Deniable authentication


(Andre Stephenson ) #1

Is deniable authentication useful in the context of Corda? I know that it is not supported based on my readings of the technical paper. WHY is this the case ? I am a noob so please obliged my curiosity. :slight_smile:


(Roger Willis) #2

What do you mean by “deniable authentication” specifically? Cheers


(Andre Stephenson ) #3

@roger by this I mean message authentication between a set of peers where the peers can be confident in the authenticity of the message, but its authenticity cannot be proved to a third party.

It seems to me that this would prevent attackers from compromising the interaction between the nodes on the platform.

Am I correct in making that assumption? I am still learning these concepts so apologies if this question is stupid. :slight_smile:


(Roger Willis) #4

No worries. As I understand, with Corda, peers CAN be confident in the authenticity of messages. Firstly, we use TLS (transport layer security) for inter-node communications - this mitigates man in the middle attacks and all nodes will be issued a certificate which attests to the identity of the node operator.


(Mike Hearn) #5

We don’t use deniable authentication because people typically require the opposite: they want to be able to prove message sequences to third parties in case of dispute resolution.

Deniable cryptography tends to come from a context of activists fighting repressive governments. Thus they want to communicate without anyone being able to prove they did, even if the other side is “turned”. In the context of financial institutions it’s much less relevant.