论文部分内容阅读
Deniable authentication protocols allow a sender to authenticate a message for a receiver, in a way which the receiver cannot convince a third party that such au- thentication ever took place. When we consider an asynchronous multi-party net- work with open communications and an adversary that can adaptively corrupt as many parties as it wishes, we present a new approach to solve the problem of concurrent deniable authentication within the framework of universally compos- able (UC) security. We formulate a definition of an ideal functionality for deniable authentication. Our constructions rely on a modification of the verifiably smooth projective hashing (VSPH) with projection key function by trapdoor commitment. Our protocols are forward deniable and UC security against adaptive adversaries in the common reference string model. A new approach implies that security is pre- served under concurrent composition of an unbounded number of protocol execu- tions; it implies non-malleability with respect to arbitrary protocols and more. The novelty of our schemes is the use of witness indistinguishable protocols and the security is based on the decisional composite residuosity (DCR) assumption. This new approach is practically relevant as it leads to more efficient protocols and se-curity reductions.
Deniable authentication protocols allow a sender to authenticate a message for a receiver, in a way which the receiver can not convince a third party that such au- thentication ever took place. When we consider an asynchronous multi-party net work with open communications and an adversary that can adaptively corrupt as many parties as it wishes, we present a new approach to solve the problem of concurrent deniable authentication within the framework of universally composable (UC) security. We formulate a definition of an ideal functionality for deniable authentication. Our constructions rely on a modification of the verifiably smooth projective hashing (VSPH) with projection key function by trapdoor commitment. Our protocols are forward deniable and UC security against adaptive adversaries in the common reference string model. A new approach implies that security is pre- served under concurrent composition of an unbounded number of protocol execu- tions; it implies non-malleability w The novelty of our schemes is the use of witness indistinguishable protocols and the security is based on the decisional composite residue (DCR) assumption. This new approach is practically relevant as it leads to more efficient protocols and se -curity reductions.