Setup(1λ,N): This function outputs pp=PC.Setup(1λ,d).
We consider an input x with size of 32. Hence, ni=32. Considering a program which requires 4 gates for its arithmatization, we have ng=4. In this example, the maximum number of registers which are changed during the execution is nr=2 (Please see Example 2 in the Commitment phase). If the computation is done in F of order p=1,678,321, ∣F∣=1678321. Also, ∣H∣=n=ng+ni+1=37. Also, b is a random number in { 1,...,∣F∣−∣H∣} = { 1,...,1678321−37=1678284 } such as b=2. Also, m=2ng=8, ∣w∣=ng−nr=2, ∣K∣=m=8. Hence:
d= { dAHP(N,i,j) } $_{i=0,1,...,k_AHP, j=1,2,..,s_AHP(i)}^{}$ = { 8,8,8,8,8,8,8,8,8,4,39,39,39,40,75,36,38,36,36,7,42 }
Now, we run KZG.Setup(1λ,d), considering a generator of F, g=11, for each element in d:
KZG.Setup(1λ,138)=(ck,vk)= ({ gτi } $_{i=0}^{137}$, gτ)
that for secret element τ=119 and generator g=11 outputs ck= { gτi } $_{i=0}^{137}$ =(11,1309,...) and vk=1309.
KZG.Setup(1λ,4)=(ck,vk)= ({ gτi } $_{i=0}^{3}$, gτ)
that for secret element τ=119 and generator g=11 outputs ck= { gτi } $_{i=0}^{3}$ =(11,1309,...) and vk=1309.
KZG.Setup(1λ,39)=(ck,vk)= ({ gτi } $_{i=0}^{38}$, gτ)
that for secret element τ=119 and generator g=11 outputs ck= { gτi } $_{i=0}^{38}$ =(11,1309,...) and vk=1309.
KZG.Setup(1λ,40)=(ck,vk)= ({ gτi } $_{i=0}^{39}$, gτ)
that for secret element τ=119 and generator g=11 outputs ck= { gτi } $_{i=0}^{39}$ =(11,1309,...) and vk=1309.
KZG.Setup(1λ,75)=(ck,vk)= ({ gτi } $_{i=0}^{74}$, gτ)
that for secret element τ=119 and generator g=11 outputs ck= { gτi } $_{i=0}^{74}$ =(11,1309,...) and vk=1309.