Non-repudiation services are designed to generate, collect, maintain, utilize and verify evidence about a generated event or action in order to resolve disputes that that event or action has or has not occurred. This section describes the general structure used for non-repudiation services, as well as some specific, communication-related mechanisms for providing non-repudiation of origin (NRO), non-repudiation of delivery (NRD), non-repudiation of submission (NRS) and transmission Non-repudiation (NRT), etc. Other non-repudiation services can be constructed using the general structure described in Clause 8 to meet the requirements of the security policy. This section relies on trusted third parties to prevent fraudulent repudiation. An online trusted third party is generally required. The protocol provided by the non-repudiation mechanism is used to exchange non-repudiation tokens stipulated by various non-repudiation services. The non-repudiation token used in this section consists of a security envelope and additional data. The non-repudiation token is stored as non-repudiation information for later use in case of disputes. Depending on the effective non-repudiation policy of a particular application and the legal environment in which the application operates, non-repudiation information may include the following additional information: a) Evidence including a trusted timestamp provided by a timestamping authority. b) Evidence provided by a notary to ensure that an action or event was performed or participated in by one or more entities. Non-repudiation can only be effective within the scope of a clearly defined security policy under a specific application and its legal environment.
GB/T 17903.2-2008 Referenced Document
GB 15852-1995 Information technology--Security techniques--Data integrity mechanism using a cryptographic check function employing a block cipher algorithm
GB/T 15843.4-1999 Information technology-Security techniques-Entity authentication-Part 4: Mechanisms using a cryptographic check function
GB/T 17903.1-2008 Information technology. Security techniques. Non-repudiation. Part 1: General
GB/T 18238.1-2000 Information technology-Security techniques-Hash-function-Part 1:General
GB/T 17903.2-2008 history
2021GB/T 17903.2-2021 Information technology—Security techniques—Non-repudiation—Part 2: Mechanisms using symmetric techniques
2008GB/T 17903.2-2008 Information technology. Security techniques. Non-repudiation. Part 2: Mechanisms using symmetric techniques
1999GB/T 17903.2-1999 Information technology-Security techniques-Non-repudiation-Part 2: Mechanisms using symmetric techniques