Computer Security
Computer Security- lecture 4
Non-repudiation
May be useful to look in comp sec book
“the ability to deny a false rejection or refusal of an obligation, with irrefutable evidence”
Protocols
Aim to collect evidence to prove that the other party did send or receive evidence
Note that the environment is passive, but participants may not be
Reliance on TTP server to verify information
Aims of non-repudiation
Produce evidence that is required
Evidence must be suitable
Agent behave in accordance?
B wants to prove a sent message happened
Would send evidence to A who sends message, to which B responds
Works for A in that A can show B received as B responded
So can see that A is sending a message which is signed to B
B is replying with signed message to say it has been received
Note both are encrypted- only the two know their own private keys
A then sends to the server, a signed message destined for B- which is a signed message with the Key K for B
The server sends this to B, including details that it came from A and was accepted by server
Server also bounces the message back to A- SAME message
So therefore there is proof that the message has been both sent A to B and received from B to A
Non-repudiation of origin
A sent message needs proof from B
So B has a signed message which is encrypted and a signature
This is the evidence B should produce to the environment to prove that A sent message
So B is sending the signed message which was sent to b and encrypted with private key by A
But also sends the servers a b message
So overall evidence from b is data 1 and 2 which shows sent message from A
After lecture: Can see the first sent information which shows that A sent a message which was encrypted with key K, we know that this message was sent by A due to A’s digital signature
Data two contains the key- from A to B and signed by Server who verifies it came from A
So B uses the key on the first message- and if it works then B knows that it was sent by A
So using data 1 to show the message is encrypted with key K
And then data 2 to decrypt the message with the details of key K sent by A
Then B can show the message must have come from A!
Explained again-
B receives signature and encrypted message
B also receieves the key to decrypt- signature
B uses key which is signed by A to decrypt message signed by A
Knows its by A as only A has key to encrypted message and has sent key to B
But what if A wants to prove B received
Would also have message which is encrypted FROM A
As well as digital signature
So A provides both of these showing that the message was sent by A and then signed by the server to say that B had received it
How to make this fair? Either bit of evidence shouldn’t be producible before a certain minimum amount of time
In essence; when the server has given its signature to both A and B, evidence can be produced
For showing that B received the message
A has the message from B which is signed by B with Kprb
Also has the signed message from server which is saying the key was sent to B and accepted by server
Can prove B received by showing the signature that b received encrypted message
Server response that B received the key
So therefore B received key and message!
Anonymity
Note that events that refer to identity of agents
Events’s that the environment observes
Second does not imply first- can observe event without knowing who is involved
The three cryptographers
Three cryptographers share a meal
End of each meal each cryptographer is informed in secret, whether they are to pay or not
Either at most one pays or else organisation will pay for all 3
Main goal is cryptographers to know who is paying or whether organisation is
But paying crypto to be anonymous
So they want to know whether one of them is paying or organisation, but keep identity of the one paying anonymous
So A sends message to C
A sends to B
C sends to B
So if 1 and 0s in diner setting
If number of 1s is even, organisation has paid
If odd, cryptographer
Thus observes the event but not the agent!
Comments
Post a Comment