Skip to Main Content
In 2006, Shao et al. showed that Wang et al.'s deniable authentication protocol based on ElGamal cryptography is insecure to a person-in-the-middle attack; that is, in the whole process, the receiver cannot be aware of the existence of this adversary as well as the modification of the messages. Furthermore, they also presented a modification of Wang et al.'s protocol to overcome the security flaw. However, the current paper demonstrates that Shao et al.'s improved deniable authentication protocol is susceptible to a malicious receiver's impersonation attack. To mitigate this security breach, we propose an improved deniable authentication protocol based on ElGamal cryptography.