You are on page 1of 19

COEN 351

Non-Repudiation
Non-Repudiation
A non-repudiation service provides assurance of
the origin or delivery of data in order to protect
the sender against false denial by the recipient
that the data has been received, or to protect
the recipient against false denial by the sender
that the data has been sent. Thus, a non-
repudiation service provides evidence to
prevent a person from unilaterally modifying or
terminating legal obligations arising out of a
transaction effected by computer-based means.
American Bar Association
Non-Repudiation
 Legal Need:
 Enough evidence to meet the legal
requirement for proof that signature /
communication occured.
 Not exactly equivalent to the
cryptography standard.
Non-Repudiation
 Traditional written signature delivered by mail
 Can be forged.
 But forging is difficult.
 Name under email
 Easily forged.
 Digitally signed
 Almost impossible to forge
 Attack needs key theft
 Or needs successful crypto-attack on verified and trusted
scheme.
Non-Repudiation
 Types of non-repudiation:
 Non-repudiation of origin
 Non-repudiation of submission
 Non-repudiation of delivery
Non-Repudiation
 Non-repudiation request
 Parties need to agree on non-repudiation
services.
 Non-repudiation service involves 5 different
activities:
 Non-repudiation request
 Record generation
 Record distribution
 Record verification
 Record retention
Non-Repudiation Phases
 Non-repudiation request
 Often implicit.
 Request for attestation (additional signatures)
 Record generation
 Needs to involve the potential repudiator
 Autonomous generation or by trusted third party
 Record distribution
 To trusted third party or to person requesting non-
repudiation.
 Record verification
 Record retention
Non-Repudiation of Origin:
Mechanisms
 Originator’s Digital Signature with Certificate
 Message
 Digital Signature: Hash of Message encrypted with
private key of originator.
 Certificate of Digital Signature: Certificate by
trusted party containing public key of originator.
 Key-Revocation Possibility:
 Time of key revocation is crucial, message needs
to contain a time stamp.
 Stored at recipient.
Non-Repudiation of Origin:
Mechanisms
 Digital Signature of a Trusted Third
Party
 Originator sends message to trusted third
party and authenticates her/him-self.
 Trusted third party digitally signs the
message and returns it to the originator.
 Originator sends it to recipient.
 Recipient stores it.
Non-Repudiation of Origin:
Mechanisms
 Digital Signature of a Trusted Third
Party
 Originator sends message to trusted third
party and authenticates her/him-self.
 Trusted third party digitally signs the
message and returns it to the originator.
 Originator sends it to recipient.
 Recipient stores it.
Non-Repudiation of Origin:
Mechanisms
 Digital Signature of Message Hash
 Digital signatures are compute-expensive.
 Calculate a secure hash of the message.
 Hash is easy / fast to calculate
 Impossible to find other message with the same hash.
 WARNING: Analysis of secure hash functions is about a
decade behind analysis of encryption security.
 MD5, SHA1 are not yet broken
 But less secure than thought

 SHA-2 family seems to be O.K. (2006)


 Then use the various schemes to sign the hash.
Non-Repudiation of Origin
 Transactional Certificate
 Only used for one transaction.
 Originator provides:
 Message
 Hash of message, encrypted by private key of
originator.
 Signature of trusted party on originator
signature
Non-Repudiation of Origin
 Inline trusted third party (Evidence
stored)
 Originator sends message to trusted third
party.
 Trusted third party stores evidence of
transaction (signed message digest, time
stamp)
 Trusted third party forwards message.
Non-Repudiation of Delivery
 Recipient Acknowledgment with
Signature
 Recipient signs digest of received message
and sends it back to the sender.
 “Reluctant recipient problem”
Non-Repudiation of Delivery
 Trusted Delivery Agent
 Akin to process server
 Police officer, deputy delivering summons or
subpoena.
 Delivery agent is trusted when attesting to
handing message to recipient
 Delivery agent signs digest of message and
returns it to sender after handing it to the
receiver.
Non-Repudiation of Delivery
 Progressive Delivery Reports
 Mail transfer protocol hands messages
from one mail server to the next.
 Possible to send reports from each mail
server.

 E-mail header has a record of those hand-offs


 Unfortunately, these might be faked, too.
Email Protocols: SMTP Server
used to fakemail
From HolyFather@vatican.va Tue Dec 23 17:25:50 2003
To: tschwarz@engr.scu.edu
Return-Path: <HolyFather@vatican.va>
Received: from Xavier (dhcp-19-226.engr.scu.edu [129.210.19.226])
From: HolyFather@vatican.va
by server4.engr.scu.edu (8.12.10/8.12.10) with ESMTP id hBO1Plpv027244
for <tschwarz@engr.scu.edu>; Tue, 23 Dec 2003 17:25:50 -0800
This is a spoofed message.
Received: from mail pickup service by Xavier with Microsoft SMTPSVC;
Tue, 23 Dec 2003 17:25:33 -0800
To: tschwarz@engr.scu.edu
From: HolyFather@vatican.va
Message-ID: <XAVIERZRTHEQXHcJcKJ00000001@Xavier>
X-OriginalArrivalTime: 24 Dec 2003 01:25:33.0942 (UTC) FILETIME=[D3B56160:01C3C9
BC]
Date: 23 Dec 2003 17:25:33 -0800
X-Spam-Checker-Version: SpamAssassin 2.60-rc3 (1.202-2003-08-29-exp) on
server4.engr.scu.edu
X-Spam-Level:
X-Spam-Status: No, hits=0.3 required=5.0 tests=NO_REAL_NAME autolearn=no
version=2.60-rc3

This is a spoofed message.


Non-Repudiation of
Submission
 Messages are handled by a delivery
system
 Not under control of sender
 Reasonably efficient in sending messages
 Delivery system can send receipt to
sender.
Non-Repudiation
 Trusted Third Party Role
 Public-key certification
 Identity and authority validation
 By (co)signing
 Time stamping service
 Records retention
 Delivery intermediation
 Dispute resolution