Skip to content
BY-NC-ND 3.0 license Open Access Published by De Gruyter January 25, 2012

On the Bringer–Chabanne EPIR protocol for polynomial evaluation

  • Yeow Meng Chee EMAIL logo , Huaxiong Wang and Liang Feng Zhang


Extended private information retrieval (EPIR) was defined by Bringer, Chabanne, Pointcheval and Tang at CANS 2007 and generalized by Bringer and Chabanne at AFRICACRYPT 2009. In the generalized setting, EPIR allows a user to evaluate a function on a database block such that the database can learn neither which function has been evaluated nor on which block the function has been evaluated and the user learns no more information on the database blocks except for the expected result. An EPIR protocol for evaluating polynomials over a finite field was proposed by Bringer and Chabanne in [Lecture Notes in Comput. Sci. 5580, Springer (2009), 305–322]. We show that the protocol does not satisfy the correctness requirement as they have claimed. In particular, we show that it does not give the user the expected result with large probability if one of the coefficients of the polynomial to be evaluated is primitive in and the others belong to the prime subfield of .

Received: 2011-05-04
Revised: 2012-01-16
Published Online: 2012-01-25
Published in Print: 2012-February

© 2012 by Walter de Gruyter Berlin Boston

This article is distributed under the terms of the Creative Commons Attribution Non-Commercial License, which permits unrestricted non-commercial use, distribution, and reproduction in any medium, provided the original work is properly cited.

Downloaded on 28.9.2023 from
Scroll to top button