[Cisspstudy] Authenticity, Proof of origin and non-repudiation
Andrea Gatta
andrea.gatta at gmail.com
Sun Oct 11 06:06:18 EDT 2009
Hi,
proving that a message came from the owner of the private key usually refers
to as proof of origin.
First question: is proof of origin the same as authenticity ? I would say
so.
Second question: does authenticity provide non-repudiation ? I wouldn't say
so.
Thinking about it I would say that non-repudiation does not just neeed proof
of origin of the message but additionally the message must have not been
tampered with while in transit. Following this line of reasoning private key
encryption would not be enough to provide non-repudiation but actually
digital signature is needed (one-way hash of a message, THEN the message is
encrypted with the sender's private key).
Correct ?
Thanks,
Andrea
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20091011/d773ecbe/attachment.html>
More information about the cisspstudy
mailing list