coen 351
DESCRIPTION
COEN 351. Non-Repudiation. Non-Repudiation. - PowerPoint PPT PresentationTRANSCRIPT
COEN 351
Non-Repudiation
Non-Repudiation
A non-repudiation service provides assurance of the origin or delivery of data in order to protect the sender against false denial by the recipient that the data has been received, or to protect the recipient against false denial by the sender that the data has been sent. Thus, a non-repudiation service provides evidence to prevent a person from unilaterally modifying or terminating legal obligations arising out of a transaction effected by computer-based means.
American Bar Association
Non-Repudiation
Legal Need: Enough evidence to meet the legal
requirement for proof that signature / communication occured.
Not exactly equivalent to the cryptography standard.
Non-Repudiation Traditional written signature delivered by
mail Can be forged. But forging is difficult.
Name under email Easily forged.
Digitally signed Almost impossible to forge
Attack needs key theft Or needs successful crypto-attack on verified and
trusted scheme.
Non-Repudiation
Types of non-repudiation: Non-repudiation of origin Non-repudiation of submission Non-repudiation of delivery
Non-Repudiation Non-repudiation request Parties need to agree on non-
repudiation services. Non-repudiation service involves 5
different activities: Non-repudiation request Record generation Record distribution Record verification Record retention
Non-Repudiation Phases Non-repudiation request
Often implicit. Request for attestation (additional signatures)
Record generation Needs to involve the potential repudiator Autonomous generation or by trusted third party
Record distribution To trusted third party or to person requesting non-
repudiation. Record verification Record retention
Non-Repudiation of Origin:Mechanisms Originator’s Digital Signature with
Certificate Message Digital Signature: Hash of Message encrypted
with private key of originator. Certificate of Digital Signature: Certificate by
trusted party containing public key of originator. Key-Revocation Possibility:
Time of key revocation is crucial, message needs to contain a time stamp.
Stored at recipient.
Non-Repudiation of Origin:Mechanisms
Digital Signature of a Trusted Third Party Originator sends message to trusted third
party and authenticates her/him-self. Trusted third party digitally signs the
message and returns it to the originator. Originator sends it to recipient. Recipient stores it.
Non-Repudiation of Origin:Mechanisms
Digital Signature of a Trusted Third Party Originator sends message to trusted third
party and authenticates her/him-self. Trusted third party digitally signs the
message and returns it to the originator. Originator sends it to recipient. Recipient stores it.
Non-Repudiation of Origin:Mechanisms Digital Signature of Message Hash
Digital signatures are compute-expensive. Calculate a secure hash of the message.
Hash is easy / fast to calculate Impossible to find other message with the same hash. WARNING: Analysis of secure hash functions is about a
decade behind analysis of encryption security. MD5, SHA1 are not yet broken
But less secure than thought SHA-2 family seems to be O.K. (2006)
Then use the various schemes to sign the hash.
Non-Repudiation of Origin
Transactional Certificate Only used for one transaction.
Originator provides: Message Hash of message, encrypted by private
key of originator. Signature of trusted party on originator
signature
Non-Repudiation of Origin
Inline trusted third party (Evidence stored) Originator sends message to trusted
third party. Trusted third party stores evidence of
transaction (signed message digest, time stamp)
Trusted third party forwards message.
Non-Repudiation of Delivery
Recipient Acknowledgment with Signature Recipient signs digest of received
message and sends it back to the sender.
“Reluctant recipient problem”
Non-Repudiation of Delivery Trusted Delivery Agent
Akin to process server Police officer, deputy delivering summons
or subpoena. Delivery agent is trusted when
attesting to handing message to recipient
Delivery agent signs digest of message and returns it to sender after handing it to the receiver.
Non-Repudiation of Delivery
Progressive Delivery Reports Mail transfer protocol hands messages
from one mail server to the next. Possible to send reports from each
mail server.
E-mail header has a record of those hand-offs
Unfortunately, these might be faked, too.
Email Protocols: SMTP Server used to fakemail
To: [email protected]: [email protected]
This is a spoofed message.
From [email protected] Tue Dec 23 17:25:50 2003Return-Path: <[email protected]>Received: from Xavier (dhcp-19-226.engr.scu.edu [129.210.19.226])by server4.engr.scu.edu (8.12.10/8.12.10) with ESMTP id hBO1Plpv027244for <[email protected]>; Tue, 23 Dec 2003 17:25:50 -0800Received: from mail pickup service by Xavier with Microsoft SMTPSVC;Tue, 23 Dec 2003 17:25:33 -0800To: [email protected]: [email protected]: <XAVIERZRTHEQXHcJcKJ00000001@Xavier>X-OriginalArrivalTime: 24 Dec 2003 01:25:33.0942 (UTC) FILETIME=[D3B56160:01C3C9BC]Date: 23 Dec 2003 17:25:33 -0800X-Spam-Checker-Version: SpamAssassin 2.60-rc3 (1.202-2003-08-29-exp) onserver4.engr.scu.eduX-Spam-Level:X-Spam-Status: No, hits=0.3 required=5.0 tests=NO_REAL_NAME autolearn=noversion=2.60-rc3
This is a spoofed message.
Non-Repudiation of Submission
Messages are handled by a delivery system Not under control of sender Reasonably efficient in sending
messages Delivery system can send receipt
to sender.
Non-Repudiation
Trusted Third Party Role Public-key certification Identity and authority validation
By (co)signing Time stamping service Records retention Delivery intermediation Dispute resolution