Authentication, enhanced security and error correcting codes

TLDR: The first Deniable Authentication method is provably valid for any encryption scheme with minimal security properties, i.e. this method is generic, and the second method is Provably valid under the usual assumption that factorization is intractable.

Abstract: In electronic communications and in access to systems, the issue of authentication of the Sender S of a message M, as well as of the message itself, is of paramount importance. Recently S. Goldwasser has raised the additional issue of Deniable Authentication where the sender S authenticates the message M to the Receiver's (R) satisfaction, but can later deny his authorship of M even to an Inquisitor INQ who has listened to the exchange between S and R and who gains access to all of the the secret information used by S and R. We present two practical schemes for Deniable Authentication of messages M of arbitrary length n. In both schemes the Receiver R is assured with probability greater than 1 - 2 -k , where k is a chosen security parameter, that M originated with the Sender S. Deniability is absolute in the information theoretic sense. The first scheme requires 2.4kn XOR operations on bits and one public key encoding and decoding of a short message. The second scheme requires the same number of XOR operations and k multiplications mod N, where N is some fixed product of two large primes. A key new feature of our method is the use of a Shannon-style error correction code. Traditional authentication for a long message M starts by hashing M down to a standard word-size. We expand M through error correction. The first Deniable Authentication method is provably valid for any encryption scheme with minimal security properties, i.e. this method is generic. The second Deniable Authentication method is provably valid under the usual assumption that factorization is intractable.