Full and partial deniability for authentication schemes