What Does Nonrepudiation Mean?

Nonrepudiation is a method of guaranteeing message transmission between parties via digital signature and/or encryption. It is one of the five pillars of information assurance (IA). The other four are availability, integrity, confidentiality and authentication.


Nonrepudiation is often used for digital contracts, signatures and email messages.

By using a data hash, proof of authentic identifying data and data origination can be obtained. Along with digital signatures, public keys can be a problem when it comes to nonrepudiation if the message recipient has exposed, either knowingly or unknowingly, their encrypted or secret key.

Techopedia Explains Nonrepudiation

While nonrepudiation is a worthy electronic security measure, professionals in this arena caution that it may not be 100 percent effective. Phishing or man-in-the-middle (MITM) attacks can compromise data integrity. In addition, it is important to note that a digital signature is the same whether it is authentic or faked by someone who has the private key. This problem has been countered by the U.S. Department of Defense with the development of the common access card, a type of smart card designed for active duty military personnel, civilian personnel, the National Guard and others that are privy to confidential defense information.

Imagine receiving a harassing email from someone who denies sending the message. How do you determine the truth? Digital signatures prove the delivery and receipt of email transmissions, guaranteeing nonrepudiation.

Thus, nonrepudiation protects the recipient and the sender when a recipient denies receiving an email. Without nonrepudiation, an essential pillar of IA, information security would be significantly flawed.


Related Terms

Margaret Rouse

Margaret Rouse is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical, business audience. Over the past twenty years her explanations have appeared on TechTarget websites and she's been cited as an authority in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine and Discovery Magazine.Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages. If you have a suggestion for a new definition or how to improve a technical explanation, please email Margaret or contact her…