This paper presents a deniable authenticated key agreement protocol. This protocol can provide an authenticated session key while the sender and the receiver can deny their in- volvement in such a protocol if the protocol is executed success- fully. Then both can deny their transmitted messages protected by the authenticated session key. If this protocol fails, no authenti- cated session key can be established and no protected messages can be transmitted. The protocol can be proved secure against key compromise impersonation attack. The protocol employs a new method to isolate a session key from confirmation keys.
TIAN Haibo1,2, CHEN Xiaofeng1,2, ZHANG Fangguo1,2, WEI Baodian1,2 1. School of Information Science and Technology, Sun Yat-Sen University, Guangzhou 510006, Guangdong, China