I will try to define easily the cryptographic system of this paper. The author designs a communication game for $N$ players. The private information of every player is denoted as $t_i\in T_i$ and represents the type of player $i$. The encryption system that the players use to communicate is based in the following reporting correspondences.
$\textbf{Reporting correspondences:}$ Let $\mathcal{R}_i$ be a non-empty, finite set and define the reporting correspondence $R_i : T_i\to 2^{\mathcal{R}_i}-\{\emptyset\}$ to be a mapping from player $i$’s type space to the collection of subsets of $\mathcal{R}_i$. An element $r\in\mathcal{R}_i$ is called a type-dependent message and $R_i(t_i)$ is the set of type-dependent messages available to type $t_i$ of player $i$. Type-dependent messages certify a player’s statement about his type. For example, if $S\in T_i$ is the set of types of player $i$ who can send the message $r\in R_i$, then $r$ certifies a statement of the type “my type is in $S$”. The set $S$ is therefore called a certifiable event.
$\textbf{Certifiability Configurations:}$ Let $E_i\subseteq 2^{T_i}-\{\emptyset\}$ be a set of subsets of $T_i$ that is closed under intersection. A certifiability configuration is an $N$-tuple of particular reporting correspondences $C_i:T_i\to E_i$ for every $i = 1, ..., N$, with
$$C_i(t_i)=\{e_i\in E_i|t_i\in e_i\},\quad\text{$\forall t_i\in T_i$} $$
These reporting correspondences have two very useful properties. First, each message is identical to the event that it certifies. Second, any event that is certifiable by a combination of messages in $C_i(t_i)$ is also included in the set.
Let $R=(R_i)_{i\in I}$ be an arbitrary profile of reporting correspondences, and for every player $i\in I$, let $E_i^R$ denote the smallest set that contains $\{R^{-1}(r_i)|r_i\in \mathcal{R}_i\}$ andd is closed under intersection. $E_i^R$ is the set of all events that player $i$ can certify with $R_i$. The profile $R$ can be uniquely associated with a certifiability configuration $C_R=(C_i^R)_{i\in I}$, where
$$C_i^R(t_i)=\{e_i\in E_i^R|t_i\in e_i\}$$
The certifiability configuration $C_i^R$ of $R$ expresses the certifiable information explicitly as events in a player’s type space.
$\textbf{Encryption:}$ Let $C=(C_i)_{i\in I}$ be a certifiability configuration. If verifiable information is encrypted, for every $i\in I$, every certifiable event $e_i\in E_i$ is encoded using a cryptographic algorithm, called a cipher. A cipher is a mapping $ρ_i: E_i × Y_i → X_i$ that has as inputs the private information $e_i$ and a piece of additional information $y_i\in Y_i$, called the key, and produces as output a code $x_i\in X_i$. It is assumed that the set of keys $Y_i$ is sufficiently large, i.e. $|Y_i| ≥ |E_i|$, and that for each $y_i\in Y_i$ the mapping $ρ(\cdot, y_i)$ is bijective, so that every pair $(x_i, y_i)$ is associated with exactly one certifiable event $e_i$. When a player’s information is encrypted, his type-dependent messages are pairs consisting of a piece of code and a key. At the time when players learn their types, nature chooses publicly a cipher $ρ_i$ for player $i\in I$ and a private key $y_i$ uniformly from the set
$Y_i$. Player $i$’s reporting correspondence is then given by
$$\hat{R}_i(t_i,y_i)=\{(x_i, y_i)|x_i=ρ_i(e_i, y_i), e_i\in C_i(t_i)\}$$
One natural interpretation of messages in $R_i$ is as pieces of encrypted evidence regarding player $i$’s type, provided by a trusted third party which uses a publicly known cipher and a private key to encrypt the information. Note that if $C=C^R$, then the profiles $R(\cdot)=(R_i(\cdot))_{i\in I}$ and $\hat{R}(\cdot,y)=(\hat{R}_i(\cdot,y_i))_{i\in I}$ have a common certifiability configuration for every combination of keys $y\in(Y_i)_{i\in I}$
Let $E^R=(E_i^R)_{i\in I}$ be the profile of sets of events that are certifiable with $R$. The set $E_i^R$ is finite, so that all its elements may be labeled in an arbitrary order with an index from $1$ to some positive integer $n_i$. Each certifiable event can then be associated with its index, i.e., a number in the set $\{1,...,n_i\}$. I will write $z_i(e_i)$ to refer to the number representing the event $e_i$ and, by a slight abuse of notation, I will write $e_i(z_i)$ to refer to the event whose index is equal to $z_i$.
The following lemma is needed
$\textbf{Lemma:}$ If $z_i$ is a random variable with support on $\{1,...,n_i\}$ and $y_i$ is uniformly distributed over $\{1,...,n_i\}$ independent of $z_i$, then the random variable $x_i$ defined by $x_i=z_i−y_i(mod{n}_i)$ is also uniformly distributed over $\{1,...,n_i\}$.
Here, $z_i$ represents a certifiable event, $y_i$ represents a key, and $x_i$ is the code generated by the cipher $ρ_i(e_i,y_i)=z_i(e_i)−y_i(mod{n}_i)$. Now, suppose player $i$’s private information is encrypted and his reporting correspondence is
$$\hat{R}_i(t_i,y_i)=\{(x_i, y_i)|x_i=z_i(e_i)−y_i(mod{n}_i), e_i\in C_i(t_i)\}$$
so that player $i$ can send a pair $(x_i,y_i)$ if the event $e_i$ represented by $z_i=x_i+y_i(mod{n}i)$ is in $C_i^R(t_i)$. The certifiability configuration generated in this way
is identical to the certifiability configuration of $R$: if only types of player $i$ who can certify $e_i$ with $R_i$ can send a pair $(x_i, y_i)$ that satisfies $z_i=x_i+y_i(mod{n}_i)$, then sending such a pair is the same as certifying $e_i$. By Lemma $1$, both $x_i$ and $y_i$ are uniformly distributed over $\{1,...,n_i\}$, and thus, individually, $x_i$ and $y_i$ contain no information about $e_i$.
$\textbf{Question:}$ If we assume that in the case of the above mathematical structure the cipher that is defined as bijective where every pair $(x_i,y_i)$ refers to a linear equation such that $h(x)=ax+b$, $b=e_i$. If two players know $(x_i,y_i)$ the can combine them and take what it misses to them so as $x_i+y_i(nod{n}_i)=z_i(e_i)\quad\text{or $e_i(z_i)$}$. Hence in case we take for $h$ a polynomial of degree $t<2N$ such that
$$h(x)=a_tx^t+a_{t-1}x^{t-1}+\cdots+a_1x+a_0,\quad\text{where $a_0=e_i(z_i)$}$$
what is the equivalent representation of $\rho_i$, where know they are needed $t+1$ pairs to calculate $h(x)$ with constant term $e_i(z_i)$ (which in essence means that $t+1$ pair $(x_i,y_i)$ are associated with only one $e_i$ (bijective))?
In other words the question changes in the equivalent one that says: "Could anybody help in a simple polynomial representation of the cipher $\rho_i$"?
$\textbf{Hint:}$ With a slight abuse of notation I think the author uses $\{1,...,n_i\}$ instead of $\{0,1,...,n_i-1\}$.