In cryptography, blinding is a technique by which an agent can provide a service to (i.e, compute a function for) a client in an encoded form without knowing either the real input or the real output.

More precisely, Alice has an input x and Oscar has a function f. Alice would like Oscar to compute y = f(x) for her without revealing either x or y to him. The reason for her wanting this might be that she doesn't know the function f or that she does not have the resources to compute it. Alice "blinds" the message by encoding it into some other input E(x); the encoding E must be a bijection on the input space of f, ideally a random permutation. Oscar gives her f(E(x)), to which she applies a decoding D to obtain D(f(E(x))) = y.

Of course, not all functions admit of blind computation.

The most common application of blinding is the blind signature. In a blind signature protocol the signer digitally signs a message without being able to learn its content.

The one-time pad is an application of blinding to the secure communication problem. Alice would like to send a message to Bob secretly, however all of their communication can be read by Oscar. Therefore Alice sends the message after blinding it with a secret key or pad that she shares with Bob. Bob reverses the blinding after receiving the message. In this example, the function f is the identity and E and D are both typically the XOR operation.