xu chongxiang,fan lei,li jianhua

DOI: https://doi.org/10.3969/j.issn.1002-0802.2002.04.022

2002-01-01

Abstract:A deniable authentication protocol is proposed in this paper.This proto col is based on public key algorithm,Hash function and common key encryption are used.T his protocol can make the re-ceiver assure the source of a given me ssage,but others cannot do that.At t he same time,this protocol can resist Person -In -the -Middle(PIM)attack.deniable authentication,public -key algorithm,person -in -the -middl e attack

YJ Wang,JH Li,L Tie

DOI: https://doi.org/10.1002/net.20062

2005-01-01

Abstract:Deniable authentication is different from traditional authentication in that the receiver cannot prove the source of a given message to a third party. This article presents a new deniable authentication protocol, based on ElGamal cryptography. The protocol meets the two properties of deniable authentication and can withstand person-in-middle (PIM) attacks. Compared with previous schemes, it is simpler and more efficient. © 2005 Wiley Periodicals, Inc. NETWORKS, Vol. 45(4), 193–194 2005

Chunhua Jin,Chunxiang Xu,Xiaojun Zhang,Qianna Xie,Fagen Li

DOI: https://doi.org/10.1080/1206212x.2016.1188564

2015-01-01

Abstract:Deniable authenticate is a different and attractive authenticate mechanism compared with the traditional authentication. It allows the appointed receiver to identify the identity of the sender, but not to prove the source of a given message to a third party even if the appointed receiver is willing to reveal its private key. Certificateless public key cryptography can solve both the public key certificate management problem of public key infrastructure-based cryptography and the key escrow problem of identity-based cryptography. In this paper, we first define a security model for certificateless deniable authentication protocols. Then we propose a non-interactive certificateless deniable authentication protocol. In addition, we prove its security in the random oracle model. Our protocol can be applied in many actual application scenarios, such as electronic voting, electronic tendering, and online shopping.

Chunhua Jin,Chunxiang Xu,Xiaojun Zhang,Fagen Li

DOI: https://doi.org/10.1504/ijesdf.2015.069611

2015-01-01

International Journal of Electronic Security and Digital Forensics

Abstract:A deniable authentication protocol enables an intended receiver to identify the source of a given message, but the receiver cannot prove the source of a given message to any third party. It is very useful in some particular applications such as electronic voting, online negotiation and online shopping. However, many related protocols are lack of formal security proof which is very important for cryptographic protocol design. In this paper, we present a certificateless deniable authentication protocol. Our protocol is based on certificateless cryptography, which can solve the public key certificate management problem of public key infrastructure PKI-based cryptography and the key escrow problem of identity-based cryptography. Our protocol does not need the pairing operation which is the most time-consuming. In addition, our protocol can admit formal security proof in the random oracle model and resist key compromise impersonation KCI attack. Compared with the existing deniable authentication protocols, our protocol can be well applied in electronic voting system.

L Fan,CX Xu,JH Li

DOI: https://doi.org/10.1049/el:20020502

2002-01-01

Electronics Letters

Abstract:Deniable authentication is a new kind of authentication, by which means a receiver cannot prove the source of a message to a third party. A deniable authentication protocol, which is based on the Deffie-Hellman key exchange protocol, is presented. It does not require a trusted third party, and the protocol can resist person-in-the-middle attack.

Shaoquan Jiang,Yeow Meng Chee,San Ling,Huaxiong Wang,Chaoping Xing

DOI: https://doi.org/10.1016/j.ic.2022.104866

IF: 1.24

2022-01-01

Information and Computation

Abstract:A deniable secure key exchange protocol allows two parties to agree on a common secret while achieving two seemingly contradictory functionalities: authentication and deniability. The former requires each party to confirm the identity of the other while the latter requires any attacker (e.g., participant or eavesdropper) be unable to prove to a third party an honest party's participation. Designing an efficient secure key exchange with deniability is a challenging problem. In this paper, we first formalize the deniability model by requiring information theoretic deniability with an eavesdropping attack. The information theoretic deniability has the advantage that it can hold forever without any computational assumption. An eavesdropping attack (Di Raimondo et al., CCS'06) allows an attacker to apply eavesdropped transcripts into an active attack session. This gives an attacker more power to make the victim undeniable as he does not know the randomness of the transcript. We then propose an efficient, provably deniable secure framework of key exchange. Our deniability holds non-adaptively in the eavesdropping model. However, if we consider a model without an eavesdropping attack (which is practical in many scenarios), then our framework is proven adaptively deniable. This is important since no previous key exchange protocols can satisfy our adaptive and information theoretical deniability. We give a concrete realization for our framework that is more efficient than SKEME (Krawczyk, NDSS'96).

