G\) is the base point on the \(G_1\) group.