Circumventing Cryptographic Deniability with Remote Attestation

Lachlan J. Gunn 1 , Ricardo Vieitez Parra 2  and N. Asokan 3
  • 1 Aalto University,
  • 2 Aalto University,
  • 3 Aalto University,


Deniable messaging protocols allow two parties to have ‘off-the-record’ conversations without leaving any record that can convince external verifiers about what either of them said during the conversation. Recent events like the Podesta email dump underscore the importance of deniable messaging to politicians, whistleblowers, dissidents and many others. Consequently, messaging protocols like Signal and OTR are designed with cryptographic mechanisms to ensure deniable communication, irrespective of whether the communications partner is trusted.

Many commodity devices today support hardware-assisted remote attestation which can be used to convince a remote verifier of some property locally observed on the device.

We show how an adversary can use remote attestation to undetectably generate a non-repudiable transcript from any deniable protocol (including messaging protocols) providing sender authentication, proving to skeptical verifiers what was said. We describe a concrete implementation of the technique using the Signal messaging protocol. We then show how to design protocols that are deniable even against an adversary capable of attestation, and in particular how attestation itself can be used to restore deniability by thwarting realistic classes of adversary.

If the inline PDF is not rendering correctly, you can download the PDF file here.

  • [1] “ARM security technology: Building a secure system using TrustZone technology,” ARM, White paper, 2009. [Online]. Available:

  • [2] “Intel Software Guard Extensions programming reference,” Tech. Rep., 2014. [Online]. Available:

  • [3] (2016) DKIM verification. [Online]. Available:

  • [4] “Intel Software Guard Extensions SDK for Linux OS: Developer reference,” Tech. Rep., 2016.

  • [5] (2018) Briar: Secure messaging, anywhere. Accessed 2018-04-29. [Online]. Available:

  • [6] (2018) Messenger. Accessed 2018-05-03. [Online]. Available:

  • [7] (2018) OTR version 4. Draft, accessed 2018-05-03. [Online]. Available:

  • [8] “Signal Protocol C library,” Code, 2018, commit 9e10362fce9072b104e6d5a51d6f56d939d1f36e. [Online]. Available:

  • [9] N. Asokan, G. Tsudik, and M. Waidner, “Server-supported signatures,” in ESORICS’96: 4th European Symposium on Research in Computer Security, ser. Lecture Notes in Computer Science, E. Bertino, H. Kurth, G. Martella, and E. Montolivo, Eds., vol. 1146. Springer, Heidelberg, Sep. 1996, pp. 131–143.

  • [10] R. Bahmani, M. Barbosa, F. Brasser, B. Portela, A.-R. Sadeghi, G. Scerri, and B. Warinschi, “Secure multiparty computation from SGX,” in FC 2017: 21st International Conference on Financial Cryptography and Data Security, ser. Lecture Notes in Computer Science, A. Kiayias, Ed., vol. 10322. Springer, Heidelberg, Apr. 2017, pp. 477–497.

  • [11] J. C. Benaloh and D. Tuinstra, “Receipt-free secret-ballot elections (extended abstract),” in 26th Annual ACM Symposium on Theory of Computing. ACM Press, May 1994, pp. 544–553.

  • [12] N. Borisov, I. Goldberg, and E. Brewer, “Off-the-record communication, or, why not to use PGP,” in Proceedings of the ACM Workshop on Privacy in the Electronic Society (WPES), 2004.

  • [13] R. Canetti, “Universally composable security: A new paradigm for cryptographic protocols,” in 42nd Annual Symposium on Foundations of Computer Science. IEEE Computer Society Press, Oct. 2001, pp. 136–145.

  • [14] ——, “Universally composable signatures, certification and authentication,” Cryptology ePrint Archive, Report 2003/239, 2003,

  • [15] I. Carmon, “How we broke the NSA story,” Salon, 2013, 2013-06-10.

  • [16] M. Crispin, “Internet Message Access Protocol - Version 4rev1,” RFC 3501, Mar. 2003. [Online]. Available:

  • [17] T. Dierks and C. Allen, RFC 2246 - The TLS Protocol Version 1.0, Internet Activities Board, Jan. 1999.

  • [18] Y. Dodis, J. Katz, A. Smith, and S. Walfish, “Composability and on-line deniability of authentication,” in TCC 2009: 6th Theory of Cryptography Conference, ser. Lecture Notes in Computer Science, O. Reingold, Ed., vol. 5444. Springer, Heidelberg, Mar. 2009, pp. 146–162.

