An Introduction to Nonrepudiation

Previous page
Table of content
Next page
[Previous] [Next]

In the digital world, nonrepudiation is a combination of technology, policy, and law that prevents a principal involved in a transaction from falsely refuting having participated in the transaction. Nonrepudiation is plentiful in the material world, and you're probably familiar with it without recognizing it.

For example, say that you order a book from a mail order company and receive the goods three days later. When you accept the merchandise, you're asked to sign and date a receipt by the delivery company. Two months later, you decide to telephone the mail order book company and ask them to credit your credit card because you haven't received the book yet. Of course, it's all a lie! You're trying to repudiate, or go back on, your side of the financial transaction and swindle the book company. However, the book company can prove that you received the books; they have a receipt signed by you. The book company has just performed nonrepudiation of delivery. Nonrepudiation of delivery is designed to protect the message or merchandise sender.

Another principle form of nonrepudiation is nonrepudiation of origin, or the ability to prove the origin of a message or merchandise. This form of nonrepudiation is designed to protect the recipient.

A More Formal Definition of Nonrepudiation

The ITU-T (formally CCITT) X.813 Information Technology - Open Systems Interconnection - Security frameworks in open systems: Nonrepudiation framework specification defines nonrepudiation as follows:

The goal of Nonrepudiation service is to collect, maintain, make available and validate irrefutable evidence concerning a claimed event or action in order to resolve disputes about the occurrence or nonoccurrence of the event or action. The Nonrepudiation service can be applied in a number of different contexts and situations. The service can apply to the generation of data, the storage of data, or the transmission of data. Nonrepudiation involves the generation of evidence that can be used to prove that some kind of event or action has taken place, so that this event or action cannot be repudiated later.

In an OSI environment the Nonrepudiation service has two forms:

  • Nonrepudiation with proof of origin, which is used to counter false denial by a sender that the data or its contents has been sent.

  • Nonrepudiation with proof of delivery, which is used to counter false denial by a recipient that the data or its contents (i.e., the information that the data represents) has been received.

The ITU-T definition of nonrepudiation is dry but precise. If you have more than a passing interest in the subject, you can get a copy of this document from the ITU Web site at http://www.itu.int/itudoc/itu-t/rec/x/x500up/x813.html.

Why Nonrepudiation?

Nonrepudiation is essential in commerce, including electronic commerce, because it protects both the seller and the consumer from fraudulent behavior by the other party. The idea of two or more parties agreeing on something (that is, goods or services) and carrying out the agreement is critical.

Imagine applying for a mortgage over the Internet in real time. You know that interest rates are fluctuating; they may go up half a percent or down half a percent. Of course, you don't know which way they'll go, and a poor decision could leave you paying dearly in mortgage interest repayments. So, you decide to lock in the current rate rather than risk rates going up. The lender receives your request but does not inform you of the receipt. The lender might then decide to accept your request if interest rates fall or ignore your request if rates go up because the lender will be able to charge higher loan fees. On the other hand, you might decide to renege on your request if interest rates go down, stating that it wasn't you who sent the request. Today, this type of scenario must often be resolved in a court of law, where both parties present enough evidence to sway the judge to one view or the other. In other words, nonrepudiation helps people avoid such conflicts.

To put this in perspective, let's recap the two major nonrepudiation categories and look at what techniques make up the various forms of nonrepudiation. The following sections explain nonrepudiation of origin and nonrepudiation of delivery. In the examples in these sections, Alice is the recipient and Bob is the sender or origin.

Nonrepudiation of origin

Nonrepudiation of origin helps mitigate the following disputes:

  • Alice claims to have received a message from Bob, but Bob claims he did not send it.

  • Alice and Bob agree that Alice received a message from Bob, but they disagree on the contents of the message.

  • Alice and Bob agree that Alice received a message from Bob at a particular time, but they disagree on the time and date the message was sent.

Various evidence helps support nonrepudiation of origin, including the evidence in the following list. Note that the more evidence Alice has, the easier it is for her to prove that Bob sent the message.

  • The message sender's identity—in this case, Bob

  • The message content

  • The time the message sender sent the message

  • The message recipient's identity—in this case, Alice

Nonrepudiation of delivery

Nonrepudiation of delivery helps mitigate the following disputes:

  • Bob claims to have sent a message to Alice, but Alice claims she did not receive it.

  • Bob and Alice agree that Bob sent a message to Alice, but they disagree on the contents of the message.

  • Bob and Alice agree that Bob sent a message to Alice, but they disagree on the time and date the message was sent.

Various evidence helps support nonrepudiation of delivery, including the evidence in the following list. In this case, the more evidence Bob has, the easier it is for him to prove that Alice received the message.

