Non-Repudiation
Non-repudiation
It refers to one of the properties of cryptographic digital signatures that offer the possibility of proving whether a particular message has been digitally signed by the holder of a particular digital signature’s private key. A digital signature owner, who may like to deny a transaction maliciously, may always claim that his or her digital signature key was stolen by someone and that someone actually signed the digital transaction in question, thus not accepting/denying the transaction.
An exchange of information between two entities implies an element of trust. This "implied element of trust" may not be enough and may require the use of a Trusted Third Party (TTP) to facilitate the trusted exchange of information.
The role of TTPs includes providing assurance that business and other trustworthy messages and transactions are being transferred to the intended recipient, at the correct location, that messages are received in a timely and accurate manner, and that for any business dispute that may arise, there exist appropriate methods for the creation and delivery of the required evidence for proof of what happened. There are some guidelines which impact on the use and management of trusted third party services according to ISO 14516:2002;
1) Approval: proof of who is responsible for approval of the contents of a message.
2) Sending: proof of who sent the message.
3) Origin: combination of approval and sending the message.
4) Submission: proof that a delivery agent has accepted the message for transmission.
5) Transport: proof for the message originator that a delivery agent has delivered the message to the intended recipient.
6) Receipt: proof that the recipient received the message.
7) Knowledge: proof that the recipient recognized the content of the received message.
8) Delivery: proof that the recipient received and recognized the content of the message.
Non-repudiation can also be looked at from two aspects; the legal aspect and
It refers to one of the properties of cryptographic digital signatures that offer the possibility of proving whether a particular message has been digitally signed by the holder of a particular digital signature’s private key. A digital signature owner, who may like to deny a transaction maliciously, may always claim that his or her digital signature key was stolen by someone and that someone actually signed the digital transaction in question, thus not accepting/denying the transaction.
An exchange of information between two entities implies an element of trust. This "implied element of trust" may not be enough and may require the use of a Trusted Third Party (TTP) to facilitate the trusted exchange of information.
The role of TTPs includes providing assurance that business and other trustworthy messages and transactions are being transferred to the intended recipient, at the correct location, that messages are received in a timely and accurate manner, and that for any business dispute that may arise, there exist appropriate methods for the creation and delivery of the required evidence for proof of what happened. There are some guidelines which impact on the use and management of trusted third party services according to ISO 14516:2002;
1) Approval: proof of who is responsible for approval of the contents of a message.
2) Sending: proof of who sent the message.
3) Origin: combination of approval and sending the message.
4) Submission: proof that a delivery agent has accepted the message for transmission.
5) Transport: proof for the message originator that a delivery agent has delivered the message to the intended recipient.
6) Receipt: proof that the recipient received the message.
7) Knowledge: proof that the recipient recognized the content of the received message.
8) Delivery: proof that the recipient received and recognized the content of the message.
Non-repudiation can also be looked at from two aspects; the legal aspect and