- Rein CanettiAffiliated withIBM T.J. Watson Research Center
- , Cynthia DworkAffiliated withIBM Almaden Research Center
- , Moni NaorAffiliated withDept. of Computer Science, The Weizmann Institute
- , Rafail OstrovskyAffiliated withBell Communications Research
Consider a situation in which the transmission of encrypted messages is intercepted by an adversary who can later ask the sender to reveal the random choices (and also the secret key, if one exists) used in generating the ciphertext, thereby exposing the cleartext. An encryption scheme is deniable if the sender can generate 'fake random choices' that will make the ciphertext ‘look like’ an encryption of a different cleartext, thus keeping the real cleartext private. Analogous requirements can be formulated with respect to attacking the receiver and with respect to attacking both parties.
In this paper we introduce deniable encryption and propose constructions of schemes with polynomial deniability. In addition to being interesting by itself, and having several applications, deniable encryption provides a simplified and elegant construction of adoptively secure multiparty computation.
- Deniable Encryption
- Book Title
- Advances in Cryptology — CRYPTO '97
- Book Subtitle
- 17th Annual International Cryptology Conference Santa Barbara, California, USA August 17–21, 1997 Proceedings
- pp 90-104
- Print ISBN
- Online ISBN
- Series Title
- Lecture Notes in Computer Science
- Series Volume
- Series ISSN
- Springer Berlin Heidelberg
- Copyright Holder
- Additional Links
- Industry Sectors
- eBook Packages
- Author Affiliations
- 1. IBM T.J. Watson Research Center, USA
- 2. IBM Almaden Research Center, USA
- 3. Dept. of Computer Science, The Weizmann Institute, USA
- 4. Bell Communications Research, MCC 1C-365B, Morristown, N.J.
To view the rest of this content please follow the download PDF link above.