Information AboutNon-repudiation |
| CATEGORIES ABOUT NON-REPUDIATION | |
| contract law | |
| computer security | |
|
Non-repudiation is the concept of ensuring that a Contract cannot later be denied by either of the parties involved. Non-repudiation is the opposite of Plausible Deniability . In regard to Digital Security , non-repudiation means that it can be verified that the sender and the recipient were, in fact, the parties who claimed to send or receive the message, respectively. In other words, non-repudiation of ''origin'' proves that data has been sent, and non-repudiation of ''delivery'' proves it has been received. Traditional methods such as Seal s or Signature s are vulnerable to Forgery . Digital transactions are also potentially subject to fraud, such as when computer systems are broken into or infected with Trojan Horses or Viruses , or the network connecting the systems allows for a Man-in-the-middle Attack . Participants can potentially claim such fraud to attempt to repudiate a transaction. When an engineer uses the term ‘non-repudiation’ in an engineering sense, they mean that there is a high (and specifiable) degree of probability that the protocol can demonstrate a document or message was sent or received by a particular computer. Many extend this logic from the engineering domain into the legal domain, by arguing that if the system can demonstrate a message or document was sent or received, then it should be for the recipient to demonstrate is was not sent or received by them. The technical purpose is to bind users to specific actions in such a way that if they deny taking the action, they either demonstrate an intention to deceive, or they have been negligent in failing to secure the use of their private key adequately. In legal terms, the meaning of ‘non-repudiation’ is different to that used in the engineering sense. A manuscript signature can be repudiated for a number of reasons, including that the signature is a forgery, or that, whilst not a forgery, the signature was obtained as a result of unconscionable conduct by a party to a transaction, fraud instigated by a third party or undue influence exerted by a third party. It is important to ensure the technical meaning does not override the need to restrain the meaning within a legal context. Where engineers use the term, it should not be mistaken that they are using it in a legal context, despite their misunderstanding that the term, in their view, should have a legal meaning. The term ‘non-repudiation’ in the engineering sense for technical purposes is a property, probably attained through cryptographic methods, which demonstrates the message was sent from a particular computer. SEE ALSO |
|
|