What is Non-Repudiation and why is it important?

What is it?

To understand what Non-repudiation is we must first understand what Repudiation is.

Repudiation means the denial of the truth or validity of something. So Non-repudiation must be the opposite - The inability to deny the truth or validity. These concepts are quite often seen in legal settings where the authenticity of contracts and signatures are in dispute.

So in the context of cyber security, Non-repudiation refers to the ability to prove the authenticity and integrity of a transaction or communication, and to prevent the parties involved from denying having taken part in it.

Why is this important?

Well, it allows us to hold individuals to account by knowing who did what and when they did it. Allowing us to trust the digital processes of everyday life.

For example:

• Proving somebody sent an email or text
• Proving who modified/deleted a file
• Proving an online transaction took place

If these digital processes and many others that we take part in every day were to be disputable then we would lose a lot of trust in our society and lose a lot of functions that make our lives much easier and convenient.

How do we achieve it?

Non-Repudiation is often enforced by a "third party" so that none of the parties involved can escape their side of the responsibility. A third party that is often used for online transactions is a "Digital Signature". We'll be writing a full article on what digital signatures are and how they work but essentially the signatures work using encryption to prove that a digital "message" was not modified since the time it was signed and sent by the sender using their private key. Therefore not allowing them to deny it was them who sent the message.

Subscribe to our free newsletter to be notified when we post about Digital Signatures and further interesting topics in the field of Cyber Security and Technology!