Domain 1 · 1.2 Fundamental Security Concepts

1.2.2 Non-repudiation

14 min

Non-repudiation → proof that a specific subject performed an action and cannot later deny it.

Critical for: - Electronic contracts - Banking & e-commerce - PKI and legal systems - Auditing

How it's achieved

  • Digital signatures
  • Public Key Infrastructure (PKI)
  • Certificates
  • Cryptographic keys
  • Audit logs
  • Timestamps

Example

A CEO signs a document with their private key. They later deny it → the digital signature proves they signed it.

Exam pitfall

  • Authentication → proves *who you are* at login
  • Non-repudiation → proves *you did this action* and can't deny it