Deniable authentication
Encyclopedia
In cryptography
, deniable authentication refers to authentication
between a set of participants where the participants themselves can be confident in the authenticity of the messages, but it cannot be proved to a third party after the event.
In practice, deniable authentication can be achieved through the use of message authentication code
s (MACs) by making sure that if an attacker is able to decrypt the messages, they would also know the MAC key as part of the protocol, and would thus be able to forge authentic-looking messages. For example, in the Off-the-Record Messaging
(OTR) protocol, MAC keys are derived from the asymmetric decryption key through a cryptographic hash function
. In addition to that, the OTR protocol also reveals used MAC keys as part of the next message, when they have already been used to previously received messages and will not be re-used.
Cryptography
Cryptography is the practice and study of techniques for secure communication in the presence of third parties...
, deniable authentication refers to authentication
Authentication
Authentication is the act of confirming the truth of an attribute of a datum or entity...
between a set of participants where the participants themselves can be confident in the authenticity of the messages, but it cannot be proved to a third party after the event.
In practice, deniable authentication can be achieved through the use of message authentication code
Message authentication code
In cryptography, a message authentication code is a short piece of information used to authenticate a message.A MAC algorithm, sometimes called a keyed hash function, accepts as input a secret key and an arbitrary-length message to be authenticated, and outputs a MAC...
s (MACs) by making sure that if an attacker is able to decrypt the messages, they would also know the MAC key as part of the protocol, and would thus be able to forge authentic-looking messages. For example, in the Off-the-Record Messaging
Off-the-record messaging
Off-the-Record Messaging, commonly referred to as OTR, is a cryptographic protocol that provides strong encryption for instant messaging conversations. OTR uses a combination of the AES symmetric-key algorithm, the Diffie–Hellman key exchange, and the SHA-1 hash function...
(OTR) protocol, MAC keys are derived from the asymmetric decryption key through a cryptographic hash function
Cryptographic hash function
A cryptographic hash function is a deterministic procedure that takes an arbitrary block of data and returns a fixed-size bit string, the hash value, such that an accidental or intentional change to the data will change the hash value...
. In addition to that, the OTR protocol also reveals used MAC keys as part of the next message, when they have already been used to previously received messages and will not be re-used.
See also
- Deniable encryptionDeniable encryptionIn cryptography and steganography, deniable encryption is encryption that allows its users to convincingly deny that the data is encrypted, or that they are able to decrypt it. Such convincing denials may or may not be genuine. For example, although suspicions might exist that the data is...
- Plausible deniabilityPlausible deniabilityPlausible deniability is, at root, credible ability to deny a fact or allegation, or to deny previous knowledge of a fact. The term most often refers to the denial of blame in chains of command, where upper rungs quarantine the blame to the lower rungs, and the lower rungs are often inaccessible,...
- MalleabilityMalleability (cryptography)Malleability is a property of some cryptographic algorithms. An encryption algorithm is malleable if it is possible for an adversary to transform a ciphertext into another ciphertext which decrypts to a related plaintext...
- Off-the-Record MessagingOff-the-record messagingOff-the-Record Messaging, commonly referred to as OTR, is a cryptographic protocol that provides strong encryption for instant messaging conversations. OTR uses a combination of the AES symmetric-key algorithm, the Diffie–Hellman key exchange, and the SHA-1 hash function...