Geek Answers Handbook

Symmetric and asymmetric ciphers, non-repudiation?

I read about Wikipedia " However, symmetric ciphers can also be used for rejection purposes according to ISO 13888-2."

Then again, and I read on another wiki page: “Non-refusal, or rather, refusal of denial of origin, is an important aspect of digital signatures. Through this property, the organization that signed some information cannot later ban the subscription. Similarly, access to the public key does not allow a fraudulent party to forge a valid signature. This is in contrast to the symmetric systems, where both the sender and recipient have the same secret key and, therefore, third party dispute can not determine which The object is the true source of the information. "

This means that one page says that symmetric algorithms are non-repudiation, and the other page says that they do not, and therefore they are not used for digital signatures. So symmetric keys have no failures or not? It makes sense that they cannot be used for signature and non-repudiation, since the symmetric keys are the same, and therefore the system cannot distinguish which one belongs to whom and who is the first, etc. In this case, I believe that symmetric keys are only a tool for confidentiality and are not used for non-repudiable or digital signatures.

+6
encryption
source share
3 answers

I think the answer depends on whether the shared key is publicly available or not. If the parties agree with a public source (third party) on their common key, there is a rejection of origin.

+2
source share

ISO 13888-2 provides structures and protocols that can be used to implement rejection services in the context of symmetric methods. However, all these “tricks” rely on the existence of a trusted third party.

The point of Wikipedia’s second quote on the issue is that asymmetric key systems essentially [and without the need for thirties] offer rejection functions (in particular, NRO, that is, Origin non-negativity).

+2
source share

As for non-denial , the difficult part is that it is not a technical, but rather a legal term, and this causes a lot of misunderstandings if they are placed in a technical context. The fact is that you can always give up anything . And that is why there are courts.

In court, two parties clash and try to prove each other incorrectly, using evidence . This is where the technology goes, because it allows you to collect enough electronic evidence to prove that the party who is trying to deny the transaction, message, etc., is mistaken.

And this is exactly what the ISO 13888 series does in part 1: it provides recommendations on what evidence to collect and how to protect it, to maximize your chances of resisting the rejection of electronic transactions. This standard talks about several tokens that serve this purpose. For example, these tokens: identifiers of both sides, timestamps, message hashes, etc. He then describes in detail how you should protect these tokens so that they retain their value as evidence.

The other two parts (2 and 3) describe specific cryptographic methods that can be used to obtain tokens. Symmetric - these are only hashes with keys, if I remember correctly (for example, HMAC), while asymmetric digital signature.

+1
source share

More articles:


All Articles