Deniable ring authentication enables a prover in some group (called a ring ) to authenticate a message to a verifier using its secret key while at the same time allowing the prover to deny ever having interacted with the verifier. This primitive furthermore guarantees the anonymity of the prover in the sense that the verifier will learn nothing about the prover’s identity except that it is included in the ring. In this work, we propose a new generic construction of two-round concurrently deniable ring authentication in the random oracle model. Our generic construction is based on any IND-CPA secure broadcast encryption (BE) scheme. Instantiating the underlying IND-CPA secure BE scheme with the schemes proposed by Agrawal and Yamada (EUROCRYPT 2020) or Agrawal, Wichs, and Yamada (TCC 2020), we obtain the first two-round concurrently deniable ring authentication scheme with optimal efficiency in an asymptotic sense. Here, by optimal efficiency, we mean that all of the sizes of a public parameter and secret keys, the communication costs, and the number of pairing operations are independent of n , where n is the number of users in a ring. In addition to these main instantiations, through our generic construction, we further obtain various two-round concurrently deniable ring authentication schemes.