Composability and on-line deniability of authentication

Yevgeniy Dodis, Jonathan Katz, Adam Smith, Shabsi Walfish

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Protocols for deniable authentication achieve seemingly paradoxical guarantees: upon completion of the protocol the receiver is convinced that the sender authenticated the message, but neither party can convince anyone else that the other party took part in the protocol. We introduce and study on-line deniability, where deniability should hold even when one of the parties colludes with a third party during execution of the protocol. This turns out to generalize several realistic scenarios that are outside the scope of previous models. We show that a protocol achieves our definition of on-line deniability if and only if it realizes the message authentication functionality in the generalized universal composability framework; any protocol satisfying our definition thus automatically inherits strong composability guarantees. Unfortunately, we show that our definition is impossible to realize in the PKI model if adaptive corruptions are allowed (even if secure erasure is assumed). On the other hand, we show feasibility with respect to static corruptions (giving the first separation in terms of feasibility between the static and adaptive setting), and show how to realize a relaxation termed deniability with incriminating abort under adaptive corruptions.

Original languageEnglish (US)
Title of host publicationTheory of Cryptography - 6th Theory of Cryptography Conference, TCC 2009, Proceedings
Pages146-162
Number of pages17
Volume5444 LNCS
DOIs
StatePublished - 2009
Event6th Theory of Cryptography Conference, TCC 2009 - San Francisco, CA, United States
Duration: Mar 15 2009Mar 17 2009

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume5444 LNCS
ISSN (Print)03029743
ISSN (Electronic)16113349

Other

Other6th Theory of Cryptography Conference, TCC 2009
CountryUnited States
CitySan Francisco, CA
Period3/15/093/17/09

Fingerprint

Authentication
Universal Composability
Message Authentication
Completion
Receiver
If and only if
Scenarios
Generalise
Model

ASJC Scopus subject areas

  • Computer Science(all)
  • Theoretical Computer Science

Cite this

Dodis, Y., Katz, J., Smith, A., & Walfish, S. (2009). Composability and on-line deniability of authentication. In Theory of Cryptography - 6th Theory of Cryptography Conference, TCC 2009, Proceedings (Vol. 5444 LNCS, pp. 146-162). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 5444 LNCS). https://doi.org/10.1007/978-3-642-00457-5_10

Composability and on-line deniability of authentication. / Dodis, Yevgeniy; Katz, Jonathan; Smith, Adam; Walfish, Shabsi.

Theory of Cryptography - 6th Theory of Cryptography Conference, TCC 2009, Proceedings. Vol. 5444 LNCS 2009. p. 146-162 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 5444 LNCS).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Dodis, Y, Katz, J, Smith, A & Walfish, S 2009, Composability and on-line deniability of authentication. in Theory of Cryptography - 6th Theory of Cryptography Conference, TCC 2009, Proceedings. vol. 5444 LNCS, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 5444 LNCS, pp. 146-162, 6th Theory of Cryptography Conference, TCC 2009, San Francisco, CA, United States, 3/15/09. https://doi.org/10.1007/978-3-642-00457-5_10
Dodis Y, Katz J, Smith A, Walfish S. Composability and on-line deniability of authentication. In Theory of Cryptography - 6th Theory of Cryptography Conference, TCC 2009, Proceedings. Vol. 5444 LNCS. 2009. p. 146-162. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). https://doi.org/10.1007/978-3-642-00457-5_10
Dodis, Yevgeniy ; Katz, Jonathan ; Smith, Adam ; Walfish, Shabsi. / Composability and on-line deniability of authentication. Theory of Cryptography - 6th Theory of Cryptography Conference, TCC 2009, Proceedings. Vol. 5444 LNCS 2009. pp. 146-162 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
@inproceedings{7d89a235dd23479c8becfcadf9ec589e,
title = "Composability and on-line deniability of authentication",
abstract = "Protocols for deniable authentication achieve seemingly paradoxical guarantees: upon completion of the protocol the receiver is convinced that the sender authenticated the message, but neither party can convince anyone else that the other party took part in the protocol. We introduce and study on-line deniability, where deniability should hold even when one of the parties colludes with a third party during execution of the protocol. This turns out to generalize several realistic scenarios that are outside the scope of previous models. We show that a protocol achieves our definition of on-line deniability if and only if it realizes the message authentication functionality in the generalized universal composability framework; any protocol satisfying our definition thus automatically inherits strong composability guarantees. Unfortunately, we show that our definition is impossible to realize in the PKI model if adaptive corruptions are allowed (even if secure erasure is assumed). On the other hand, we show feasibility with respect to static corruptions (giving the first separation in terms of feasibility between the static and adaptive setting), and show how to realize a relaxation termed deniability with incriminating abort under adaptive corruptions.",
author = "Yevgeniy Dodis and Jonathan Katz and Adam Smith and Shabsi Walfish",
year = "2009",
doi = "10.1007/978-3-642-00457-5_10",
language = "English (US)",
isbn = "3642004563",
volume = "5444 LNCS",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
pages = "146--162",
booktitle = "Theory of Cryptography - 6th Theory of Cryptography Conference, TCC 2009, Proceedings",

}

TY - GEN

T1 - Composability and on-line deniability of authentication

AU - Dodis, Yevgeniy

AU - Katz, Jonathan

AU - Smith, Adam

AU - Walfish, Shabsi

PY - 2009

Y1 - 2009

N2 - Protocols for deniable authentication achieve seemingly paradoxical guarantees: upon completion of the protocol the receiver is convinced that the sender authenticated the message, but neither party can convince anyone else that the other party took part in the protocol. We introduce and study on-line deniability, where deniability should hold even when one of the parties colludes with a third party during execution of the protocol. This turns out to generalize several realistic scenarios that are outside the scope of previous models. We show that a protocol achieves our definition of on-line deniability if and only if it realizes the message authentication functionality in the generalized universal composability framework; any protocol satisfying our definition thus automatically inherits strong composability guarantees. Unfortunately, we show that our definition is impossible to realize in the PKI model if adaptive corruptions are allowed (even if secure erasure is assumed). On the other hand, we show feasibility with respect to static corruptions (giving the first separation in terms of feasibility between the static and adaptive setting), and show how to realize a relaxation termed deniability with incriminating abort under adaptive corruptions.

AB - Protocols for deniable authentication achieve seemingly paradoxical guarantees: upon completion of the protocol the receiver is convinced that the sender authenticated the message, but neither party can convince anyone else that the other party took part in the protocol. We introduce and study on-line deniability, where deniability should hold even when one of the parties colludes with a third party during execution of the protocol. This turns out to generalize several realistic scenarios that are outside the scope of previous models. We show that a protocol achieves our definition of on-line deniability if and only if it realizes the message authentication functionality in the generalized universal composability framework; any protocol satisfying our definition thus automatically inherits strong composability guarantees. Unfortunately, we show that our definition is impossible to realize in the PKI model if adaptive corruptions are allowed (even if secure erasure is assumed). On the other hand, we show feasibility with respect to static corruptions (giving the first separation in terms of feasibility between the static and adaptive setting), and show how to realize a relaxation termed deniability with incriminating abort under adaptive corruptions.

UR - http://www.scopus.com/inward/record.url?scp=70350639645&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=70350639645&partnerID=8YFLogxK

U2 - 10.1007/978-3-642-00457-5_10

DO - 10.1007/978-3-642-00457-5_10

M3 - Conference contribution

SN - 3642004563

SN - 9783642004568

VL - 5444 LNCS

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 146

EP - 162

BT - Theory of Cryptography - 6th Theory of Cryptography Conference, TCC 2009, Proceedings

ER -