Deniable authentication

Deniable authentication

In cryptography, deniable authentication refers to authentication between a set of participants where the participants themselves can be confident in the authenticity of the messages, but it cannot be proved to a third party after the event.

In practice, deniable authentication can be achieved through the use of message authentication codes (MACs) by making sure that if an attacker is able to decrypt the messages, they would also know the MAC key as part of the protocol, and would thus be able to forge authentic-looking messages. For example, in the Off-the-Record Messaging (OTR) protocol, MAC keys are derived from the asymmetric decryption key through a cryptographic hash function. In addition to that, the OTR protocol also reveals used MAC keys as part of the next message, when they have already been used to previously received messages and will not be re-used.[1]

See also

References

  1. ^ Nikita Borisov, Ian Goldberg, Eric Brewer (2004-10-28). "Off-the-Record Communication, or, Why Not To Use PGP" (PDF). Workshop on Privacy in the Electronic Society. http://www.cypherpunks.ca/otr/otr-wpes.pdf. Retrieved 2007-02-01. 

Wikimedia Foundation. 2010.

Игры ⚽ Поможем решить контрольную работу

Look at other dictionaries:

  • Deniable encryption — In cryptography and steganography, deniable encryption is encryption that allows its users to convincingly deny that the data is encrypted, or that they are able to decrypt it[citation needed]. Such convincing denials may or may not be genuine.… …   Wikipedia

  • Off-the-Record Messaging — Off the Record Messaging, commonly referred to as OTR, is a cryptographic protocol that provides strong encryption for instant messaging conversations. OTR uses a combination of the AES symmetric key algorithm, the Diffie–Hellman key exchange,… …   Wikipedia

  • Kopete — Infobox Software name = Kopete caption = Kopete 0.12.7 collapsible = yes developer = Kopete developers operating system = Unix like/Windows genre = Instant messaging client license = GNU General Public License website =… …   Wikipedia

  • TrueCrypt — infobox software caption = TrueCrypt on Windows Vista developer = TrueCrypt Foundation latest release version = 6.0a latest release date = release date|2008|7|8 programming language = C, C++, Assembly operating system = Cross platform language =… …   Wikipedia

  • Comparison of disk encryption software — This is a technical feature comparison of different disk encryption software. Contents 1 Background information 2 Operating systems 3 Features 4 Layering …   Wikipedia

  • Keystroke logging — (often called keylogging) is a method of capturing and recording user keystrokes. The technique and name came from before the era of the graphical user interface; loggers nowadays would expect to capture mouse operations too. Keylogging can be… …   Wikipedia

  • Fingerprint — This article is about human fingerprints. For other uses, see Fingerprint (disambiguation) …   Wikipedia

  • Cryptographic protocol — A security protocol (cryptographic protocol or encryption protocol) is an abstract or concrete protocol that performs a security related function and applies cryptographic methods. A protocol describes how the algorithms should be used. A… …   Wikipedia

  • Secure communication — includes means by which people can share information with varying degrees of certainty that third parties cannot know what was said. Other than communication spoken face to face out of possibility of listening, it is probably safe to say that no… …   Wikipedia

  • Publius Publishing System — Publius is (was?) a web protocol developed by [http://www.cs.nyu.edu/ waldman/ Waldman] , Rubin [http://lorrie.cranor.org/ Cranor] for allowing individuals the ability to publish information on the web anonymously and with a high guarantee that… …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”