Deniable Secret Handshake Protocol - Revisited

  • Somnath PanjaEmail author
  • Sabyasachi Dutta
  • Kouichi Sakurai
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 926)


The notion of deniability ensures that the transcript generated in an interactive protocol does not yield any evidence of the interaction. In the context of key-exchange protocols for secure message transmission, the notion of deniability is well-explored. On the other hand, a secret handshake protocol enables a group of authorized users to establish a shared secret key and authenticate each other. Recently, a framework for deniable secret handshake is proposed by Tian et al. in ISPEC 2018. We analyze the protocol, show three flaws and give solutions to prevent them.


Secret handshake Key exchange Deniability Public random oracle 



The first author is financially supported by Indian Statistical Institute, Kolkata, India under a research fellowship program. The work presented in this paper was carried out while the first author visited Kyushu University, Japan. The second author is financially supported by the National Institute of Information and Communications Technology (NICT), Japan under an International Exchange Program. The third author is partially supported by JSPS Grant-in-Aid for Scientific Research KAKENHI (C) JP18K11297.


  1. 1.
    Balfanz, D., Durfee, G., Shankar, N., Smetters, D.K., Staddon, J., Wong, H.-C.: Secret handshakes from pairing-based key agreements. In: IEEE S&P 2003, pp. 180–196 (2003)Google Scholar
  2. 2.
    Bellare, M., Rogaway, P.: Random oracles are practical: a paradigm for designing efficient protocols. In: ACM CCS 1993, pp. 62–73 (1993)Google Scholar
  3. 3.
    Burmester, M., Desmedt, Y.G.: Efficient and secure conference-key distribution. In: Lomas, M. (ed.) Security Protocols 1996. LNCS, vol. 1189, pp. 119–129 (1997)Google Scholar
  4. 4.
    Castelluccia, C., Jarecki, S., Tsudik, G.: Secret handshakes from CA-oblivious encryption. In: ASIACRYPT 2004. LNCS, vol. 3329, pp. 293–307. Springer, Heidelberg (2004)Google Scholar
  5. 5.
    Dwork, C., Naor, M., Sahai, A.: Concurrent zero-knowledge. J. ACM 51(6), 851–898 (2004)MathSciNetCrossRefGoogle Scholar
  6. 6.
    Goldreich, O., Krawczyk, H.: On the composition of zero-knowledge proof systems. SIAM J. Comput. 25(1), 169–192 (1996)MathSciNetCrossRefGoogle Scholar
  7. 7.
    Jarecki, S., Kim, J., Tsudik, G.: Group secret handshakes or affiliation-hiding authenticated group key agreement. In: CT-RSA 2007. LNCS, vol. 4377, pp. 287–308 (2006)Google Scholar
  8. 8.
    Jarecki, S., Kim, J., Tsudik, G.: Beyond secret handshakes: affiliation-hiding authenticated key exchange. In: CT-RSA 2008. LNCS, vol. 4964, pp. 352–369 (2008)Google Scholar
  9. 9.
    Jarecki, S., Liu, X.: Private mutual authentication and conditional oblivious transfer. In: CRYPTO 2009. LNCS, vol. 5677, pp. 90–107 (2009)Google Scholar
  10. 10.
    Jiang, S., Safavi-Naini, R.: An efficient deniable key exchange protocol (extended abstract). In: FC 2008. LNCS, vol. 5143, pp. 47–52 (2008)Google Scholar
  11. 11.
    Juels, A., Luby, M., Ostrovsky, R.: Security of blind digital signatures. In: Kaliski, B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 150–164. Springer, Heidelberg (1997)Google Scholar
  12. 12.
    Kawai, Y., Tanno, S., Kondo, T., Yoneyama, K., Ohta, K., Kunihiro, N.: Extension of secret handshake protocols with multiple groups in monotone condition. IEICE Trans. 93–A(6), 1122–1131 (2010)CrossRefGoogle Scholar
  13. 13.
    Manulis, M., Poettering, B., Tsudik, G.: Affiliation-hiding key exchange with untrusted group authorities. In: ACNS 2010, pp. 402–419 (2010)Google Scholar
  14. 14.
    Manulis, M., Poettering, B., Tsudik, G.: Taming big brother ambitions: more privacy for secret handshakes. In: Privacy Enhancing Technologies 2010, pp. 149–165 (2010)Google Scholar
  15. 15.
    Pass, R.: On deniability in the common reference string and random oracle model. In: CRYPTO 2003, pp. 316–337 (2003)Google Scholar
  16. 16.
    Di Raimondo, M., Gennaro, R., Krawczyk, H.: Deniable authentication and key exchange. In: ACM CCS 2006, pp. 400–409 (2006)Google Scholar
  17. 17.
    Schäge, S.: TOPAS: 2-pass key exchange with full perfect forward secrecy and optimal communication complexity. In: CCS, pp. 1224–1235. ACM (2015)Google Scholar
  18. 18.
    Tian, Y., Li, Y., Zhang, Y., Li, N., Yang, G., Yu, Y.: DSH: deniable secret handshake framework. In: ISPEC 2018, pp. 341–353 (2018)Google Scholar
  19. 19.
    Tian, Y., Zhang, S., Yang, G., Mu, Y., Yu, Y.: Privacy-preserving k-time authenticated secret handshakes. In: ACISP (2), pp. 281–300 (2017)Google Scholar
  20. 20.
    Tsudik, G., Xu, S.: A flexible framework for secret handshakes. In: Privacy Enhancing Technologies 2006, pp. 295–315 (2006)Google Scholar
  21. 21.
    Unger, N., Goldberg, I.: Deniable key exchanges for secure messaging. In: ACM CCS 2015, pp. 1211–1223 (2015)Google Scholar
  22. 22.
    Unger, N., Goldberg, I.: Improved strongly deniable authenticated key exchanges for secure messaging. PoPETs 2018(1), 21–66 (2018)Google Scholar
  23. 23.
    Yamashita, N., Tanaka, K.: Secret handshake with multiple groups. In: WISA 2006, pp. 339–348 (2006)Google Scholar
  24. 24.
    Yao, A.C.-C., Zhao, Y.: Privacy-preserving authenticated key-exchange over internet. IEEE TIFS 9(1), 125–140 (2014)Google Scholar
  25. 25.
    Yung, M., Zhao, Y.: Interactive zero-knowledge with restricted random oracles. In: TCC 2006. LNCS, vol. 3876, pp. 21–40 (2006)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  • Somnath Panja
    • 1
    Email author
  • Sabyasachi Dutta
    • 2
  • Kouichi Sakurai
    • 2
  1. 1.Applied Statistics UnitIndian Statistical InstituteKolkataIndia
  2. 2.Faculty of Information Science and Electrical EngineeringKyushu UniversityFukuokaJapan

Personalised recommendations