Deniable authenticated encryption for e-mail applications.

In this paper, we introduce a deniable electronic mail authenticated encryption service. Our design meets the security requirement of the current Pretty Good Privacy and Secure/Multipurpose Internet Mail Extensions to provide message confidentiality and message authentication without the undesired non-repudiation, which can protect the individual privacy of the sender when communication occurs in open channels. Our scheme is based on the bilinear pairings, which is provably secure in the random oracle model under the bilinear Diffie-Hellman and computational Diffie-Hellman assumptions. In addition, our scheme needs a little high communication overhead. However, this extra cost is reasonable for the properties of deniable authentication, confidentiality, and ciphertext anonymity. [ABSTRACT FROM AUTHOR]