Presentation is loading. Please wait.

Presentation is loading. Please wait.

COEN 351 Non-Repudiation. A non-repudiation service provides assurance of the origin or delivery of data in order to protect the sender against false.

Similar presentations


Presentation on theme: "COEN 351 Non-Repudiation. A non-repudiation service provides assurance of the origin or delivery of data in order to protect the sender against false."— Presentation transcript:

1 COEN 351 Non-Repudiation

2 A non-repudiation service provides assurance of the origin or delivery of data in order to protect the sender against false denial by the recipient that the data has been received, or to protect the recipient against false denial by the sender that the data has been sent. Thus, a non- repudiation service provides evidence to prevent a person from unilaterally modifying or terminating legal obligations arising out of a transaction effected by computer-based means. American Bar Association

3 Non-Repudiation Legal Need: Enough evidence to meet the legal requirement for proof that signature / communication occured. Not exactly equivalent to the cryptography standard.

4 Non-Repudiation Traditional written signature delivered by mail Can be forged. But forging is difficult. Name under email Easily forged. Digitally signed Almost impossible to forge Needs key theft Successful crypto-attack on verified and trusted scheme.

5 Non-Repudiation Non-repudiation of origin Non-repudiation of submission Non-repudiation of delivery

6 Non-Repudiation Non-repudiation request Parties need to agree on non-repudiation services. Record generation Record distribution Record verification Record retention

7 Non-Repudiation of Origin Originator’s Digital Signature Message Hash of Message encrypted with private key. Certificate by trusted party containing public key. Key-Revocation: Time of key revocation is crucial, hence time of message.

8 Non-Repudiation of Origin Transactional Certificate Only used for one transaction. Message Hash of message, encrypted by private key of originator. Signature of trusted party on originator signature

9 Non-Repudiation of Origin Inline trusted third party (Evidence stored) Originator sends message to trusted third party. Trusted third party stores evidence of transaction (signed message digest, time stamp) Trusted third party forwards message.

10 Non-Repudiation of Origin Inline trusted third party (Evidence forwarded) Originator sends message to trusted third party. Trusted third party signs message (signed message digest + time stamp) Trusted third party forwards message with signature.

11 Non-Repudiation of Delivery Recipient Acknowledgment with Signature Recipient signs digest of received message and sends it back to the sender. “Reluctant recipient problem”

12 Non-Repudiation of Delivery Trusted Delivery Agent Akin to process server Police officer, deputy delivering summons or subpoena. Delivery agent is trusted when attesting to handing message to recipient Delivery agent signs digest of message and returns it to sender after handing it to the receiver.

13 Non-Repudiation of Delivery Progressive Delivery Reports Mail transfer protocol hands messages from one mail server to the next. Possible to send reports from each mail server. E-mail header has a record of those hand-offs

14 Email Protocols: SMTP To: tschwarz@engr.scu.edu From: HolyFather@vatican.va This is a spoofed message. From HolyFather@vatican.va Tue Dec 23 17:25:50 2003 Return-Path: Received: from Xavier (dhcp-19-226.engr.scu.edu [129.210.19.226]) by server4.engr.scu.edu (8.12.10/8.12.10) with ESMTP id hBO1Plpv027244 for ; Tue, 23 Dec 2003 17:25:50 -0800 Received: from mail pickup service by Xavier with Microsoft SMTPSVC; Tue, 23 Dec 2003 17:25:33 -0800 To: tschwarz@engr.scu.edu From: HolyFather@vatican.va Message-ID: X-OriginalArrivalTime: 24 Dec 2003 01:25:33.0942 (UTC) FILETIME=[D3B56160:01C3C9 BC] Date: 23 Dec 2003 17:25:33 -0800 X-Spam-Checker-Version: SpamAssassin 2.60-rc3 (1.202-2003-08-29-exp) on server4.engr.scu.edu X-Spam-Level: X-Spam-Status: No, hits=0.3 required=5.0 tests=NO_REAL_NAME autolearn=no version=2.60-rc3 This is a spoofed message.

15 Non-Repudiation of Submission Messages are handled by a delivery system Not under control of sender Reasonably efficient in sending messages Delivery system can send receipt to sender.

16 Non-Repudiation Trusted Third Party Role Public-key certification Identity and authority validation By (co)signing Time stamping service Records retention Delivery intermediation Dispute resolution


Download ppt "COEN 351 Non-Repudiation. A non-repudiation service provides assurance of the origin or delivery of data in order to protect the sender against false."

Similar presentations


Ads by Google