Authentication, Enhanced Security and Error Correcting Codes

Y. Aumann, M. O. Rabin

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review


In electronic communications and in access to systems, the issue of authentication of the Sender S of a message M, as well as of the message itself, is of paramount importance. Recently S. Goldwasser has raised the additional issue of Deniable Authentication where the sender S authenticates the message M to the Receiver's (R) satisfaction, but can later deny his authorship of M even to an Inquisitor INQ who has listened to the exchange between S and R and who gains access to all of the the secret information used by S and R. We present two practical schemes for Deniable Authentication of messages M of arbitrary length n. In both schemes the Receiver R is assured with probability greater than 1 − 2−k , where k is a chosen security parameter, that M originated with the Sender S. Deniability is absolute in the information theoretic sense. The first scheme requires 2.4kn XOR operations on bits and one public key encoding and decoding of a short message. The second scheme requires the same number of XOR operations and k multiplications mod N, where N is some fixed product of two large primes. A key new feature of our method is the use of a Shannon-style error correction code. Traditional authentication for a long message M starts by hashing M down to a standard word-size. We expand M through error correction. The first Deniable Authentication method is provably valid for any encryption scheme with minimal security properties, i.e. this method is generic. The second Deniable Authentication method is provably valid under the usual assumption that factorization is intractable.
Original languageAmerican English
Title of host publication18th Annual International Cryptology Conference
PublisherSpringer Berlin Heidelberg
StatePublished - 1998

Bibliographical note

Place of conference:Santa Barbara, California, USA


Dive into the research topics of 'Authentication, Enhanced Security and Error Correcting Codes'. Together they form a unique fingerprint.

Cite this