Nonrepudiation

1
Non-repudiation

• In digital world, non-repudiation refer to the
  inherent ability of a specific communication
  medium to prevent a party from denying that a
  specific message was sent or received
• Non-repudiation consists of the ability to prove
  successfully to a third party and after the fact
  that a specific communication originated with,
  was submitted by, or was delivered to a certain
  person
• Three variants
• non-repudiation of origin (NRO)
• non-repudiation of delivery (NRD)
• non-repudiation of submission (NRS)

2
Non-repudiation of Origin (NRO)

• Who create this document on a specific date/time?
• Protects recipient by providing proof for use in
  resolving disputes
• A sends a document M to B, potential disputes
• A denies sending M
• As version of M is different from Bs version of
  M
• As time stamp of sending M is different from Bs
• potential reasons
• A is lying
• B is lying
• There is a serious error in the communication
  channel
• Some interloper has deceived A and B

3
NRO (continued)

• Key point is whether B can show evidence about A
  sends M. To do so, B must know the following,
  and able to link them up
• the id of the sender
• the content of M
• B may need extra information
• the date and time when M is sent
• the id of the intended recipient
• the id of any trusted third party involved in
  generating the evidence of linkage of above items

4
Non-repudiation of Delivery (NRD)

• Have recipient received originator's message on a
  specific date/time?
• Protects originators by providing proof for use
  in resolving disputes
• A sends a document M to B, potential disputes
• B claims not receiving M
• B claims receiving a different version of M
• Bs time stamp of getting M is different from As
• potential reasons
• A is lying
• B is lying
• There is a serious error in the communication
  channel
• Some interloper has deceived A and B

5
NRD (continued)

• Key point
• Can A show evidence of B receives M
• A must know and show the linkage of
• The ID of recipient
• The content of M
• A may also need information about
• The date and time when M is sent
• ID of the sender
• ID of any trusted third party involved in
  generating the evidence of linkage of above items

6
Non-repudiation of Submission (NRS)

• Do recipient know that originator had sent him a
  message on a specific date/time?
• Similar to non-repudiation of delivery, to
  protect the sender
• Useful in case where timing of the transmittal of
  a message is critical to its legal effect
• A sends a document M to B, potential disputes
• B claims not receiving M since A had not sent M
• B claims A had not sent M on a specific date and
  time
• Key point
• Can A show evidence of A sends M on a specific
  date/time

7
NRS (continued)

• Potential reasons
• A is lying
• B is lying
• There is a serious error in the communication
  channel
• Some interloper has deceived A and B
• The situation can be A sends M, but B does not
  receive M
• due to transmission error or interloper
• Important for cases like
• Submission of acceptance for an offer implies
  that the contract is formed
• Timing of the transmittal is critical to its
  legal effect

8
Sequence of Activities

• Prevention of disputes
• service request
• either embedded in the e-commerce protocol, or
  have to be requested explicitly in advance
• e.g. A website should state clearly that
  non-repudiation techniques are applied to all
  orders and that no order will be deemed to create
  a valid and enforceable contract unless it
  employs proper non-repudiation protocols
• evidence generation
• the potential repudiator will generate the
  evidence
• e.g. give a digital signature based on a public
  key system
• done autonomously, or involve a 3rd party
• usually include proof of time and date

9
Sequence of Activities (continued)

• evidence transfer
• direct transfer/via trusted third party
• evidence verification
• the record supplied is sufficient to provide
  support for non-repudiation in the event a
  dispute arises
• usually embedding in the e-commerce protocol
• evidence retention
• saving evidence, public-key cert, etc
• a trusted third party may undertakes the
  archiving role
• Diminish any doubts regarding the trustworthiness
  of the evidence
• Dispute resolution
• convince a third party by evidences

10
NRO Mechanisms

• Originators Digital Signature
• Record retained by recipient
• Message, digital signature, public key cert, and
  CRL

Verify
Sign
Originator
Store
Data
TTP
Signature
Recipient
Certificate
CRL
11
NRO Mechanisms (continued)

• Digital Signature of a Trusted Third Party
• TTP authenticates Originator before signing
  message
• Originator send message to a TTP and signed by
  the TTP
• Recipient retains the message and TTP's signature
• Advantage over Originators Digital Signature
• Easier to manage public key cert and CRL of the
  TTP
• TTP can timestamp the message as well
• Digital Signature of TTP on Digest
• Originator send message digest and ID of hash
  algorithm to a TTP, and signed by the TTP
• TTP's signature, message digest and ID of hash
  function are sent to recipient
• Advantages
• Reduce traffic from originator to TTP
• TTP does not know the message

