Strongly Deniable Identification Schemes Immune to Prover’s and Verifier’s Ephemeral Leakage

Abstract

In this paper, we consider Identification Schemes (IS) in the context of attacks against their deniability via Fiat-Shamir transformations. We address the following issue: How to design and implement a deniable (IS), that is secure against ephemeral leakage on both a Prover’s and a Verifier’s side, and withstands attacks based on Fiat-Shamir transformation. We propose a new security model to address the leakage on the Verifier’s side, extending the previous propositions [1]. During the Query Stage, we allow the malicious Verifier to set random values used on the Prover’s side. Additionally, we allow malicious Prover to access ephemeral values of the Verifier during the Impersonation Stage. We introduce two generic constructions based on three-step (IS). Finally, we provide an example scheme based on the extended construction from [1], which is provably deniable and secure in our new strong model.