Editing Non-repudiation (section)

===In digital security===
In [[information security|digital security]], non-repudiation means:<ref>[https://firstmonday.org/ojs/index.php/fm/article/view/778/687 Non-Repudiation in the Digital Environment (Adrian McCullagh)]</ref>
*A service that provides proof of the [[Data integrity|integrity]] and [[Message authentication|origin of data]].
*An authentication that can be said to be genuine with high confidence.
*An authentication that the data is available under specific circumstances, or for a period of time: data availability.<ref name=FCDS20200718>{{cite book |chapter-url=https://dl.acm.org/doi/abs/10.1145/3318041.3355457 |date=18 July 2020 |pages=114–134 |last1=Yu|first1=Mingchao |last2=Sahraei|first2=Saeid |last3=Nixon|first3=Mark |last4=Han|first4=Song |title=Proceedings of the 1st ACM Conference on Advances in Financial Technologies |chapter=SoK: Sharding on Blockchain |doi=10.1145/3318041.3355457 |isbn=9781450367325 |s2cid=204749727 }}</ref>

Proof of data integrity is typically the easiest of these requirements to accomplish. A data [[Hash function|hash]] such as [[SHA2]] usually ensures that the data will not be changed undetectably. Even with this safeguard, it is possible to tamper with [[data in transit]], either through a [[man-in-the-middle attack]] or [[phishing]]. Because of this, data integrity is best assessed when the recipient already possesses the necessary verification information, such as after being [[Mutual authentication|mutually authenticated]].<ref>{{cite journal |last1=Chen |first1=Chin-Ling |last2=Chiang |first2=Mao-Lun |last3=Hsieh |first3=Hui-Ching |last4=Liu |first4=Ching-Cheng |last5=Deng |first5=Yong-Yuan |title=A Lightweight Mutual Authentication with Wearable Device in Location-Based Mobile Edge Computing |journal=Wireless Personal Communications |date=July 2020 |volume=113 |issue=1 |pages=575–598 |doi=10.1007/s11277-020-07240-2 |s2cid=218934756 }}</ref>

The common method to provide non-repudiation in the context of digital communications or storage is [[Digital Signature]]s, a more powerful tool that provides non-repudiation in a ''publicly verifiable'' manner.<ref>{{Cite journal |last1=Chia |first1=Jason |last2=Chin |first2=Ji-Jian |last3=Yip |first3=Sook-Chin |date=2021-09-16 |title=Digital signature schemes with strong existential unforgeability |journal=F1000Research |volume=10 |page=931 |language=en |doi=10.12688/f1000research.72910.1|pmid=36798451 |pmc=9925878 |doi-access=free }}</ref> [[Message Authentication Code|Message Authentication Codes (MAC)]], useful when the communicating parties have arranged to use a shared secret that they both possess, does not give non-repudiation. A misconception is that encrypting, per se, provides authentication "If the message decrypts properly then it is authentic", which is not the case. MAC can be subject to several types of attacks, like: message reordering, block substitution, block repetition, .... Thus just providing message integrity and authentication, but not non-repudiation. To achieve non-repudiation one must trust a service (a certificate generated by a trusted third party (TTP) called certificate authority (CA)) which prevents an entity from denying previous commitments or actions (e.g. sending message A to B). The difference between MAC and [[Digital Signature]]s, one uses symmetric keys and the other asymmetric keys (provided by the CA). Note that the goal is not to achieve confidentiality: in both cases (MAC or digital signature), one simply appends a tag to the otherwise plaintext, visible message. If confidentiality is also required, then an [[encryption]] scheme can be combined with the digital signature, or some form of [[authenticated encryption]] could be used.  Verifying the digital origin means that the certified/signed data likely came from someone who possesses the private key corresponding to the signing certificate. If the key used to digitally sign a message is not properly safeguarded by the original owner, digital forgery can occur.<ref>{{cite journal |last1=Wu |first1=Wei |last2=Zhou |first2=Jianying |last3=Xiang |first3=Yang |last4=Xu |first4=Li |title=How to achieve non-repudiation of origin with privacy protection in cloud computing |journal=Journal of Computer and System Sciences |date=December 2013 |volume=79 |issue=8 |pages=1200–1213 |doi=10.1016/j.jcss.2013.03.001 |doi-access=free }}</ref><ref>{{Cite web | url=https://crypto.stackexchange.com/questions/5646/what-are-the-differences-between-a-digital-signature-a-mac-and-a-hash/5647#5647?newreg=74e26dac0c5540b7bfb89fd3729ff958 | title=What are the differences between a digital signature, a MAC and a hash? }}</ref><ref>{{cite journal |last1=Sosin |first1=Artur |title=How to increase the information assurance in the information age |journal=Journal of Defense Resources Management |date=2018 |volume=9 |issue=1 |pages=45–57 |id={{ProQuest|2178518357}} |url=https://www.ceeol.com/search/article-detail?id=662913 }}</ref>