Get this Security+ CertiGuide for your own computer.
Click Here!
Use coupon code "certiguide" to save 20%!
(Expires 2004/12/31)

Also available: 300-question Security+ practice test!
Get It Here!

Custom Search







Table Of Contents  CertiGuide to Security+
 9  Chapter 4:  Basics of Cryptography (Domain 4.0; 15%)
      9  4.2  Concepts in Using Cryptography

Previous Topic/Section
4.2.3  Authentication
Previous Page
Pages in Current Topic/Section
1
Next Page
4.2.4.1  Digital Signatures
Next Topic/Section

4.2.4  Non-Repudiation

Non-Repudiation is a stronger variation on authentication which allows the sender’s identity to be verified by a third party, and is used to prove that a message was not forged – that the person who supposedly sent the message really did. This also means that the sender cannot deny he sent a particular message. In the paper world this is accomplished via a Notary Public who verifies the signer’s identity, witnesses the signing and puts their seal on the document, indicating that they witnessed the signing. In the digital world, this is accomplished with a verified digital signature.

Non-Repudiation cannot be achieved with a symmetrical, secret-key algorithm. Why? By definition, more than one person knows the shared secret key, so while it’s possible to narrow down the list of possible senders, it’s not possible to reliably determine which one of the individuals possessing the key, sent the message.

If you think about how public/private key encryption works, it might occur to you that you can prove the origin of a message by encrypting the entire message with the sender’s private key, and allowing it to be decrypted by the sender’s public key. If the sender’s public key decrypts the message, then you know that the sender’s private key (known only to that individual) was used to encrypt it. The down side to this is that if the message contents need confidentiality as well as non-repudiation, the message contents are encrypted twice – with both the sender’s private key and the receiver’s public key – which is computationally expensive.

Non-Repudiation

Non-repudiation is a stronger variation on authentication. It allows the sender’s identity to be verified by a third party, to prove that the message was not forged. Because proof of sender comes from a third party, the sender cannot deny he/she sent the message.

You can prove the origin of a message by encrypting the entire message or its hash value with the sender’s private key, and decrypting it with the sender’s public key.


Figure 43: As long as the private key remains private, non-repudiation is achieved.

 

Quick navigation to subsections and regular topics in this section



Previous Topic/Section
4.2.3  Authentication
Previous Page
Pages in Current Topic/Section
1
Next Page
4.2.4.1  Digital Signatures
Next Topic/Section

If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!
Donate $2
Donate $5
Donate $10
Donate $20
Donate $30
Donate: $



Home - Table Of Contents - Contact Us

CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004

Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.