Cryptanalysis and Improvement of Robust Deniable Authentication Protocol

Li, Fagen; Takagi, Tsuyoshi

doi:10.1007/s11277-012-0640-4

Cited by 13 publications

(14 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Recently, some efficient PKI-based deniable authentication protocols [13][14][15][16] and IBC-based deniable authentication protocols [17,18] have been designed. In [13], Wang and Song proposed a non-interactive deniable authentication protocol based on designated verifier proofs.…”

Section: Related Workmentioning

confidence: 99%

“…Youn et al [15] gave a non-interactive deniable authentication by using a trapdoor commitment scheme. Li and Takagi [16] proposed a deniable authentication protocol that satisfies the deniable authentication, mutual authentication and confidentiality. Shi and Li [17] designed an identity-based deniable authentication protocol using bilinear pairings.…”

Section: Related Workmentioning

confidence: 99%

“…For example, [13][14][15][16]19] assume that both a sender and a receiver belong to the PKI environment and [17][18][19] assume that both a sender and a receiver belong to the IBC environment. Such a characteristic makes these protocols can not be used in the heterogeneous pervasive environment.…”

Section: Related Workmentioning

confidence: 99%

See 2 more Smart Citations

Practical deniable authentication for pervasive computing environments

Hong

Omala

2016

Wireless Netw

Self Cite

View full text Add to dashboard Cite

Pervasive computing environments allow users to get services anytime and anywhere. Security has become a great challenge in pervasive computing environments because of its heterogeneity, openness, mobility and dynamicity. In this paper, we propose two heterogeneous deniable authentication protocols for pervasive computing environments using bilinear pairings. The first protocol allows a sender in a public key infrastructure (PKI) environment to send a message to a receiver in an identitybased cryptography (IBC) environment. The second protocol allows a sender in the IBC environment to send a message to a receiver in the PKI environment. Our protocols admits formal security proof in the random oracle model under the bilinear Diffie-Hellman assumption. In addition, our protocols support batch verification that can speed up the verification of authenticators. The characteristic makes our protocols useful in pervasive computing environments.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Practical deniable authentication for pervasive computing environments

Hong

Omala

2016

Wireless Netw

Self Cite

View full text Add to dashboard Cite

show abstract

“…They claimed that their protocol satisfies deniable authentication, mutual authentication and confidentiality. However, Li and Takagi [32] showed that [31] does not satisfy the deniable authentication property. The receiver can show the source of a given message to a third party.…”

Section: B Related Workmentioning

confidence: 99%

Efficient Deniably Authenticated Encryption and Its Application to E-Mail

Zhong

Takagi

2016

IEEE Trans.Inform.Forensic Secur.

Self Cite

View full text Add to dashboard Cite

Confidentiality and authentication are two main security goals in secure electronic mail (e-mail). PGP and S/MIME are two famous secure e-mail solutions. Both PGP and S/MIME use digital envelope to provide message confidentiality and digital signature to provide message authentication. However, these methods have the following two weaknesses: (1) digital signature provides non-repudiation evidence of sender that is not desired in some e-mail applications; (2) efficiency is low since these methods use two kinds of public key cryptographic primitives: public key encryption and digital signature. To overcome the above two weaknesses, we introduce a new concept called deniably authenticated encryption that can achieve confidentiality, integrity and deniable authentication in a logical single step. We first propose a deniably authenticated encryption scheme and prove its security in the random oracle model. Then we design a secure e-mail protocol using the proposed deniably authenticated encryption scheme. The deniable authentication property protects senders' privacy.

show abstract

“…Deniable authentication can be used in many specialized applications. For example, it can provide freedom from coercion in electronic voting systems and secure negotiation over the Internet [20,21]. In 2005, Shi and Li [22] extended deniable authentication into identity-based environment and designed an identity-based deniable authentication (IBDA) protocol.…”

Section: Related Workmentioning

confidence: 99%

Identity-based deniable authenticated encryption and its application to e-mail system

Zheng

Jin

2015

Telecommun Syst

Self Cite

View full text Add to dashboard Cite

An authenticated encryption (AE) scheme simultaneously achieves two security goals: confidentiality and authenticity. AE can be divided into symmetric AE and asymmetrical (public key) AE. In a symmetric AE scheme, deniability is gained automatically. However, a public key AE scheme can not gain deniability automatically; on the contrary, it provides non-repudiation. In this paper, we address a question on deniability of public key AE. Of course, we can achieve this goal by "deniable authentication followed by encryption" method. However, such method has the following two weaknesses: (1) the computational cost and communication overhead are the sum of two cryptographic primitives; (2) it is complex to design cryptographic protocols with deniable authentication and confidentiality using two cryptographic primitives. To overcome the two weaknesses, we propose a new concept called deniable authenticated encryption (DAE) that can achieve both the functions of deniable authentication and public key encryption simultaneously, at a cost significantly lower than that required by the "deniable authentication followed by encryption" method. This single cryptographic primitive can simplify the design of cryptographic protocols with deniable authentication and confidentiality. In particular, we construct an identity-based deniable authenticated encryption (IBDAE) scheme. Our construction uses tag-key encapsulation mechanism (KEM) and data encapsulation mechanism (DEM) hybrid techniques, which is more practical for true applications. We show how to construct an IBDAE scheme using an identity-based deniable authenticated tag-KEM (IBDATK) and a DEM. We also propose an IBDATK scheme and prove its security in the random oracle model. For typical security level, our scheme is at least 50.7 and 22.7 % faster than two straightforward "deniable authentication followed by encryption" schemes, respectively. The communication overhead is respectively reduced at least 21.3 and 31.1 %. An application of IBDAE to an e-mail system is described.B

show abstract

Cryptanalysis and Improvement of Robust Deniable Authentication Protocol

Cited by 13 publications

References 10 publications

Practical deniable authentication for pervasive computing environments

Practical deniable authentication for pervasive computing environments

Efficient Deniably Authenticated Encryption and Its Application to E-Mail

Identity-based deniable authenticated encryption and its application to e-mail system

Contact Info

Product

Resources

About