可否認的驗證協定必須滿足兩項特性:包括(1)只有指定的接收者能驗證已接收資料之來源,稱為可驗證性;以及(2)此指定的接收者無法向第三者證明資料來源端的身分,稱為可否認性。 為了滿足可否認性,在過去所提出的可否認驗證協定中,接收者可以偽造傳送者傳來的訊息。既然接收者可以自行偽造訊息,傳送者即可否認曾有傳送訊息的動作。雖然傳送者可以否認資料是由他所送出,但當指定的接收者向別人聲稱收到的資訊並非由傳送者所給予,傳送者也無法拿出證據證明接收者之陳述並非事實。為了證明資料的確實是由傳送者所送出,於是我們提出具有傳送資料者保護機制的可否認的驗證協定。在這樣的協定當中,雖然接收者仍然可以偽造訊息,但使用者有能力可以證明自己所傳過的訊息確實是自己傳送的。 為了在可否認驗證協定中,更進一步保護傳送者權益的目的,最好是讓傳送者在協定中變成匿名的。於是,我們的可否認驗證協定的研究,另一項目標即是設計出可以讓傳送者匿名的保護措施。 A deniable authentication protocol should satisfy the property that only the intended receiver authenticates the sender’s identity of received messages. This property is called authentication property. On the other hand, the intended receiver cannot prove the sender’s identity to the third party. The second property is called deniability property. To satisfy deniability property, in most deniable authentication protocols, the receiver is able to forge/modify the received message from the sender. Since the received data is forgeable by the receiver, the sender easily denies that he/she sent the data. Although the sent message is deniable for the sender, the sender still has no evidence to prove that he/she sent the message to prevent the receiver’s circumvention. In this propose, a new property, sender protection, is proposed for the deniable authentication protocol. In a deniable authentication protocol with sender protection, although the sent message is still forgeable by the receiver, the sender can provide an evidence to prove that whether or not the message is really sent from him/her. To protect senders more completely, it is better that the sender is anonymous in a deniable authentication protocol. Therefore, another goal of our research is to design a deniable authentication protocols with anonymous and protected sender.
