Discussion Forums

Information Security   < Previous   Next >

re: Non-Repudiation Discussion
besnainou sarah / reuters
7 Apr 2003 3:45PM ET

Hello,
I read the power point presentation written by MR Towsend and there is one point understand.
 
“Accidental” disclosure of private keys makes non-repudiation close to impossible to achieve.

How is it possible?

From what I know, non-repudiation in PGP and in SSL is provided by digital signature. The message goes through a hash function that produces the digest and the digest is encrypted with the Private key of the sender.
The recipient decrypt the digest with the sender's public Key, and then compares it with the one himself has computed with the hash function. and that provides non repudiation.

Is this sensitive for private key disclosure?
Why do we have to sign FIX messages with a shared secret instead of private key when we use PGP-DES-MD5?

thank you
Sarah

Non-Repudiation Discussion
Bob Lamoureux / Bridge Information Systems   15 Apr 1998 12:00PM ET

re: Non-Repudiation Discussion
Ryan Pierce / Townsend Analytics Ltd. / Archipelago LLC   27 Apr 1998 1:18PM ET

re: Non-Repudiation Discussion
Dwight Arthur / National Securities Clearing Corp   14 May 1998 3:57PM ET

re: Non-Repudiation Discussion
besnainou sarah / reuters   7 Apr 2003 3:45PM ET

re: Non-Repudiation Discussion
Ryan Pierce / Townsend Analytics Ltd. / Archipelago LLC   7 Apr 2003 5:14PM ET