Chunbo Ma,Jun Ao,Jianhua Li

DOI: https://doi.org/10.1007/978-3-540-74282-1_117

2007-01-01

Abstract:Lee et al.'s presented a Verifier-based key agreement protocol in 2004. They claimed that their protocol was secure against Stolen-verifier attack in the case of server compromise. However, it is not really a secure protocol. In this paper, we briefly review this scheme and demonstrate the flaw, which once was pointed out by Shim and Seo. Subsequently, we propose a novel Verifier-based authenticated key agreement protocol and show that it withstands Stolen-verifier attack, Dictionary attack, and man-in-middle attack.

Chengyu Fan,Shijie Zhou,Fagen Li

DOI: https://doi.org/10.1109/ispa.2009.113

2009-01-01

Abstract:A deniable authentication allows the receiver to identify the source of the received messages but cannot prove it to any third party. However, the deniability of the content, which is called restricted deniability in this paper, is concerned in electronic voting and some other similar application. At present, most non-interactive deniable authentication protocols cannot resist weaken key-compromise impersonation (W-KCI) attack. To settle this problem, a non-interactive identity-based restricted deniable authentication protocol is proposed. It not only can resist W-KCI attack but also has the properties of communication flexibility. It meets the security requirements such as correctness, restricted deniability as well. Therefore, this protocol can be applied in electronic voting.

Cheng Jicheng,Yang Shoubao

DOI: https://doi.org/10.3969/j.issn.1000-386X.2006.04.042

2006-01-01

Abstract:Deniable authentication is a kind of authentication by which a receiver cannot prove the source of a message to a third party.A deniable authentication scheme for secret communication suits the sender to parallel implementation is provided.

Chunbo Ma,Jun Ao,Jianhua Li

2007-01-01

Abstract:A password-based tripartite key agreement protocol is presented in this paper. The three entities involved in this protocol can negotiate a common session key via a shared password over insecure networks. Proofs are given to show that the proposed protocol is secure against forging and chosen message attacks in the case of without actually running a dictionary attack.

BT Hsieh,HM Sun

2004-01-01

IEICE Transactions on Communications

Abstract:A deniable authentication protocol is used to identify the source of a received message for a receiver. but the receiver is unable to prove to a third party the source of the received message. Recently, Fan et al. proposed a deniable authentication protocol based on Diffie-Hellman algorithm. In this paper. we show that Fan et al.'s protocol does not possess the deniable property as they claimed. A cheating receiver can prove the source of the received message to a third party. In addition, we also present a modification of Fan et al.'s protocol to overcome the security flaw.

Fagen Li,Tsuyoshi Takagi

DOI: https://doi.org/10.1007/s11277-012-0640-4

IF: 2.017

2012-01-01

Wireless Personal Communications

Abstract:A deniable authentication protocol enables a receiver to identify the source of a given message, but the receiver cannot prove the source of the message to a third party. Recently, Yoon et al. (Wirel Pers Commun 55:81–90, 2010) proposed a robust deniable authentication protocol based on ElGamal cryptosystem. Although they proved that their protocol satisfies the deniable authentication, mutual authentication and confidentiality, we show that their protocol does not satisfy the deniable authentication property. The receiver can prove the source of a given message to a third party. In addition, we propose an improved protocol that removes this weakness.

Hu Xiong,Zhong Chen,Fagen Li

DOI: https://doi.org/10.1016/j.mcm.2011.10.001

2012-01-01

Mathematical and Computer Modelling

Abstract:Authenticated key agreement (AKA) protocols are multi-party protocols in which entities exchange public information allowing them to create a common secret key that is known only to those entities over an open network. Recently, in order to circumvent the key escrow problem inherent to ID-based cryptography and the certificate management burden in traditional public key infrastructure, the notion of certificateless public key cryptography (CL-PKC) was introduced. In this paper, we first present a security model for certificateless AKA protocols for three parties, and then propose an efficient construction based on bilinear pairings. The security of the proposed scheme can be proved to be equivalent to the computational Diffie–Hellman problem in the random oracle model.

Miaomiao Zhang,Gongliang Chen,Jianhua Li

DOI: https://doi.org/10.1109/imsccs.2006.218

2006-01-01

Abstract:This paper introduces a new digital signature primitive that allows a proxy signer to sign messages on behalf of the original signer, in a way that do not allow the recipient of the signature to disclose the contents of the signed information to any third party without the proxy signer's consent. The above primitive, called proxy chameleon signature enjoys all the attributes in the normal proxy signature and chameleon signature, and it is also proved secure against existential forgery under adaptive chosen message attack in the random oracle model assuming Weak-DH problem is hard.

