Overview#Non-repudiation refers to a state of affairs where the purported maker of a statement will not be able to successfully challenge the validity of the statement or contract.
The term, Non-Repudiation, is often seen in a legal setting wherein the authenticity of a signature is being challenged. In such an instance, the authenticity is being "repudiated".
Non-Repudiation is a Facet Of Building Trust
Regarding digital security, the Cryptographic meaning and application that provides Non-Repudiation shifts to imply:
- A service that provides proof of the integrity and origin of data.
- An Authentication that can be asserted to be genuine with reasonable Level Of Assurance .
Proof of data integrity is typically the easiest of these requirements to accomplish. A Hash, provides a reasonable Level Of Assurance that the likelihood of data being undetectably changed is extremely low. Even with the Hash safeguard, it is still possible to tamper with data in transit, either through a man-In-The-Middle attack or phishing. Due to this possible vulnerability, data integrity is best asserted when the recipient already possesses the necessary verification information or there is a reasonable Level Of Assurance that the proper safeguards were applied within the network infrastructure.
The most common method of asserting the digital origin of data is through digital Certificates using Certificate-based Authentication via a form of Public Key Infrastructure, where Digital Signatures could be utilized. The digital origin only means that the certified/signed data can be, with a reasonable Level Of Assurance, trusted to be from somebody who possesses the Private Key corresponding to the signing Certificate.
More Information#There might be more information for this subject on one of the following:
- Application Layer Security
- Best Practices for LDAP Security
- Cryptography Objectives
- Digital Signature
- Digital Signature Standard
- Distributed Ledger Technology
- Encryption And Hashing
- Identity Token
- Information security
- JWT Data Exchange
- Message Authentication Code
- OAuth 2.0 Message Authentication Code (MAC) Tokens
- Off-the-Record Messaging
- The Simple Public-Key GSS-API Mechanism
- Verifiable Claims