On the Bringer–Chabanne EPIR protocol for polynomial evaluation

Extended private information retrieval (EPIR) was defined by Bringer, Chabanne, Pointcheval and Tang at CANS 2007 and generalized by Bringer and Chabanne at AFRICACRYPT 2009. In the generalized setting, EPIR allows a user to evaluate a function on a database block such that the database can learn ne...

Full description

Saved in:
Bibliographic Details
Main Authors: Chee, Yeow Meng, Wang, Huaxiong, Zhang, Liang Feng
Other Authors: School of Physical and Mathematical Sciences
Format: Article
Language:English
Published: 2013
Subjects:
Online Access:https://hdl.handle.net/10356/100283
http://hdl.handle.net/10220/18044
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Nanyang Technological University
Language: English
id sg-ntu-dr.10356-100283
record_format dspace
spelling sg-ntu-dr.10356-1002832023-02-28T19:22:59Z On the Bringer–Chabanne EPIR protocol for polynomial evaluation Chee, Yeow Meng Wang, Huaxiong Zhang, Liang Feng School of Physical and Mathematical Sciences DRNTU::Science::Mathematics::Discrete mathematics::Cryptography Extended private information retrieval (EPIR) was defined by Bringer, Chabanne, Pointcheval and Tang at CANS 2007 and generalized by Bringer and Chabanne at AFRICACRYPT 2009. In the generalized setting, EPIR allows a user to evaluate a function on a database block such that the database can learn neither which function has been evaluated nor on which block the function has been evaluated and the user learns no more information on the database blocks except for the expected result. An EPIR protocol for evaluating polynomials over a finite field L was proposed by Bringer and Chabanne in [Lecture Notes in Comput. Sci. 5580, Springer (2009), 305-322]. We show that the protocol does not satisfy the correctness requirement as they have claimed. In particular, we show that it does not give the user the expected result with large probability if one of the coefficients of the polynomial to be evaluated is primitive in L and the others belong to the prime subfield of L. Published Version 2013-12-05T01:21:50Z 2019-12-06T20:19:40Z 2013-12-05T01:21:50Z 2019-12-06T20:19:40Z 2012 2012 Journal Article Chee, Y. M., Wang, H., & Zhang, L. F. (2012). On the Bringer–Chabanne EPIR protocol for polynomial evaluation. Journal of mathematical cryptology, 5(3-4), 277–301. https://hdl.handle.net/10356/100283 http://hdl.handle.net/10220/18044 10.1515/jmc-2012-0001 en Journal of mathematical cryptology © 2012 De Gruyter. This paper was published in Journal of Mathematical Cryptology and is made available as an electronic reprint (preprint) with permission of De Gruyter. The paper can be found at the following official DOI: [http://dx.doi.org/10.1515/jmc-2012-0001]. One print or electronic copy may be made for personal use only. Systematic or multiple reproduction, distribution to multiple locations via electronic or other means, duplication of any material in this paper for a fee or for commercial purposes, or modification of the content of the paper is prohibited and is subject to penalties under law. application/pdf
institution Nanyang Technological University
building NTU Library
continent Asia
country Singapore
Singapore
content_provider NTU Library
collection DR-NTU
language English
topic DRNTU::Science::Mathematics::Discrete mathematics::Cryptography
spellingShingle DRNTU::Science::Mathematics::Discrete mathematics::Cryptography
Chee, Yeow Meng
Wang, Huaxiong
Zhang, Liang Feng
On the Bringer–Chabanne EPIR protocol for polynomial evaluation
description Extended private information retrieval (EPIR) was defined by Bringer, Chabanne, Pointcheval and Tang at CANS 2007 and generalized by Bringer and Chabanne at AFRICACRYPT 2009. In the generalized setting, EPIR allows a user to evaluate a function on a database block such that the database can learn neither which function has been evaluated nor on which block the function has been evaluated and the user learns no more information on the database blocks except for the expected result. An EPIR protocol for evaluating polynomials over a finite field L was proposed by Bringer and Chabanne in [Lecture Notes in Comput. Sci. 5580, Springer (2009), 305-322]. We show that the protocol does not satisfy the correctness requirement as they have claimed. In particular, we show that it does not give the user the expected result with large probability if one of the coefficients of the polynomial to be evaluated is primitive in L and the others belong to the prime subfield of L.
author2 School of Physical and Mathematical Sciences
author_facet School of Physical and Mathematical Sciences
Chee, Yeow Meng
Wang, Huaxiong
Zhang, Liang Feng
format Article
author Chee, Yeow Meng
Wang, Huaxiong
Zhang, Liang Feng
author_sort Chee, Yeow Meng
title On the Bringer–Chabanne EPIR protocol for polynomial evaluation
title_short On the Bringer–Chabanne EPIR protocol for polynomial evaluation
title_full On the Bringer–Chabanne EPIR protocol for polynomial evaluation
title_fullStr On the Bringer–Chabanne EPIR protocol for polynomial evaluation
title_full_unstemmed On the Bringer–Chabanne EPIR protocol for polynomial evaluation
title_sort on the bringer–chabanne epir protocol for polynomial evaluation
publishDate 2013
url https://hdl.handle.net/10356/100283
http://hdl.handle.net/10220/18044
_version_ 1759855516190769152