  • The message recipient's identity

  • The message content

  • The time the message recipient received the message

  • The message sender's identity

NOTE
It's important to note that nonrepudiation requires that the party disputing the transaction have as much evidence as possible to support their claim.

Using Technology to Support Nonrepudiation

This section looks at the different aspects of nonrepudiation and how technology can be used to provide nonrepudiation. We'll look at the following topics:

  • Proving a message's origin

  • Proving that the contents of a message have not been tampered with

  • Proving the date and time the message was sent or received

Proving a message's origin

The most common and understood way to prove a message's origin is with digital signatures. Because the sender is the only subject that has access to the private key used to sign the message, the message must have come from the sender. The evidence provided by your being the possessor of a private key is directly proportional to the protection provided by the private key. If more than one person has access to the private key, the value of the key as evidence is substantially reduced. Refer to Chapter 15, "An Introduction to Cryptography and Certificates in Windows 2000," for details about digital signatures.

NOTE
An excellent summary of digital signature legislation in the United States and around the world can be found at the Web site of the law firm McBride Baker and Cole: http://www.mbc.com/ecommerce.

Technologies such as MACs cannot be used to provide nonrepudiation, because MACs require that the sender and the recipient know the key that was used to derive the MAC. Hence, either party could fraudulently create the message and claim that the other originated the message. The same applies to SSL/TLS, because both parties know the session key used to encrypt the channel.

Proving that the contents of a message have not been tampered with

As with proving the origin of a message, digital signatures can be used to determine whether a message has been tampered with. This is because the message hash is signed with the sender's private key. If the message is changed by an attacker, the hash must be recomputed and signed with the original sender's private key.

Proving the date and time the message was sent or received

Digital signatures allow you to verify who created the message and check whether the message was altered, but they do not address the time at which the document was created. To accomplish this, timestamps are used. The question is, who attests to the time? It's normal to use a third party, trusted by all parties in the transaction, to perform the timestamp operation, and it's the timestamp service's job to verify that the document existed at a particular time.

In the nonelectronic world, this task is often performed by a notary. A notary usually verifies the identity of the document creator, signs the document with a seal, and dates it. The notary often records the use of the seal in a logbook also. In the event that the validity of the document is called into question, the document's creator can prove the document did indeed exist at a specific date and time because it was notarized by a trusted third party. On the Internet, a third-party company—akin to a notary—takes information about documents sent by the originator, timestamps the documents, and archives the information about the documents in case a dispute arises.

NOTE
The seminal work on timestamping is "How To Time-Stamp a Digital Document" by S. Haber and W.S. Stornetta. A timestamping and notary company named Surety has a copy on the paper on its Web site, www.surety.com.

The Role of Third-Party Trust

The more paranoid reader might ask, "Well, how do you know the sender and the trusted third party are not in some form of alliance against the recipient?" Quite simply, you don't! However, let's look at it from another perspective. Imagine that the third party is not so trustworthy after all. Given that the third party is in the business of trust, violating that trust would soon put them out of business.

Nonrepudiation in Your Web Application

If your Web application creates some kind of contract between you and a client, chances are you'll need to have a policy to determine how you handle repudiation disputes. For example, you might decide that requests for goods and services worth over, say, $10,000 must be digitally signed, and requests worth over $100,000 must be digitally signed and timestamped by a third party.

NOTE
If you plan to ask your users to digitally sign their requests, you'll have to explain what you mean. Few people know what it means to digitally sign a document. To make the process easier for the user, you can also include an ActiveX control on your Web site that performs the task by using CryptoAPI functions such as CryptSignMessage.

There's no end to the kind of services you can offer to protect both yourself and your clients from nonrepudiation threats. You might determine that your concept of nonrepudiation of delivery is to e-mail the client a confirmation number. Confirmation of origin is determined by the client's use of his or her password to make the purchase.

Please note: The authors are not lawyers. If you plan to include nonrepudiation services as part of your Web application, we urge you to get legal advice first to make sure that the services you provide are legal and can be used in the case of a repudiation dispute.


Previous page
Table of content
Next page
Designing Secure Web-Based Applications for Microsoft Windows 2000 with CDROM
Designing Secure Web-Based Applications for Microsoft Windows 2000 with CDROM
ISBN: N/A
EAN: N/A
Year: 1999
Pages: 138
BUY ON AMAZON
Database Modeling with MicrosoftВ® Visio for Enterprise Architects (The Morgan Kaufmann Series in Data Management Systems)
Building Web Applications with UML (2nd Edition)
Programming Microsoft ASP.NET 3.5
Professional Struts Applications: Building Web Sites with Struts ObjectRelational Bridge, Lucene, and Velocity (Experts Voice)
InDesign Type: Professional Typography with Adobe InDesign CS2
User Interfaces in C#: Windows Forms and Custom Controls
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy