General Navigation Buttons - Home | Search | Contact Us | Site Map | Whats New
products graphic
white space
products
Software Technology Roadmap
What's New
Background & Overview
Technology Descriptions
Defining Software Technology
Technology Categories
Template for Technology Descriptions
Taxonomies
Glossary & Indexes
Feedback & Participation
Software Engineering Information Repository (SEIR)
white space
About SEI|Mgt|Eng|Acq|Collaboration|Prod.& Services|Pubs
pixel
Rollover Popup Hints for Topic Navigation Buttons above
pixel
Nonrepudiation in Network Communications


Status

Draft

Note

We recommend Computer System Security--An Overview as prerequisite reading for this technology description.

Purpose and Origin

The goal of nonrepudiation is to prove that a message has been sent and received. This is extremely important in C4I networks where commands and status must be issued and responded to, in banking networks where financial transactions must be verifiably completed, and in legal networks where signed contracts are transmitted. The Trusted Network Interpretation of the Trusted Computer System Evaluation Criteria (the Red Book) defines the requirement for the military environment. Current technology to accomplish this involves a central authority that verifies and time stamps digital signatures. The technologies for digital signatures have existed since the development of Public Key Cryptography in the late 1970s.

Technical Detail

Three parties are involved in current nonrepudiation schemes: the message sender, the message arbitrator, and the message receiver. The sender creates a message and creates and appends a public key encryption based digital signature to the message. The sender appends identifying data to the message and signs it again. The sender then transmits the message over the network to the arbitrator. The arbitrator verifies the sender's signature and identifying data. The arbitrator then adds a time stamp to the message and signs it. The message is then sent to both the sender and the receiver. The receiver verifies the arbitrator's signature and the sender's signature. The sender verifies the message transmitted by the arbitrator as a copy of the one the sender originally sent. If it does not verify or the sender did not send an original message, the arbitrator is notified immediately. This prevents someone from pretending to be the sender and transmitting a message to the receiver. The arbitrator keeps a record of expired or compromised secret keys to use in the verification process. This whole technology process assures the receiver that the message came from the indicated source and records the time that the message was sent from the sender to the receiver. The sender can not claim to not have sent the message nor that a lost cryptographic key was used. The message sender, arbitrator, and receiver can be implemented in software in different parts of the network.

Usage Considerations

This technology introduces considerable overhead in the processing of messages. Not only are there creation and verification additions at each end of the transmission but the third party arbitrator processing adds additional overhead and delay. The additional overhead should be considered in the design of the system that uses the technology. This technology may provide the only assured means to identify a source of a message on a network and associate it with a time. The same technology can be used to validate an acknowledgment message.

Maturity

The components of this technology are mature and are used in networks consisting of PCs, workstations, or mainframes.

Costs and Limitations

Using this technology requires knowledge of digital signature algorithms, public key encryption, one-way hashing algorithms and the means of protecting the related keys from inadvertent or malicious compromise.

Dependencies

Successful use of this technology requires the generation and distribution of public keys and the generation and protection of secret keys.

Alternatives

A less secure alternative is to use a time stamp in the senders signature without using a central arbitrator. This is less secure because the sender could claim that someone else sent the message with a stolen or lost key.

Complementary Technologies

Complementary technologies include one-way hashing, digital signatures, and public key cryptography.

Index Categories

This technology is classified under the following categories. Select a category for a list of related topics.

Name of technology

 Nonrepudiation in Network Communications

Application category

 System Security (AP.2.4.3)

Quality measures category

 Integrity (QM.2.1.4.1.1)
Trustworthiness (QM.2.1.4)

Computing reviews category

 Computer-Communications Networks Security and Protection (C.2.0)
Security and Protection (K.6.5)

References and Information Sources

[Abrams 95] Abrams, Marshall D.; Jajodia, Sushil; & Podell, Harold J. Information Security An Integrated Collection of Essays. Los Alamitos, CA: IEEE Computer Society Press, 1995.
[Schneier 96] Schneier, Bruce. Applied Cryptography. New York, NY: John Wiley & Sons, 1996.
[White 96] White, Gregory B.; Fisch, Eric A.; & Pooch, Udo W. Computer System and Network Security. Boca Raton, FL: CRC Press, 1996.

Modifications

10 Jan 97 (original)
The Software Engineering Institute (SEI) is a federally funded research and development center sponsored by the U.S. Department of Defense and operated by Carnegie Mellon University.

Copyright 2007 by Carnegie Mellon University
Terms of Use
URL: http://www.sei.cmu.edu/str/descriptions/nonrep_body.html
Last Modified: 11 January 2007