Deniable RSA Signature: The Raise and Fall of Ali Baba

The 40 thieves realize that the fortune in their cave is vanishing. A rumor says that Ali Baba has been granted access (in the form of a certificate) to the cave but they need evidence to get justice from the Caliph. On the other hand, Ali Baba wants to be able to securely access to the cave without leaking any evidence. A similar scenario holds in the biometric passport application: Ali Baba wants to be able to prove his identity securely but do not want to leak any transferable evidence of, say, his date of birth. In this paper we discuss the notion of offline non-transferable authentication protocol (ONTAP). We review a construction based on the GQ protocol which could accommodate authentication based on any standard RSA certificate. We also discuss on the fragility of this deniability property with respect to set up assumptions. Namely, if tamper resistance exist, any ONTAP protocol in the standard model collapses.

Published in:
Proceedings of Cryptography and Security: From Theory to Applications, Essays Dedicated to Jean-Jacques Quisquater on the Occasion of His 65th Birthday, 6805, 132-142
Presented at:
Cryptography and Security: From Theory to Applications

 Record created 2012-04-11, last modified 2019-12-05

Download fulltext

Rate this document:

Rate this document:
(Not yet reviewed)