On Sunday 13 January 2008 12:28:30 pm Kelly Robinson wrote:
> Lets say I send a message to you, encrypted with a symmetric key. You
> decrypt the message and find it is a purchase order for an expensive
> item in the workplace.
>
> When the time comes to deliver the item, I deny ever placing the order.
>
> Is it possible for you to prove to a third party that I sent the order?
Not without some kind of signature process. Anything symmetric isn't going to
support non-repudiation, because the recipient could fake it.
> Lets say I send a message to you, encrypted with a symmetric key. You
> decrypt the message and find it is a purchase order for an expensive
> item in the workplace.
>
> When the time comes to deliver the item, I deny ever placing the order.
>
> Is it possible for you to prove to a third party that I sent the order?
Not without some kind of signature process. Anything symmetric isn't going to
support non-repudiation, because the recipient could fake it.
Brad
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQBHiyCxGwwszQ/PZzgRAl4iAJ9VCm6EcxdF6p+82lPCVLtgNyPgowCfYK0F
Wk9GbpqzlcWsJXQyl2OHmMw=
=PjNq
-----END PGP SIGNATURE-----
[ reply ]