Paper 2018/424

Circumventing Cryptographic Deniability with Remote Attestation

Lachlan J. Gunn, Ricardo Vieitez Parra, and N. Asokan


Deniable messaging protocols allow two parties to have 'off-the-record' conversations without leaving any record that can convince external verifiers about what either of them said during the conversation. Recent events like the Podesta email dump underscore the importance of deniable messaging to politicians, whistleblowers, dissidents and many others. Consequently, messaging protocols like Signal and OTR are designed with cryptographic mechanisms to ensure deniable communication, irrespective of whether the communications partner is trusted. Many commodity devices today support hardware-assisted remote attestation which can be used to convince a remote verifier of some property locally observed on the device. We show how an adversary can use remote attestation to undetectably generate a non-repudiable transcript from any deniable protocol (including messaging protocols) providing sender authentication. We prove that our attack allows an adversary to convince skeptical verifiers. We describe a concrete implementation of the attack against someone using the Signal messaging protocol. We then show how to design protocols resistant to attestation-based attacks, and in particular how attestation itself can be used to restore deniability by thwarting realistic classes of adversary.

Available format(s)
Publication info
Preprint. MINOR revision.
Contact author(s)
lachlan gunn @ aalto fi
2019-01-11: revised
2018-05-10: received
See all versions
Short URL
Creative Commons Attribution


      author = {Lachlan J.  Gunn and Ricardo Vieitez Parra and N.  Asokan},
      title = {Circumventing Cryptographic Deniability with Remote Attestation},
      howpublished = {Cryptology ePrint Archive, Paper 2018/424},
      year = {2018},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.