  • [19] M. Gay, “Political world embraces encrypted-messaging app Signal amid fears of hacking,” The Wall Street Journal, 2017, 2017-01-27. [Online]. Available:

  • [20] “Trusted Platform Module library,” Standard, 2015.

  • [21] D. Kim, B. J. Kwon, and T. Dumitras, “Certified malware: Measuring breaches of trust in the windows code-signing PKI,” in ACM CCS 17: 24th Conference on Computer and Communications Security, B. M. Thuraisingham, D. Evans, T. Malkin, and D. Xu, Eds. ACM Press, Oct. / Nov. 2017, pp. 1435–1448.

  • [22] J. C. Klensin, “Simple Mail Transfer Protocol,” RFC 5321, Oct. 2008. [Online]. Available:

  • [23] N. Kobeissi, K. Bhargavan, and B. Blanchet, “Automated verification for secure messaging protocols and their implementations: A symbolic and computational approach,” in Proceedings of the IEEE European Symposium on Security and Privacy, 2017.

  • [24] P. Kotzias, S. Matic, R. Rivera, and J. Caballero, “Certified PUP: Abuse in authenticode code signing,” in ACM CCS 15: 22nd Conference on Computer and Communications Security, I. Ray, N. Li, and C. Kruegel:, Eds. ACM Press, Oct. 2015, pp. 465–478.

  • [25] H. Krawczyk, “SKEME: A versatile secure key exchange mechanism for Internet,” in Proceedings of the Symposium on Network and Distributed System Security, 1996.

  • [26] M. Kucherawy, D. Crocker, and T. Hansen, “DomainKeys Identified Mail (DKIM) Signatures,” RFC 6376, Sep. 2011. [Online]. Available:

  • [27] A. Kurnikov, A. Paverd, M. Mannan, and N. Asokan, “,” 2018. [Online]. Available:

  • [28] M. Marlinspike. (2013) Simplifying OTR deniability. Accessed 2018-05-01. [Online]. Available:

  • [29] OTRv4 team, “Personal communication,” May 2018.

  • [30] T. Perrin and M. Marlinspike, “The Double Ratchet algorithm,” Open Whisper Systems, Standard, 2016. [Online]. Available:

  • [31] ——, “The X3DH key agreement protocol, revision 1,” Open Whisper Systems, Standard, 2016. [Online]. Available:

  • [32] H. Ritzdorf, K. Wüst, A. Gervais, G. Felley, and S. Capkun, “TLS-N: Non-repudiation over TLS enabling - ubiquitous content signing for disintermediation,” Cryptology ePrint Archive, Report 2017/578, 2017,

  • [33] B. Schneier, Applied Cryptography. Wiley, 1996.

  • [34], “Personal communication,” May 2018.

  • [35] A. Serhrouchni and I. Hajjeh, “Intégration de la signature numérique au protocole SSL/TLS,” Annales Des Télécommunications, vol. 61, no. 5–6, pp. 522–541, 2006.

  • [36] Y. Swami, “SGX remote attestation is not sufficient,” Cryptology ePrint Archive, Report 2017/736, 2017,

  • [37] Twitter. (2018) About direct messages. Accessed 2018-05-03. [Online]. Available:

  • [38] N. Unger, S. Dechand, J. Bonneau, S. Fahl, H. Perl, I. Goldberg, and M. Smith, “SoK: Secure messaging,” in 2015 IEEE Symposium on Security and Privacy. IEEE Computer Society Press, May 2015, pp. 232–249.

  • [39] N. Unger and I. Goldberg, “Deniable key exchanges for secure messaging,” in ACM CCS 15: 22nd Conference on Computer and Communications Security, I. Ray, N. Li, and C. Kruegel:, Eds. ACM Press, Oct. 2015, pp. 1211–1223.

  • [40] ——, “Improved strongly deniable authenticated key exchanges for secure messaging,” Proceedings on Privacy Enhancing Technologies, vol. 2018, 2018.

  • [41] F. Zhang, E. Cecchetti, K. Croman, A. Juels, and E. Shi, “Town crier: An authenticated data feed for smart contracts,” in ACM CCS 16: 23rd Conference on Computer and Communications Security, E. R. Weippl, S. Katzenbeisser, C. Kruegel, A. C. Myers, and S. Halevi, Eds. ACM Press, Oct. 2016, pp. 270–282.


Journal + Issues