Idéer introdusert av Coladangelo, Goldwasser, og Vazirani i [Deniable Encryption in a Quantum World](https://arxiv.org/abs/2112.14988v1).
#### Interaktiv
En enkel idé: bruk [[Kvante-nøkkelutvidelse]] til å sende one-time pad-nøkler, og benytt dens deniable properties til å få (interactive) inf.theoretically secure deniable encryption.
Først foreslått av Col?/Goldwasser/Vazirani (STOC:ColGolVaz22).
Gammel paragrafskisse fra [[SoK - Public Key Encryption with Openings]]:
> Finally, it is interesting to note that if quantum channels are assumed between parties,
interactive public-key deniable encryption with bi-opening
is trivially achieved~cite{STOC:ColGolVaz22}:
simply use quantum key distribution, for instance the BB84 protocol~cite{},
to share keys for use in one-time pad encryption.
Then, due to the properties of the one-time pad, the parties can
always come up with alternative symmetric keys after the fact to have a
ciphertext decrypt to any plaintext.
As an added bonus, security is now information-theoretic.
Er dette sikkert også mot openings?
#### Ikke-interaktiv
Gammel paragrafskisse fra [[SoK - Public Key Encryption with Openings]]:
> On the other hand, non-interactive deniable encryption with sender
opening *is* achievable, although the only known such scheme
(that does not come with weird efficiency caveats)
(update 31-05: they have encryption algorithms running
in superpolynomial time; I think that hardly counts as ``achieving''
the notion.)
requires encryption to be a quantum algorithm~\cite{STOC:ColGolVaz22}.
#### Interaktiv $\rightarrow$ ikke-interaktiv
Gammel paragrafskisse fra [[SoK - Public Key Encryption with Openings]]:
> Additionally there is a generic transformation that takes any sender-deniable
encryption scheme to a receiver-deniable encryption scheme by adding
extra interaction (so it is no longer non-interactive, bypassing the
impossibility result)~\cite{C:CDNO97}, and there are interactive schemes
achieving deniability with bi-opening~\cite{C:CanParPob20}.