Deniable Group Key Agreement
نویسندگان
چکیده
Especially for key establishment protocols to be used in internet applications, the (privacy) concern of deniability arises: Can a protocol transcript be used—possibly by a participant—to prove the involvement of another party in the protocol? For two party key establishment protocols, a common technique for achieving deniability is the replacement of signature-based message authentication with authentication based on symmetric keys. We explore the question of deniability in the context of group key establishment: Taking into account malicious insiders, using a common symmetric key for authentication is critical, and the question of how to achieve deniability arises. Building on a model of Bresson et al., we offer a formalization of deniability and present a group key agreement offering provable security in the usual sense, deniability, and security guarantees against malicious insiders. Our approach for achieving deniability through a suitably distributed Schnorr-signature might also be of independent interest.
منابع مشابه
A Self-Authentication and Deniable Efficient Group Key Agreement Protocol for VANET
With the rapid development of vehicular ad hoc Network (VANET), it is gaining significant popularity and receiving increasing attentions from academics and industry in security and efficiency. To address security and efficiency issues, a selfauthentication and deniable efficient group key agreement protocol is proposed in this paper. This scheme establishes a group between road-side unit (RSU) ...
متن کاملChameleon-Based Deniable Authenticated Key Agreement Protocol
As a useful means of safeguarding privacy of communications, deniable authentication has received much attention. A Chameleon-based deniable authenticated key agreement protocol is presented in this paper. The protocol has following properties. Any one of the two participants can’t present a digital proof to convince a third party that a claimed agreement has really taken place. Once a forgery ...
متن کاملThe Edited Truth
We introduce two new cryptographic notions in the realm of public and symmetric key encryption. • Encryption with invisible edits is an encryption scheme with two tiers of users: “privileged” and “unprivileged”. Privileged users know a key pair (pk, sk) and “unprivileged” users know a key pair (pke, ske) which is associated with an underlying edit e to be applied to messages encrypted. Each key...
متن کاملScalable Deniable Group Key Establishment
The popular Katz-Yung compiler from CRYPTO 2003 can be used to transform unauthenticated group key establishment protocols into authenticated ones. In this paper we present a modification of Katz and Yung’s construction which maintains the round complexity of their compiler, but for ‘typical’ unauthenticated group key establishments adds authentication in such a way that deniability is achieved...
متن کاملOn the Impossibility of Sender-Deniable Public Key Encryption
The primitive of deniable encryption was first introduced by Canetti et al. (CRYPTO, 1997). Deniable encryption is a regular public key encryption scheme with the added feature that after running the protocol honestly and transmitting a message m, both Sender and Receiver may produce random coins showing that the transmitted ciphertext was an encryption of any message m′ in the message space. D...
متن کامل