Tianjie Cao,Dongdai Lin,Rui Xue

DOI: https://doi.org/10.1109/AINA.2005.100

2005-01-01

Abstract:Deniability is a privacy property that ensures protocol participants can later deny taking part in a particular protocol run. A deniable authentication protocol enables an intended receiver to identify the source of a given message, but not prove the identity of the sender to a third party even if the intended receiver is willing to reveal his secret-key. In this paper, we present an efficient ID-based deniable authentication protocol from pairings. The proposed protocol satisfies the correctness, authentication and deniability properties.

Jianbin Hu,Hu Xiong,Zhi Guan,Cong Tang,Yonggang Wang,Wei Xin,Zhong Chen

DOI: https://doi.org/10.1109/ISPAW.2011.15

2011-01-01

Abstract:Key agreement protocols are multi-party protocols in which entities exchange public information allowing them to create a common secret key that is known only to those entities and which cannot be predetermined by any party. Recently, the notion of certificateless public key cryptography was introduced to mitigate the heavy certificate management burden in traditional public key infrastructure and key escrow problem in ID-based cryptosystem. In this paper, we present an efficient certificateless three-party authenticated key agreement protocol based on certificateless signature scheme. We show that the proposed protocol is secure (i.e. conforms to defined security attributes) while being efficient.

Hu Xiong,Zhong Chen,Fagen Li

DOI: https://doi.org/10.1016/j.jnca.2012.10.001

IF: 7.574

2013-01-01

Journal of Network and Computer Applications

Abstract:Key agreement allows multi-parties exchanging public information to create a common secret key that is known only to those entities over an insecure network. In the recent years, several identity-based (ID-based) authenticated key agreement protocols have been proposed and most of them broken. In this paper, we formalize the security model of ID-based authenticated tripartite key agreement protocol and propose a provably secure ID-based authenticated key agreement protocol for three parties with formal security proof under the computational Diffie-Hellman assumption. Experimental results by using the AVISPA tool show that the proposed protocol is secure against various malicious attacks.

Liang Ni,GongLiang Chen,JianHua Li,YanYan Hao

DOI: https://doi.org/10.1007/s11432-011-4520-4

IF: 3.218

2012-01-01

Computers & Mathematics with Applications

Abstract:Escrowable identity-based authenticated key agreement(AKA) protocols are desirable under certain circumstances especially in certain closed groups applications.In this paper,we focus on two-party identitybased AKA schemes in the escrow mode,and present a strongly secure escrowable identity-based AKA protocol which captures all basic desirable security properties including perfect forward secrecy,ephemeral secrets reveal resistance and so on.The protocol is provably secure in the extended Canetti-Krawczyk model,and its security can be reduced to the standard computational bilinear Diffie-Hellman assumption in the random oracle model.Assuming no adversary can obtain the master private key for the escrow mode,our scheme is secure as long as each party has at least one uncompromised secret.Also,we present two strongly secure variants of the protocol,which are computationally more efficient than the original scheme.

Ying Sun,Jiwen Chai,Huihui Liang,Jianbing Ni,Yong Yu

DOI: https://doi.org/10.1109/INCoS.2013.87

2013-01-01

Abstract:The electronic cheque (E-cheque), a mode of electronic payments, makes it possible for the customers to remotely pay their products through the Internet. However, because of the openness of the network, the E-cheque is confronted with many secure threats when transferring via this public communication channel. Moreover, some resource limited devices such as smart phones are used in the electronic commerce as the Internet-enabled terminals. Thus, a secure and efficient E-cheque system is of critical importance that the customer can exchange with the merchants. In this paper, we propose an E-cheque protocol based on the chameleon hash function. In our protocol, if the customer generates a dud E-cheque, anyone is able to find a collusion of the chameleon hash and the secret key of the customer is disclosed. We further prove the security of the protocol against the malicious customer in the random oracle model. Compared with the previous E-cheque schemes, our protocol has the advantages of low computation and communication overheads.

Rui Jiang,LI Jian-Hua,Li Pan,蒋睿,李建华,潘理

2006-01-01

Abstract:Simple authenticated key agreement algorithm is one of the Diffie-Hellman key agreement variations. It prevents man-in-the-middle attack with only two more packets required to agree on the secret session key, but it has some weaknesses. In this paper, a new enhanced simple authenticated key agreement algorithm is proposed to overcome these weaknesses on the basis of analyzing the weaknesses of the related protocols. The new enhanced simple authenticated key agreement algorithm can get over replay attack and password guessing attack, provide perfect forward secrecy, and hold the merits of the simple authenticated key agreement algorithm.