On the Bringer–Chabanne EPIR protocol for polynomial evaluation

On the Bringer–Chabanne EPIR protocol for polynomial evaluation

Extended private information retrieval (EPIR) was defined by Bringer, Chabanne, Pointcheval and Tang at CANS 2007 and generalized by Bringer and Chabanne at AFRICACRYPT 2009. In the generalized setting, EPIR allows a user to evaluate a function on a database block such that the database can learn ne...

Full description

Bibliographic Details
Main Authors: Chee Yeow Meng, Wang Huaxiong, Zhang Liang Feng
Format: Article
Language:English
Published: De Gruyter 2012-02-01
Series:Journal of Mathematical Cryptology
Subjects:
extended private information retrieval
correctness
Online Access:https://doi.org/10.1515/jmc-2012-0001
Description
Summary:Extended private information retrieval (EPIR) was defined by Bringer, Chabanne, Pointcheval and Tang at CANS 2007 and generalized by Bringer and Chabanne at AFRICACRYPT 2009. In the generalized setting, EPIR allows a user to evaluate a function on a database block such that the database can learn neither which function has been evaluated nor on which block the function has been evaluated and the user learns no more information on the database blocks except for the expected result. An EPIR protocol for evaluating polynomials over a finite field was proposed by Bringer and Chabanne in [Lecture Notes in Comput. Sci. 5580, Springer (2009), 305–322]. We show that the protocol does not satisfy the correctness requirement as they have claimed. In particular, we show that it does not give the user the expected result with large probability if one of the coefficients of the polynomial to be evaluated is primitive in and the others belong to the prime subfield of .
ISSN:1862-2976
1862-2984

Similar Items