Non-interactive Deniable Authentication Protocol

The deniable authentication protocol is a special authentication protocol. It enables an intended receiver to identify the source of a given message, but the intended receiver cannot prove the source of a given message to any third party even if he is willing to reveal his secret key. Thus it can be used to provide freedom from coercion in electronic voting systems, provide security for negotiation over the Internet and protect senders'privacy in electronic-commerce to prevent the receivers from using his signed messages to do something bad to him. During these years, various deniable authentication protocols have been proposed, but they can not meet the needs of the application.This dissertation intensively investigates the characteristic and the application of deniable authentication protocols and some other related theories. Based on the research, some non-interactive deniable authentication protocols which have different attributes are proposed to apply in the field of negotiation through e-mail and electronic voting. To sum up, the researches can be concluded as follows.1. The notions of Weaken Key-Compromise Impersonation (W-KCI) Security and W-KCI Attack in non-interactive deniable authentication protocols are proposed. This dissertation intensively analyzes the present researches and proposes the notions of W-KCI Security and W-KCI Attack in non-interactive deniable authentication protocols.2. An identity-based restricted deniable authentication protocol is proposed. To resist the W-KCI Attack, an identity-based deniable authentication protocol from bilinear pairing is proposed. The new protocol has the property of restricted deniability and provides a flexible way of data transmission, in which users can decide to send encryption messages or non-encryption messages.3. A deniable proxy-anonymous signature scheme and an identity-based deniable authentication protocol for secret communication are proposed. This dissertation investigates proxy signature schemes and proposes a deniable proxy-anonymous signature scheme which can protect the proxy's identity. In the proposed scheme, the proxy signer can not only send deniable messages on behalf of the original signer, but also hide his identity. At last, another identity-based deniable authentication protocol for secret communication is designed and its security is analyzed.