12
TTP Signature
Verify
Originator
Store
Data
Recipient
Sign
Signature
TTP
13
TTP Signature (continued)

• Inline Trusted Third Party
• Insert a trusted third party into the
  communication path between the originator and
  recipient
• Inline TTP evidence stored
• TTP captures message and retains a record to
  support non-repudiation
• Inline TTP evidence forwarded
• TTP captures, signs, and forwards the message
  together with TTP's signature
• Do not need originator's signature

14
Inline TTP
Originator
Recipient
Store
Generate evidence
15
Inline TTP (continued)

• Trusted Third-Party Token
• Use symmetric cryptography instead of public key
  sys
• A token
• a check-value (e.g. MAC) generated from the
  message (or its digest), id of originator, time
  stamp, , and a secret key known only to the TTP
• Originator sends message and other info to TTP
  for generation of token
• Recipient, after receiving message and token from
  originator, sends token to TTP for verification
  recipient then archives message and token
• Originator/recipient to TTP traffic needs
  authentication and integrity control
• Different mechanisms can be combined

16
NRD Mechanisms

• Recipient acknowledgement with signature
• The message digest from the originator and other
  information signed by recipient
• Ex. Secure receipt by Outlook
• Retains acknowledge message, signature, cert and
  CRL
• Recipient acknowledgement with Token
• Use symmetric integrity check-value, like the
  TTP token to provide NRO
• Trusted Delivery Agent
• TTP as delivery agent
• TTP sends ack after recipient received the
  message
• It aims to solve the problem of reluctant
  recipient, who does not ack, or not in a timely
  fashion

17
Recipient Signature for NRD
Sign
Verify
Recipient
Store
Data
TTP
Signature
Originator
Certificate
CRL
18
NRS Mechanisms

• All NRD services with the transporting party
  replacing the recipient can provide NRS
• Typical way is that transporting party sends
  acknowledgement by a digital signature

19
Trusted Third Party (TTP)

• Why TTP?
• Dispute arbitrator will likely give greater
  weight to evidence generated and retained by a
  TTP
• Requirements
• independence
• neutrality
• reliability
• Acceptance by all participants
• How to become a TTP?
• Explicit means formal contract
• Implicit means regulation, treaty
• Common TTP
• Government or government related bodies
• Private organization acceptable in the community

20
Roles of TTP in Non-repudiation

• Public key certification
• Validity period, certification policy, key usage
  field
• Identity confirmation
• Time-stamping
• ensuring an accurate time (up to a standard) is
  demanding in technology and administration,
  better done in TTP than end-users
• time-stamping usually comes with other TTP
  services
• Evidence retention
• more suitable for long period archival
• Delivery intermediation
• kind of providing a quality of services
• Dispute resolution

21
Dispute Resolution

• Non-repudiation procedures is able to prevent
  disputes
• When a dispute arises, it has to be resolved
• retrieval of evidence
• presentation of evidence to the involved parties
• presentation of the matter before arbiter (e.g.
  judge)
• dispute resolution mechanism's decision

22
Dispute Resolution (continued)

• Technology-based evidence
• whether the evidence (an electronic record) is
  admissible
• Who generated the evidence
• The evidence was transferred in a proper chain of
  custody
• The system of receipt, storage, retrieval, and
  display do not result in deviation from the
  original message
• can be solved with more recognition on public key
  cryptography
• Legislation may recognize trustworthy digital
  signatures as self-authenticating
• Legislation may provide certain presumptions
  regarding the admissibility of digital evidence

23
Electronic Signature Laws
24
Legal Challenges in E-commerce

• Enforceable transaction often include controls,
  such as
• Signature, to evidence agreements
• Time / date stamping, to provide proof of
  dispatch, submission, delivery, receipt, and
  acceptance
• In some cases, witnesses, notaries, or other
  TTP's, to acknowledge and authenticate
  transactions
• Legal challenges in e-commerce
• Satisfying traditional legal requirements for
  reduction of agreements to signed writings
• Applying legal rules of evidence to
  computer-based information
• Interpreting, adapting, and complying with many
  other existing legal standards in the context of
  e-commerce

25
Electronic Signature Law

• Electronic form discrimination
• Some types of enforceable contract need to
  satisfy the statute of frauds
• The statute of frauds requires a writing and
  signature
• Transactions and records are denied legal effect
  or enforceability solely because of their
  electronic form
• Electronic signature law ensure transactions and
  records conducted electronically are not the
  subject of discrimination
• Electronic signature laws can effectively resolve
  many legal uncertainties
• For example Whether certain electronic
  communications satisfy "writings" requirement

