Overview#

Non-repudiation refers to a state of affairs where the purported maker of a statement will not be able to successfully challenge the validity of the statement or contract.

The term, Non-Repudiation, is often seen in a legal setting wherein the authenticity of a signature is being challenged. In such an instance, the authenticity is being "repudiated".

Non-Repudiation is a Facet Of Building Trust

Regarding digital security, the Cryptographic meaning and application that provides Non-Repudiation shifts to imply:

Proof of data integrity is typically the easiest of these requirements to accomplish. A Hash, provides a reasonable Level Of Assurance that the likelihood of data being undetectably changed is extremely low. Even with the Hash safeguard, it is still possible to tamper with data in transit, either through a man-In-The-Middle attack or phishing. Due to this possible vulnerability, data integrity is best asserted when the recipient already possesses the necessary verification information or there is a reasonable Level Of Assurance that the proper safeguards were applied within the network infrastructure.

The most common method of asserting the digital origin of data is through digital Certificates using Certificates and Authentication via a form of Public Key Infrastructure, where Digital Signatures could be utilized. The digital origin only means that the certified/signed data can be, with a reasonable Level Of Assurance, trusted to be from somebody who possesses the Private Key corresponding to the signing Certificate.

If the Private Key is not properly safeguarded by the original owner, digital forgery can become a major concern as the Private Key is considered to be a Bearer Token.

More Information#

There might be more information for this subject on one of the following:

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-11) was last changed on 09-Aug-2016 14:13 by jim