1. "It's not that I'm so smart, it's just that I stay with problems longer." -- Albert Einstein

2. IMPROVEMENT INDENIALBE AUTHENTICATION PROTOCOL USING DIFFIE-HELLMAN ALGORITHM BY – SUMIT TIWARI 2005H112056

3. Outline • Introduction • Related Works • Prerequisites • Fan et al. protocol • Proposed Deniable Authentication Scheme • Security Analysis • Conclusion • References

4. INTRODUCTION • Deniable Authentication Protocol • The Receiver can verify source of the message. • The Receiver cannot prove the source of the message to the third party. • Used in Electronic Voting Systems.

5. Related Works • Aumann and Rabin also proposed deniable authentication protocol based on factoring in 1998. • Den et al. proposed two deniable authentication protocols based on the factoring and the discrete logarithm problem respectively. • All of above protocol need public directory, which is trusted by the sender and the receiver.

6. Fan Et al. Scheme • Deniable Authentication Protocol using Diffie-Hellman Key Distribution. • Problem – • An Intruder can convince Sender to initiate protocol with him.

7. Prerequisites • Diffie-Hellman key exchange algorithm. • Need • q Prime number & a < q and a be the primitive root of q (Global) • Both A and B Select XA and XB (privately)< q • Calculates YA = a XA mod q & YB = a XB mod q • Key k = (YA ) XB mod q= (YB ) XA mod q

8. Review of the Fan et al.’s scheme • Both A (Sender) and B (Receiver) selects i and j large random number.

9. Review of the Fan et al.’s scheme

10. Drawback’s of Fan et al. Protocol

11. Drawback (Cont …)

12. Improvement at Fan et al. Scheme • Preliminaries • A & B must take certificate from Certificate Authority before negotiation. Cert(A) and Cert(B) • A and B know the public number g and P where P is a large prime number and g is the primitive root of P. • YA = g XA mod P • YB = g XB mod P

13. Proposed Algorithm 1. A select large random integer tA and calculates I = (YB ) XAtA mod P = (g) XBXAtA mod P rA = (YA ) tA mod P SA = tA + (XA -1) * H(I)mod(P-1) I, SA ,rA ,Cert(A) are send to B

14. Proposed Algorithm 2. B verifies A’s Public key according to Cert(A).B checks whether YA SA = rA*( g) H(I) mod P B convinced that I is indeed valid partial session key.

15. Proposed Algorithm 3.B selects the large random number tB J = (YA ) XBtB mod P = (g) XBXAtB mod P rB = (YB ) tB mod P = (g) XBtB mod P k = (I) tB mod P = (g) XAtAXBtB mod P SB = tB + (XB -1) * H(J || k)mod(P-1)

16. Proposed Algorithm 4.After receiving the transmitted data A first verifies B’s public key according to Cert(B) and then computes K’ = (J) tA mod P = (g) XAtAXBtB mod P after that A checks whether YB SB = rB*( g) H(J || K’) mod P 5. When A wants to send the message M to B A computes D = H (K’,M) and sends M and D to B.

17. Proposed Algorithm • After getting M & D , B checks weather H(k,M) = D. If no errors then comparison will be successful and k = k’.

19. Security Analyses • C can try to get A’s or B’s secret key from (I, rA, SA ) or (J, rB, SB). • C wants to forge the valid data send from A/B. • C cannot fool innocent user A. He does not know B’s Secret key. He cannot compute (J, rB, SB) & k. • B cannot prove the source of delivered message sent from A to the third party C.

20. Achieved Properties • The Proposed Protocol is deniable • Mutual Authentication is confirmed. • The Algorithm proposed provided efficiency.

21. Conclusion • Fan et al. proposed a deniable authentication protocol. • It lacks efficiency and malacious user can play tricks. • The Proposed protocol is deniable, secure and efficient.

22. Queries "Not every thing that can be counted counts and not everything that counts can be counted."

23. References • An Improvement on a deniable authentication protocol – Ya–Fan Chanf, Chin-Chen Chang. • Deniable Authentication Protocols based on diffie hellman key exchange – Fan L.,Xu ,C.-x.