Deniable authentication
In cryptography, deniable authentication refers to message authentication between a set of participants where the participants themselves can be confident in the authenticity of the messages, but it cannot be proved to a third party after the event.[1][2][3]
In practice, deniable authentication between two parties can be achieved through the use of message authentication codes (MACs) by making sure that if an attacker is able to decrypt the messages, they would also know the MAC key as part of the protocol, and would thus be able to forge authentic-looking messages.[4] For example, in the Off-the-Record Messaging (OTR) protocol, MAC keys are derived from the asymmetric decryption key through a cryptographic hash function. In addition to that, the OTR protocol also reveals used MAC keys as part of the next message, when they have already been used to previously received messages and will not be re-used.[5]
See also
References
<templatestyles src="Reflist/styles.css" />
Cite error: Invalid <references> tag; parameter "group" is allowed only.
<references />, or <references group="..." /><templatestyles src="Asbox/styles.css"></templatestyles>
 |
This cryptography-related article is a stub. You can help Wikipedia by expanding it. |
- ↑ Lua error in package.lua at line 80: module 'strict' not found.
- ↑ Lua error in package.lua at line 80: module 'strict' not found. (Download 2005 preprint version)
- ↑ Lua error in package.lua at line 80: module 'strict' not found.
- ↑ Lua error in package.lua at line 80: module 'strict' not found.
- ↑ Lua error in package.lua at line 80: module 'strict' not found.
