Try   HackMD

Concept Of Blinding Polynomials in ZKP

Blinding polynomials are mathematical constructs used in zero-knowledge proof systems, particularly in polynomial commitment schemes, to hide or "blind" the actual polynomials being proved while maintaining their mathematical properties and structure. A blinding polynomial is essentially a random polynomial that's added to the original polynomial to mask its coefficients, the resulting sum preserves the mathematical properties needed for the proof while hiding the actual values.

Mathematical Representation: Let's say you have an original polynomial

P(x). The blinded version would be:
Pblinded(x)=P(x)+R(x)
where
R(x)
is the random blinding polynomial.

The blinding polynomial

R(x) needs to be;

  1. Choosen randomly
  2. Have the same of higher degree as
    P(x)
    to properly mask all coefficients
  3. The Coeffiecients of
    R(x)
    are choosen from a large field to ensure security

R(x) needs to be constructed in such a way that on adding it to
P(x)
the structure of
P(x)
remains; this can be achieved by;

  1. generating the randoms field elements using it as the coeffiecents to create a polynomial rand_polynomial.
  2. Multiply this polynomial with the vanishing_polynomial; it is important to note, vanishing polynomial construction varies with the nature of domain of the polynomial (e.g. Real numbers, Roots of unity and so on).
  3. The blinding_polynomial is not given by;
    R(x)=rand_polynomialvanishing_polynomial
  4. To obtain the blinded_polynomial, perform this operation;
    Pblinded(x)=P(x)+R(x)
    .

Constructing Vanishing Polynomial when Domain = Real Numbers The vanishing polynomial

Z(X) for a set of points
S={α1,α2,...,αn}
is:

Z(X)=i=1n(Xαi)

impling these properties;

  1. Z(αi)=0
    for all
    αiS
  2. Z(X)0
    for all
    XS
  3. Degree of
    Z(X)
    is
    |S
    | (size of the set)

Constructing Vanishing Polynomial when Domain = Roots of Unity Constructing the vanishing polynomial in this domian is alot more less complicated, it can be represented by the given equation;

ZH(X)=Xn1 Where
n
is the size of the evaluation domain (expressed as roots of unity).

Understanding blinding polynomials is crucial for implementing secure and private zero-knowledge proof systems while maintaining the mathematical integrity of the underlying computations.