Presentation is loading. Please wait.

Presentation is loading. Please wait.

COEN 351 Non-Repudiation. A non-repudiation service provides assurance of the origin or delivery of data in order to protect the sender against false.

Published byArlene Golden Modified over 8 years ago

Similar presentations

Presentation on theme: "COEN 351 Non-Repudiation. A non-repudiation service provides assurance of the origin or delivery of data in order to protect the sender against false."— Presentation transcript:

1 COEN 351 Non-Repudiation

2 A non-repudiation service provides assurance of the origin or delivery of data in order to protect the sender against false denial by the recipient that the data has been received, or to protect the recipient against false denial by the sender that the data has been sent. Thus, a non- repudiation service provides evidence to prevent a person from unilaterally modifying or terminating legal obligations arising out of a transaction effected by computer-based means. American Bar Association

3 Non-Repudiation Legal Need: Enough evidence to meet the legal requirement for proof that signature / communication occured. Not exactly equivalent to the cryptography standard.

4 Non-Repudiation Traditional written signature delivered by mail Can be forged. But forging is difficult. Name under email Easily forged. Digitally signed Almost impossible to forge Attack needs key theft Or needs successful crypto-attack on verified and trusted scheme.

5 Non-Repudiation Types of non-repudiation: Non-repudiation of origin Non-repudiation of submission Non-repudiation of delivery

6 Non-Repudiation Non-repudiation request Parties need to agree on non-repudiation services. Non-repudiation service involves 5 different activities: Non-repudiation request Record generation Record distribution Record verification Record retention

7 Non-Repudiation Phases Non-repudiation request Often implicit. Request for attestation (additional signatures) Record generation Needs to involve the potential repudiator Autonomous generation or by trusted third party Record distribution To trusted third party or to person requesting non- repudiation. Record verification Record retention

8 Non-Repudiation of Origin: Mechanisms Originator’s Digital Signature with Certificate Message Digital Signature: Hash of Message encrypted with private key of originator. Certificate of Digital Signature: Certificate by trusted party containing public key of originator. Key-Revocation Possibility: Time of key revocation is crucial, message needs to contain a time stamp. Stored at recipient.

9 Non-Repudiation of Origin: Mechanisms Digital Signature of a Trusted Third Party Originator sends message to trusted third party and authenticates her/him-self. Trusted third party digitally signs the message and returns it to the originator. Originator sends it to recipient. Recipient stores it.

10 Non-Repudiation of Origin: Mechanisms Digital Signature of a Trusted Third Party Originator sends message to trusted third party and authenticates her/him-self. Trusted third party digitally signs the message and returns it to the originator. Originator sends it to recipient. Recipient stores it.

11 Non-Repudiation of Origin: Mechanisms Digital Signature of Message Hash Digital signatures are compute-expensive. Calculate a secure hash of the message. Hash is easy / fast to calculate Impossible to find other message with the same hash. WARNING: Analysis of secure hash functions is about a decade behind analysis of encryption security. MD5, SHA1 are not yet broken But less secure than thought SHA-2 family seems to be O.K. (2006) Then use the various schemes to sign the hash.

12 Non-Repudiation of Origin Transactional Certificate Only used for one transaction. Originator provides: Message Hash of message, encrypted by private key of originator. Signature of trusted party on originator signature

13 Non-Repudiation of Origin Inline trusted third party (Evidence stored) Originator sends message to trusted third party. Trusted third party stores evidence of transaction (signed message digest, time stamp) Trusted third party forwards message.

14 Non-Repudiation of Delivery Recipient Acknowledgment with Signature Recipient signs digest of received message and sends it back to the sender. “Reluctant recipient problem”

15 Non-Repudiation of Delivery Trusted Delivery Agent Akin to process server Police officer, deputy delivering summons or subpoena. Delivery agent is trusted when attesting to handing message to recipient Delivery agent signs digest of message and returns it to sender after handing it to the receiver.

16 Non-Repudiation of Delivery Progressive Delivery Reports Mail transfer protocol hands messages from one mail server to the next. Possible to send reports from each mail server. E-mail header has a record of those hand-offs Unfortunately, these might be faked, too.

17 Email Protocols: SMTP Server used to fakemail To: tschwarz@engr.scu.edu From: HolyFather@vatican.va This is a spoofed message. From HolyFather@vatican.va Tue Dec 23 17:25:50 2003 Return-Path: Received: from Xavier (dhcp-19-226.engr.scu.edu [129.210.19.226]) by server4.engr.scu.edu (8.12.10/8.12.10) with ESMTP id hBO1Plpv027244 for ; Tue, 23 Dec 2003 17:25:50 -0800 Received: from mail pickup service by Xavier with Microsoft SMTPSVC; Tue, 23 Dec 2003 17:25:33 -0800 To: tschwarz@engr.scu.edu From: HolyFather@vatican.va Message-ID: X-OriginalArrivalTime: 24 Dec 2003 01:25:33.0942 (UTC) FILETIME=[D3B56160:01C3C9 BC] Date: 23 Dec 2003 17:25:33 -0800 X-Spam-Checker-Version: SpamAssassin 2.60-rc3 (1.202-2003-08-29-exp) on server4.engr.scu.edu X-Spam-Level: X-Spam-Status: No, hits=0.3 required=5.0 tests=NO_REAL_NAME autolearn=no version=2.60-rc3 This is a spoofed message.

18 Non-Repudiation of Submission Messages are handled by a delivery system Not under control of sender Reasonably efficient in sending messages Delivery system can send receipt to sender.

19 Non-Repudiation Trusted Third Party Role Public-key certification Identity and authority validation By (co)signing Time stamping service Records retention Delivery intermediation Dispute resolution

Download ppt "COEN 351 Non-Repudiation. A non-repudiation service provides assurance of the origin or delivery of data in order to protect the sender against false."

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
PROJECT ON DIGITAL SIGNATURE Submitted by: Submitted to: NAME: Roll no: Reg.no. :

PROJECT ON DIGITAL SIGNATURE Submitted by: Submitted to: NAME: Roll no: Reg.no. :
Email Tracing Computer Forensics 152 / 252.

Tracing Computer Forensics 152 / 252.
Cryptography and Network Security Chapter 13 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 13 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.

1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.
1 Chapter 13 – Digital Signatures & Authentication Protocols Fourth Edition by William Stallings Lecture slides by Lawrie Brown (modified by Prof. M. Singhal,

1 Chapter 13 – Digital Signatures & Authentication Protocols Fourth Edition by William Stallings Lecture slides by Lawrie Brown (modified by Prof. M. Singhal,
Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.

Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.
6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC513-01 Instructor:Professor Anvari Student ID:106845 Name:Xin Wen Date:11/25/00.

6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC Instructor:Professor Anvari Student ID: Name:Xin Wen Date:11/25/00.
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.

Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.

6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.
Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.

Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.
Cryptography Basic (cont)

Cryptography Basic (cont)
Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.

Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
1 Intro To Encryption Exercise 10. 2 Analyze the following scenario: Sender:  Cipher1= Encrypt message with symmetric key algorithm  RSA_Encrypt (SHA1(message)

1 Intro To Encryption Exercise Analyze the following scenario: Sender:  Cipher1= Encrypt message with symmetric key algorithm  RSA_Encrypt (SHA1(message)
Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.

Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.
Email Security Jonathan Calazan December 12, 2005.

Security Jonathan Calazan December 12, 2005.
TrustPort Public Key Infrastructure. WWW.TRUSTPORT.COM Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.

TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.

Similar presentations

Ads by Google