Practical Deniable Encryption

  • Marek Klonowski
  • Przemysław Kubiak
  • Mirosław Kutyłowski
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4910)


A party using encrypted communication or storing data in an encrypted form might be forced to show the corresponding plaintext. It may happen for law enforcement reasons as well as for evil purposes. Deniable encryption scheme introduced by Canetti et al. shows that cryptography can be used against revealing information: the owner of the data may decrypt it in an alternative way to a harmless plaintext. Moreover, it is impossible to check if there is another hidden plaintext.

The scheme of Canetti is inefficient in the sense that it is a special purpose scheme and using it indicates that there is some hidden message inside. We show that deniable encryption can be implemented in a different way so that it does not point to exploiting deniable encryption. Moreover, it is quite straightforward, so it can be used for both good and evil purposes.

Apart from that we show that even the special purpose original scheme can be extended to allow, in some circumstances, any “depth” of deniability.


deniable encryption 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Anderson, R.J., Vaudenay, S., Preneel, B., Nyberg, K.: The Newton channel. In: Anderson, R.J. (ed.) Information Hiding. LNCS, vol. 1174, pp. 151–156. Springer, Heidelberg (1996)Google Scholar
  2. 2.
    Canetti, R., Dwork, C., Naor, M., Ostrovsky, R.: Deniable encryption (preliminary version) (May 10, 1996)Google Scholar
  3. 3.
    Canetti, R., Dwork, C., Naor, M., Ostrovsky, R.: Deniable encryption. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 90–104. Springer, Heidelberg (1997)Google Scholar
  4. 4.
    Canetti, R., Gennaro, R.: Incoercible multiparty computation (extended abstract). In: FOCS, pp. 504–513. IEEE Comp. Soc, Los Alamitos (1996)Google Scholar
  5. 5.
    ElGamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 10–18. Springer, Heidelberg (1985)CrossRefGoogle Scholar
  6. 6.
    ElGamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans. Inf. Theory 31(4), 469–472 (1985)zbMATHCrossRefMathSciNetGoogle Scholar
  7. 7.
    Kobara, K., Imai, H.: Semantically secure McEliece public-key cryptosystems-conversions for McEliece PKC. In: Kim, K.-c. (ed.) PKC 2001. LNCS, vol. 1992, pp. 19–35. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  8. 8.
    McEliece, R.J.: A public-key system based on algebraic coding theory. In: DSN Progress Report 42-44, pp. 114–116. Jet Propulsion Lab (1978)Google Scholar
  9. 9.
    Möller, B.: A public-key encryption scheme with pseudo-random ciphertexts. In: Samarati, P., Ryan, P.Y.A., Gollmann, D., Molva, R. (eds.) ESORICS 2004. LNCS, vol. 3193, pp. 335–351. Springer, Heidelberg (2004)Google Scholar
  10. 10.
    Naor, M.: Deniable ring authentication. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 481–498. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  11. 11.
    Näslund, M.: Bit Extraction, Hard-Core Predicates, and the Bit Security of RSA. Doctoral Thesis, Royal Institute of Technology, Department of Numerical Analysis and Computing Science, Stockholm (August 1998)Google Scholar
  12. 12.
    Young, A., Yung, M.: Kleptography: Using cryptography against cryptography. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 62–74. Springer, Heidelberg (1997)Google Scholar
  13. 13.
    Young, A., Yung, M.: Malicious cryptography: Kleptographic aspects. In: Menezes, A.J. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 7–18. Springer, Heidelberg (2005)Google Scholar
  14. 14.
    Young, A., Yung, M.: A space efficient backdoor in RSA and its applications. In: Preneel, B., Tavares, S.E. (eds.) SAC 2005. LNCS, vol. 3897, pp. 128–143. Springer, Heidelberg (2006)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Marek Klonowski
    • 1
  • Przemysław Kubiak
    • 1
  • Mirosław Kutyłowski
    • 1
  1. 1.Institute of Mathematics and Computer ScienceWrocław University of Technology 

Personalised recommendations