Skip to main content
SpringerLink
Log in

Separable Identity-Based Deniable Authentication: Cryptographic Primitive for Fighting Phishing

  • Conference paper
Public Key Infrastructure (EuroPKI 2006)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4043))

Included in the following conference series:

Abstract

Phishing emails are one of today’s most common and costly forms of digital identity theft. They are now very convincing that even experts cannot tell what is and is not genuine. In a phishing attack, victims are lured by an official looking email to a fraudulent website that appears to be that of a legitimate service provider. Such attacks can be mitigated with digitally-signed emails. Unfortunately, traditional digital signatures will destroy the traditional repudiability of email and they also require the unrelialistic adoption of a Public Key Infrastructure. To overcome this problem, we introduce a new cryptographic primitive called separable identity-based deniable authentication. Firstly, we present a generic construction of such a scheme, and proceed with an efficient construction based on bilinear pairing, which is an instantiation of our generic construction. This construction is an affirmative answer to the open question proposed by Adida, Hohenberger and Rivest [AHR05+].

This work is partially supported by ARC Linkage Project Grant LP0667899.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Abe, M., Ohkubo, M., Suzuki, K.: 1-out-of-n Signatures from a Variety of Keys. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 415–432. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  2. Adida, B., Hohenberger, S., Rivest, R.L.: Fighting Phishing Attacks: A Lightweight Trust Architecture for Detecting Spoofed Emails. In: DIMACS Workshop on Theft in E-Commerce (April 2005)

    Google Scholar 

  3. Adida, B., Hohenberger, S., Rivest, R.L.: Separable Identity-Based Ring Signatures: Theoretical Foundations for Fighting Phishing Attacks. In: DIMACS Workshop on Theft in E-Commerce (April 2005)

    Google Scholar 

  4. Anti-Phishing Working Group. Digital Signatures to Fight Phishing Attacks, Available at http://www.anthiphishing.org/smim-dig-sig.htm

  5. Anti-Phishing Working Group. Phishing Activity Trends Report (November 2004), Available at http://www.antiphishing.org

  6. Ateniese, G., de Medeiros, B.: Identity-based Chameleon Hash and Applications. In: Juels, A. (ed.) FC 2004. LNCS, vol. 3110, pp. 164–180. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  7. Brassard, G., Chaum, D., Crépeau, C.: Minimum Disclosure Proofs of Knowledge. JCSS 37(2), 156–189 (1988)

    MATH  Google Scholar 

  8. Bresson, E., Catalano, D., Pointcheval, D.: A Simple Public-Key Cryptosystem with a Double Trapdoor Decryption Mechanism and Its Applications. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 37–54. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  9. Camenisch, J.L., Michels, M.: Confirmer signature schemes secure against adaptive adversaries (Extended abstract). In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 243–258. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  10. Catalano, D., Gennaro, R., Howgrave-Graham, N., Nguyen, P.Q.: Paillier’s Cryptosystem Revisited. In: ACM CCS 2001 (2001)

    Google Scholar 

  11. Cha, J., Cheon, J.H.: An Identity-based Signature from Gap Diffie-Hellman Groups. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 18–30. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  12. Chaum, D.: Zero-knowledge undeniable signatures. In: Damgård, I.B. (ed.) EUROCRYPT 1990. LNCS, vol. 473, pp. 458–464. Springer, Heidelberg (1991)

    Google Scholar 

  13. Chaum, D.: Designated confirmer signatures. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 86–91. Springer, Heidelberg (1995)

    Chapter  Google Scholar 

  14. Chaum, D., van Antwerpen, H.: Undeniable signatures. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 212–216. Springer, Heidelberg (1990)

    Google Scholar 

  15. Desmedt, Y.: Verifier-Designated Signatures. In: Rump Session, Crypto 2003 (2003)

    Google Scholar 

  16. Dwork, C., Naor, M., Sahai, A.: Concurrent Zero-Knowledge. In: Proc. 30th ACM Symposium on the Theory of Computing, pp. 409–418 (1998)

    Google Scholar 

  17. Galbraith, S.D., Mao, W.: Invisibility and Anonymity of Undeniable and Confirmer Signatures. In: Joye, M. (ed.) CT-RSA 2003. LNCS, vol. 2612, pp. 80–97. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  18. Goldwasser, S., Micali, S., Rivest, R.L.: A digital signature scheme secure against adaptive chosen-message attacks. SIAM Journal of Computing 17(2), 281–308 (1988)

    Article  MATH  MathSciNet  Google Scholar 

  19. Jakobsson, M., Sako, K., Impagliazzo, R.: Designated verifier proofs and their applications. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 143–154. Springer, Heidelberg (1996)

    Google Scholar 

  20. Krawczyk, H., Rabin, T.: Chameleon hashing and signatures. In: Network and Distributed System Security Symposium, The Internet Society, pp. 143–154 (2000)

    Google Scholar 

  21. Laguillaumie, F., Vergnaud, D.: Multi-Designated Verifiers Signatures. In: López, J., Qing, S., Okamoto, E. (eds.) ICICS 2004. LNCS, vol. 3269, pp. 495–507. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  22. Libert, B., Quisquater, J.J.: Identity based Undeniable Signatures. In: Okamoto, T. (ed.) CT-RSA 2004. LNCS, vol. 2964, pp. 112–125. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  23. Naor, M.: Deniable Ring Authentication. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 481–498. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  24. Rivest, R.L., Shamir, A., Tauman, Y.: How to Leak a Secret. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 552–565. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  25. Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985)

    Chapter  Google Scholar 

  26. Susilo, W., Mu, Y.: Non-Interactive Deniable Ring Authentication. In: Lim, J.-I., Lee, D.-H. (eds.) ICISC 2003. LNCS, vol. 2971, pp. 386–401. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  27. Susilo, W., Mu, Y.: Deniable Ring Authentication Revisited. In: Jakobsson, M., Yung, M., Zhou, J. (eds.) ACNS 2004. LNCS, vol. 3089, pp. 149–163. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  28. Zhang, F., Kim, K.: ID-Based Blind Signature and Ring Signature from Pairings. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 533–547. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  29. Zhang, F., Safavi-Naini, R., Susilo, W.: ID-Based Chameleon Hashes from Bilinear Pairings. Cryptology ePrint Archive, Report 2003/208 (2003)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Centre for Information Security Research, School of Information Technology and Computer Science, University of Wollongong, Wollongong, 2522, Australia

    Willy Susilo & Yi Mu

Authors
  1. Willy Susilo
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yi Mu
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Dip. di Automatica ed Informatica, Politecnico di Torino, Corso Duca degli Abruzzi, 24, 10129, Turin, Italy

    Andrea S. Atzeni

  2. Dip. Di Automatica e Informatica, Politecnico di Torino, Corso Duca degli Abruzzi 24, 10129, Torino, Italy

    Antonio Lioy

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Susilo, W., Mu, Y. (2006). Separable Identity-Based Deniable Authentication: Cryptographic Primitive for Fighting Phishing. In: Atzeni, A.S., Lioy, A. (eds) Public Key Infrastructure. EuroPKI 2006. Lecture Notes in Computer Science, vol 4043. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11774716_6

Download citation

  • DOI: https://doi.org/10.1007/11774716_6

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-35151-1

  • Online ISBN: 978-3-540-35152-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation