The application of sparse polynomials in cryptography has been studied recently. A public key encryption scheme EnRoot  and an identification scheme SPIFI  based on sparse polynomials were proposed. In this paper, we show that both of them are insecure. The designers of SPIFI proposed the modified SPIFI  after Schnorr pointed out some weakness in its initial version. Unfortunately, the modified SPIFI is still insecure. The same holds for the generalization of EnRoot proposed in .