On the Bringer–Chabanne EPIR protocol for polynomial evaluation
Extended private information retrieval (EPIR) was defined by Bringer, Chabanne, Pointcheval and Tang at CANS 2007 and generalized by Bringer and Chabanne at AFRICACRYPT 2009. In the generalized setting, EPIR allows a user to evaluate a function on a database block such that the database can learn ne...
Saved in:
| Main Authors: | , , |
|---|---|
| Other Authors: | |
| Format: | Article |
| Language: | English |
| Published: |
2013
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/10356/100283 http://hdl.handle.net/10220/18044 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| id |
sg-ntu-dr.10356-100283 |
|---|---|
| record_format |
dspace |
| spelling |
sg-ntu-dr.10356-1002832023-02-28T19:22:59Z On the Bringer–Chabanne EPIR protocol for polynomial evaluation Chee, Yeow Meng Wang, Huaxiong Zhang, Liang Feng School of Physical and Mathematical Sciences DRNTU::Science::Mathematics::Discrete mathematics::Cryptography Extended private information retrieval (EPIR) was defined by Bringer, Chabanne, Pointcheval and Tang at CANS 2007 and generalized by Bringer and Chabanne at AFRICACRYPT 2009. In the generalized setting, EPIR allows a user to evaluate a function on a database block such that the database can learn neither which function has been evaluated nor on which block the function has been evaluated and the user learns no more information on the database blocks except for the expected result. An EPIR protocol for evaluating polynomials over a finite field L was proposed by Bringer and Chabanne in [Lecture Notes in Comput. Sci. 5580, Springer (2009), 305-322]. We show that the protocol does not satisfy the correctness requirement as they have claimed. In particular, we show that it does not give the user the expected result with large probability if one of the coefficients of the polynomial to be evaluated is primitive in L and the others belong to the prime subfield of L. Published Version 2013-12-05T01:21:50Z 2019-12-06T20:19:40Z 2013-12-05T01:21:50Z 2019-12-06T20:19:40Z 2012 2012 Journal Article Chee, Y. M., Wang, H., & Zhang, L. F. (2012). On the Bringer–Chabanne EPIR protocol for polynomial evaluation. Journal of mathematical cryptology, 5(3-4), 277–301. https://hdl.handle.net/10356/100283 http://hdl.handle.net/10220/18044 10.1515/jmc-2012-0001 en Journal of mathematical cryptology © 2012 De Gruyter. This paper was published in Journal of Mathematical Cryptology and is made available as an electronic reprint (preprint) with permission of De Gruyter. The paper can be found at the following official DOI: [http://dx.doi.org/10.1515/jmc-2012-0001]. One print or electronic copy may be made for personal use only. Systematic or multiple reproduction, distribution to multiple locations via electronic or other means, duplication of any material in this paper for a fee or for commercial purposes, or modification of the content of the paper is prohibited and is subject to penalties under law. application/pdf |
| institution |
Nanyang Technological University |
| building |
NTU Library |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
NTU Library |
| collection |
DR-NTU |
| language |
English |
| topic |
DRNTU::Science::Mathematics::Discrete mathematics::Cryptography |
| spellingShingle |
DRNTU::Science::Mathematics::Discrete mathematics::Cryptography Chee, Yeow Meng Wang, Huaxiong Zhang, Liang Feng On the Bringer–Chabanne EPIR protocol for polynomial evaluation |
| description |
Extended private information retrieval (EPIR) was defined by Bringer, Chabanne, Pointcheval and Tang at CANS 2007 and generalized by Bringer and Chabanne at AFRICACRYPT 2009. In the generalized setting, EPIR allows a user to evaluate a function on a database block such that the database can learn neither which function has been evaluated nor on which block the function has been evaluated and the user learns no more information on the database blocks except for the expected result. An EPIR protocol for evaluating polynomials over a finite field L was proposed by Bringer and Chabanne in [Lecture Notes in Comput. Sci. 5580, Springer (2009), 305-322]. We show that the protocol does not satisfy the correctness requirement as they have claimed. In particular, we show that it does not give the user the expected result with large probability if one of the coefficients of the polynomial to be evaluated is primitive in L and the others belong to the prime subfield of L. |
| author2 |
School of Physical and Mathematical Sciences |
| author_facet |
School of Physical and Mathematical Sciences Chee, Yeow Meng Wang, Huaxiong Zhang, Liang Feng |
| format |
Article |
| author |
Chee, Yeow Meng Wang, Huaxiong Zhang, Liang Feng |
| author_sort |
Chee, Yeow Meng |
| title |
On the Bringer–Chabanne EPIR protocol for polynomial evaluation |
| title_short |
On the Bringer–Chabanne EPIR protocol for polynomial evaluation |
| title_full |
On the Bringer–Chabanne EPIR protocol for polynomial evaluation |
| title_fullStr |
On the Bringer–Chabanne EPIR protocol for polynomial evaluation |
| title_full_unstemmed |
On the Bringer–Chabanne EPIR protocol for polynomial evaluation |
| title_sort |
on the bringer–chabanne epir protocol for polynomial evaluation |
| publishDate |
2013 |
| url |
https://hdl.handle.net/10356/100283 http://hdl.handle.net/10220/18044 |
| _version_ |
1759855516190769152 |