Nonrepudiation

Why Trust Techopedia

What Does Nonrepudiation Mean?

Nonrepudiation is a method of guaranteeing message transmission between parties via digital signature and/or encryption. It is one of the five pillars of information assurance (IA). The other four are availability, integrity, confidentiality and authentication.

Advertisements

Nonrepudiation is often used for digital contracts, signatures and email messages.

By using a data hash, proof of authentic identifying data and data origination can be obtained. Along with digital signatures, public keys can be a problem when it comes to nonrepudiation if the message recipient has exposed, either knowingly or unknowingly, their encrypted or secret key.

Techopedia Explains Nonrepudiation

While nonrepudiation is a worthy electronic security measure, professionals in this arena caution that it may not be 100 percent effective. Phishing or man-in-the-middle (MITM) attacks can compromise data integrity. In addition, it is important to note that a digital signature is the same whether it is authentic or faked by someone who has the private key. This problem has been countered by the U.S. Department of Defense with the development of the common access card, a type of smart card designed for active duty military personnel, civilian personnel, the National Guard and others that are privy to confidential defense information.

Imagine receiving a harassing email from someone who denies sending the message. How do you determine the truth? Digital signatures prove the delivery and receipt of email transmissions, guaranteeing nonrepudiation.

Thus, nonrepudiation protects the recipient and the sender when a recipient denies receiving an email. Without nonrepudiation, an essential pillar of IA, information security would be significantly flawed.

Advertisements

Related Terms

Margaret Rouse
Technology Specialist
Margaret Rouse
Technology Specialist

Margaret is an award-winning writer and educator known for her ability to explain complex technical topics to a non-technical business audience. Over the past twenty years, her IT definitions have been published by Que in an encyclopedia of technology terms and cited in articles in the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine, and Discovery Magazine. She joined Techopedia in 2011. Margaret’s idea of ​​a fun day is to help IT and business professionals to learn to speak each other’s highly specialized languages.