26
Electronic Signature Law (continued)

• UN Model Law on Electronic Commerce
• technology-neutral approach that focused
  generally on all types of electronic signatures
• Promulgated by UN Commission on International
  Trade Law ( UNCITRAL) in 1996
• Many jurisdictions worldwide have adopted rules
  based on this model low
• Adopted by Argentina, Bermuda, Colombia, Hong
  Kong, South Korea, and Singapore
• A majority of the states in US are considering a
  model law influenced by UN Model Law and Uniform
  Electronic Transaction Act (UETA)
• EU Electronic Signature Directive incorporates
  the broad, technology-neutral approach of the UN
  Model Law but also addresses specifically
  "secure-signature" technologies (such as digital
  signatures)
• Influenced legislation in other jurisdictions,
  including Australia, Canada, France

27
Federal E-Sign Act

• E-Sign was signed by President Clinton in 2000
• A copy of this act are in the textbook, appendix
  B
• It prohibits discrimination against electronic
  signature and records
• E-Sign grants electronic signatures and documents
  equivalent legal status with traditional
  handwritten signatures
• E-Sign is technology-neutral
• the parties entering into electronic contracts
  can choose the system they want to use to
  validate an online agreement.
• E-Sign does not apply to some documents
• wills and trusts, family law matters, much of
  Uniform Commercial Code (UCC), court orders,
  notices and official court documents, essential
  notices

28
Federal E-Sign Act (continued)

• The principles specified in Federal E-Sign
• The removal of paper-based obstacles to
  e-commerce by adopting relevant principles from
  the UN Model Law on E-Commerce
• The ability for parties to a transaction to
  "determine the appropriate authentication
  technologies and implementation models for their
  transaction, with assurance that those
  technologies and implementation models will be
  enforced"
• The ability for parties to a transaction to "have
  the opportunity to prove that their
  authentication approaches and their transactions
  are valid
• A "nondiscriminatory approach to electronic
  signatures and authentication methods from other
  jurisdictions"

29
Digital Signature Laws

• Digital signature legislation
• Electronic communication and records that are
  signed with digital signature are, under certain
  circumstances, at least legally valid and
  enforceable as traditionally signed documents
• Comprehensive PKI legal regimes
• CA quality and trustworthiness
• Liability of the parties
• Specific PKI component requirements
• Utah was the first jurisdiction to enact digital
  signature legislation in May 1995
• California followed in September 1995
• The US Congress declined to adopt a federal
  digital signature law, opting instead to pass the
  Federal E-Sign Act

30
Digital Signature Laws (continued)

• Minimalist approach
• briefly provides legal validity of electronic
  documents, and delegate rule-making authority to
  an appropriate administration
• E.g. California digital signature act
• As simple as less than one page (Textbook p304)
• Disadvantage without addressing the technical
  issues, some points may be missed

31
Digital Signature Laws (continued)

• Requirements of digital signature (California
  Act)
• The use of a digital signature shall have the
  same force and effect as the use of a manual
  signature if and only if it embodies all of the
  following attributes
• It is unique to the person using it.
• It is capable of verification.
• It is under the sole control of the person using
  it.
• It is linked to data in such a manner that if
  data are changed, the digital signature is
  invalidated.
• It conforms to regulations adopted by the
  Secretary of State.

32
Digital Signature Laws (continued)

• Comprehensive Approach
• Covers many aspects of the problem in details
• e.g. Utah Digital Signature Act, with five major
  parts and many details
• Part 1. Title, Interpretation, and Definitions
• Part 2. Licensing and Regulation of CA's
• Part 3. Duties of CA and Subscriber
• Part 4. Effect of a Digital Signature
• Part 5. State Services and Reorganized
  Repositories
• Some people worry that it is premature to
  legislate liability schemes as digital signature
  technology and public key infrastructure are
  simply too new and not well understood

33
Digital Signature Laws (continued)

• Requirements of digital signature (Washington
  Act)
• The digital signature is verified by reference to
  the public key listed in a valid certificate
  issued by a licensed CA
• The digital signature was affixed by the signer
  with the intention of signing the message
• The recipient has no knowledge or notice that the
  signer either
• breached a duty as a subscriber or
• does not rightfully hold the private key used to
  affix the digital signature

34
Next Session Highlights

• Electronic Payment Systems