Title

Separable identity-based deniable authentication: cryptographic primitive for fighting phishing

RIS ID

15727

Publication Details

Susilo, W. & Mu, Y. (2006). Separable identity-based deniable authentication: cryptographic primitive for fighting phishing. In A. Atzeni & A. Lioy (Eds.), European PKI Workshop: Theory and Practice (pp. 68-80). Germany: Springer-Verlag.

Abstract

Phishing emails are one of today’s most common and costly forms of digital identity theft. They are now very convincing that even experts cannot tell what is and is not genuine. In a phishing attack, victims are lured by an official looking email to a fraudulent website that appears to be that of a legitimate service provider. Such attacks can be mitigated with digitally-signed emails. Unfortunately, traditional digital signatures will destroy the traditional repudiability of email and they also require the unrelialistic adoption of a Public Key Infrastructure. To overcome this problem, we introduce a new cryptographic primitive called separable identity-based deniable authentication. Firstly, we present a generic construction of such a scheme, and proceed with an efficient construction based on bilinear pairing, which is an instantiation of our generic construction. This construction is an affirmative answer to the open question proposed by Adida, Hohenberger and Rivest [AHR05+].

Please refer to publisher version or contact your library.

Share

COinS
 

Link to publisher version (DOI)

http://dx.doi.org/10.1007/11774716_6