{"id":7793,"date":"2021-10-11T17:23:31","date_gmt":"2021-10-11T15:23:31","guid":{"rendered":"https:\/\/tekmart.co.za\/t-blog\/?p=7793"},"modified":"2021-10-11T17:23:56","modified_gmt":"2021-10-11T15:23:56","slug":"what-is-nonrepudiation-an-expert-explanation-and-its-drawbacks","status":"publish","type":"post","link":"https:\/\/tekmart.co.za\/t-blog\/what-is-nonrepudiation-an-expert-explanation-and-its-drawbacks\/","title":{"rendered":"What is nonrepudiation?-an expert’s explanation and its drawbacks."},"content":{"rendered":"Reading Time-approximately:<\/span> 3<\/span> minutes<\/span><\/span>\n

Nonrepudiation ensures that no party can deny that it sent or received a message via\u00a0encryption\u00a0and\/or\u00a0digital signatures\u00a0or approved some information. It also cannot deny the authenticity of its signature on a document.<\/strong><\/h2>\n\n\n\n
\"Rahul<\/figure>\n\n\n\n

By Rahul Awati<\/a><\/p>\n\n\n\n

Although it originated as a legal concept, nonrepudiation is also widely used in computing,\u00a0information security\u00a0and communications.<\/p>\n\n\n\n

Information assurance and nonrepudiation<\/strong><\/h3>\n\n\n\n

Nonrepudiation is one of the five pillars of information assurance (IA), which is the practice of managing information-related risks and protecting information systems, like computers, servers and enterprise networks. The other four pillars are the following:<\/p>\n\n\n\n

  1. integrity<\/li>
  2. availability<\/li>
  3. authentication<\/li>
  4. confidentiality<\/li><\/ol>\n\n\n\n

    Nonrepudiation provides proof of the origin, authenticity and integrity of data. It provides assurance to the sender that its message was delivered, as well as proof of the sender’s identity to the recipient. This way, neither party can deny that a message was sent, received and processed.<\/p>\n\n\n\n

    Nonrepudiation is like authentication, particularly with respect to implementation. For instance, a\u00a0public key\u00a0signature can be a nonrepudiation device if only one party can produce signatures.<\/p>\n\n\n\n

    In general, nonrepudiation combines both authentication and integrity.<\/p>\n\n\n\n

    \"The
    Nonrepudiation is one of the pillars of information assurance.<\/strong><\/figcaption><\/figure>\n\n\n\n

    Nonrepudiation, message authentication code and digital signatures<\/strong><\/h3>\n\n\n\n

    Nonrepudiation is achieved through\u00a0cryptography, like digital signatures, and includes other services for authentication, auditing and logging.<\/p>\n\n\n\n

    In online transactions, digital signatures ensure that a party cannot later deny sending information or deny the authenticity of its signature. A digital signature is created using the\u00a0private key\u00a0of an\u00a0asymmetric key pair, which is public key cryptography, and verified with a corresponding public key.<\/p>\n\n\n\n

    Only the private key holder can access this key and create this signature, proving that a document was\u00a0electronically signed\u00a0by that holder. This ensures that a person cannot later deny that they furnished the signature, providing nonrepudiation.<\/p>\n\n\n\n

    In cryptography, a message authentication code (MAC), also known as a\u00a0tag<\/em>, is used to authenticate a message or confirm that the message came from the stated sender and was not changed along the way. Unlike digital signatures, MAC values are generated and verified using the same secret key, which the sender and recipient must agree on before initiating communications.<\/p><\/blockquote>\n\n\n\n

    A MAC can protect against message forgery by anyone who doesn’t know the shared secret key, providing both integrity and authentication. However, MAC algorithms, like\u00a0cipher-based MAC and\u00a0hash-based MAC, cannot provide nonrepudiation.<\/p>\n\n\n\n

    In addition to digital signatures, nonrepudiation is also used in digital contracts and email. Email nonrepudiation involves methods such as email tracking.<\/p>\n\n\n\n

    \n