GB/T 17903.2-2008
Information technology. Security techniques. Non-repudiation. Part 2: Mechanisms using symmetric techniques (English Version)

Standard No.
GB/T 17903.2-2008
Language
Chinese, Available in English version
Release Date
2008
Published By
General Administration of Quality Supervision, Inspection and Quarantine of the People‘s Republic of China
Status
 2022-05
Replace By
GB/T 17903.2-2021
Latest
GB/T 17903.2-2021
Replace
GB/T 17903.2-1999
Scope
Non-repudiation services are designed to generate, collect, maintain, utilize and verify evidence about a generated event or action in order to resolve disputes that that event or action has or has not occurred. This section describes the general structure used for non-repudiation services, as well as some specific, communication-related mechanisms for providing non-repudiation of origin (NRO), non-repudiation of delivery (NRD), non-repudiation of submission (NRS) and transmission Non-repudiation (NRT), etc. Other non-repudiation services can be constructed using the general structure described in Clause 8 to meet the requirements of the security policy. This section relies on trusted third parties to prevent fraudulent repudiation. An online trusted third party is generally required. The protocol provided by the non-repudiation mechanism is used to exchange non-repudiation tokens stipulated by various non-repudiation services. The non-repudiation token used in this section consists of a security envelope and additional data. The non-repudiation token is stored as non-repudiation information for later use in case of disputes. Depending on the effective non-repudiation policy of a particular application and the legal environment in which the application operates, non-repudiation information may include the following additional information: a) Evidence including a trusted timestamp provided by a timestamping authority. b) Evidence provided by a notary to ensure that an action or event was performed or participated in by one or more entities. Non-repudiation can only be effective within the scope of a clearly defined security policy under a specific application and its legal environment.

GB/T 17903.2-2008 Referenced Document

  • GB 15852-1995 Information technology--Security techniques--Data integrity mechanism using a cryptographic check function employing a block cipher algorithm
  • GB/T 15843.4-1999 Information technology-Security techniques-Entity authentication-Part 4: Mechanisms using a cryptographic check function
  • GB/T 17903.1-2008 Information technology. Security techniques. Non-repudiation. Part 1: General
  • GB/T 18238.1-2000 Information technology-Security techniques-Hash-function-Part 1:General

GB/T 17903.2-2008 history

  • 2021 GB/T 17903.2-2021 Information technology—Security techniques—Non-repudiation—Part 2: Mechanisms using symmetric techniques
  • 2008 GB/T 17903.2-2008 Information technology. Security techniques. Non-repudiation. Part 2: Mechanisms using symmetric techniques
  • 1999 GB/T 17903.2-1999 Information technology-Security techniques-Non-repudiation-Part 2: Mechanisms using symmetric techniques
Information technology. Security techniques. Non-repudiation. Part 2: Mechanisms using symmetric techniques

GB/T 17903.2-2008 -All Parts

GB/T 17903.1-2024 Information Technology Security Technology Non-repudiation Part 1: Overview GB/T 17903.2-2021 Information technology—Security techniques—Non-repudiation—Part 2: Mechanisms using symmetric techniques GB/T 17903.3-2024 Information technology Security technology Non-repudiation Part 3: Mechanisms using asymmetric technology


Copyright ©2024 All Rights Reserved