Paper 2013/684

Fully Bideniable Public-Key Encryption

Marcel Šebek

Abstract

Bideniable encryption allows both sender and receiver in a public-key setting to simultaneously claim that a different message of their choice was transmitted, and support this claim by a good-looking encryption and key-generation randomness, respectively. A weaker version with two variants of algorithms is called flexible or multi-distributional deniability, a stronger one-algorithm version is called full deniability. Bendlin et al. (ASIACRYPT 2011) showed that certain kinds of fully-deniable schemes are constructible using corresponding flexible schemes. In this paper, we show that their construction in the bideniable case has a flaw, and we provide a fixed scheme. Our construction relies on a deterministic subset matching algorithm that assigns to each nonempty subset of a finite set its proper subset reduced by exactly one element. Although this algorithm is crucial in our construction, it may also be of independent interest.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Preprint. MINOR revision.
Keywords
deniable encryptionplausible deniabilityfully bideniable PKEsubset matching
Contact author(s)
marcel sebek @ matfyz cz
History
2013-10-24: received
Short URL
https://ia.cr/2013/684
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2013/684,
      author = {Marcel Šebek},
      title = {Fully Bideniable Public-Key Encryption},
      howpublished = {Cryptology ePrint Archive, Paper 2013/684},
      year = {2013},
      note = {\url{https://eprint.iacr.org/2013/684}},
      url = {https://eprint.iacr.org/2013/684}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.