Bi-deniable public-key encryption protocol which is secure against active coercive adversary

We consider a practical public-key deniable encryption protocol based on the RSA cryptosystem. The protocol begins with the authentication of the both parties participating in the protocol (the sender and the receiver of secret message). The authentication is performed by exchanging random values and the RSA signatures to them. Due to this stage of the protocol the security against coercive attacks of the active adversary is provided. After the mutual authentication the protocol specifies performing the deniable encryption of the secret message, like the probabilistic ciphering of some fake message by using the RSA encryption algorithm. The novelty of the proposed protocol consists in using random values as single-use public keys that are used to generate single-use shared key with which the sender encrypts the secret message and the receiver discloses it. The coercive adversary provided with private keys of the both parties can only disclose the fake message. Proving that the sent cryptogram contains a message different from the fake one is computationally infeasible for the adversary.