Full and partial deniability for authentication schemes

Deniable authentication is a type of authentication protocol with the special property of deniability. However, there have been several different definitions of deniability in authentication protocols. In this paper, we clarify this issue by defining two types of deniable authentication: In the first type of deniable authentication, the receiver of the authenticated message cannot prove to a third party that the sender has authenticated any message to him. We call this type of deniability full deniability. In the second type of deniable authentication, whilst the receiver can prove to a third party that the sender has authenticated some message to him, but he cannot prove to a third party that the sender has authenticated any particular message to the receiver. We call this type of deniability partial deniability. Note that partial deniability is not implied by full deniability, and that it has applications different from those of full deniability. Consequently, we present two identity-based authentication schemes and prove that one is fully deniable while the other is partially deniable. These two schemes can be useful in different scenarios.