We consider a practical public-key deniable encryption protocol based on the RSA cryptosystem.
The protocol begins with the authentication of the both parties participating in the protocol (the sender
and the receiver of secret message). The authentication is performed by exchanging random values and the
RSA signatures to them. Due to this stage of the protocol the security against coercive attacks of the
active adversary is provided. After the mutual authentication the protocol specifies performing the
deniable encryption of the secret message, like the probabilistic ciphering of some fake message by
using the RSA encryption algorithm. The novelty of the proposed protocol consists in using random
values as single-use public keys that are used to generate single-use shared key with which the sender
encrypts the secret message and the receiver discloses it. The coercive adversary provided with private
keys of the both parties can only disclose the fake message. Proving that the sent cryptogram contains
a message different from the fake one is computationally infeasible for the adversary.
A. A. Moldovyan
Saint-Petersburg National Research University
of Information Technologies, Mechanics and Optics
Kronverksky pr., 10, St.Petersburg, 197101
Russia
E-mail: N. A. Moldovyan
Saint-Petersburg Electrotechnical University “LETI”
Prof. Popova str., 5, St.Petersburg, 197342
Russia
E-mail: V. A. Shcherbacov
Institute of Mathematics and Computer Science
Academy of Sciences of Moldova
Academiei str. 5, MD−2028 Chisinau
Moldova
E-mail:
www.scerb.com