What is Non-repudiation?

Written By Todd Mitchell

Did your bank really send you the alert or did it come from someone pretending to be your bank?

Non-repudiation is the proof that a person or computer actually sent or owns the information in question. It is a way of authenticating a message to ensure the sender was who they say they were. One method is a digital signature, but this is not always fool proof. It is best when combined with another form of authentication like smart card or biometrics (Liu, & Vigneron, 2010). 

Public Key Infrastructure with a three-way handshake is another method of providing non-repudiation. This form of authentication lets users trade private certificates and authenticate the other user prior to sending any information between the two parties. Non-repudiation occurs by a single private certificate being issued from a third-party authority who verifies the authenticity prior to issuing the certificates. The third party also maintains a list of valid certificates (Chen, Horng & Liu, 2013).

References

Chen, Y. C., Horng, G., & Liu, C. L. (2013). Strong non-repudiation based on certificateless short signatures Retrieved from http://ezproxy.umuc.edu/login?url=http://search.ebscohost.com.ezproxy.umuc.edu/login.aspx?direct=true&db=edswsc&AN=000326462600012&site=eds-live&scope=site

Liu, J., & Vigneron, L. (2010). Design and verification of a non-repudiation protocol based on receiver-side smart card Retrieved from http://ezproxy.umuc.edu/login?url=http://search.ebscohost.com.ezproxy.umuc.edu/login.aspx?direct=true&db=edswsc&AN=000295121800003&site=eds-live&scope=site

Todd Mitchell
Previous

Only having one copy of critical data is bad
Next

Why do I need Digital Evidence?