As a CISO, you frequently travel on business and connect to corporate mail servers through VPN for security. You’d like to send a strategic plan to the CEO from a luxury five-star hotel remotely. Which of the following best ensures non-repudiation of the email? (Wentz QOTD)
A. Asymmetric encryption using key pairs
B. Elliptic Curve Digital Signature Algorithm (ECDSA)
C. IPsec in transport mode using AH and certificates
D. IPsec in tunnel mode using ESP and shared secrets

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is B. Elliptic Curve Digital Signature Algorithm (ECDSA).

The Elliptic Curve Digital Signature Algorithm (ECDSA) is a legitimate digital signature algorithm approved by FIPS 186-4. It means ECDSA is technically strong enough and legally binding.

This Standard defines methods for digital signature generation that can be used for the protection of binary data (commonly called a message), and for the verification and validation of those digital signatures. Three techniques are approved.
(1) The Digital Signature Algorithm (DSA) is specified in this Standard. The specification includes criteria for the generation of domain parameters, for the generation of public and private key pairs, and for the generation and verification of digital signatures.
(2) The RSA digital signature algorithm is specified in American National Standard (ANS) X9.31 and Public Key Cryptography Standard (PKCS) #1. FIPS 186-4 approves the use of implementations of either or both of these standards and specifies additional requirements.
(3) The Elliptic Curve Digital Signature Algorithm (ECDSA) is specified in ANS X9.62. FIPS 186-4 approves the use of ECDSA and specifies additional requirements. Recommended elliptic curves for Federal Government use are provided herein.

An ECDSA key pair consists of a private key d and a public key Q that is associated with a specific set of ECDSA domain parameters; d, Q and the domain parameters are mathematically related to each other. The private key is normally used for a period of time (i.e., the cryptoperiod); the public key may continue to be used as long as digital signatures that have been generated using the associated private key need to be verified (i.e., the public key may continue to be used beyond the cryptoperiod of the associated private key). See SP 800-57 for further guidance.
ECDSA keys shall only be used for the generation and verification of ECDSA digital signatures.

Source: FIPS 186-4

Asymmetric Encryption Using Key Pairs

The private key or public key in a key pair used in asymmetric encryption is just a sequence of binary bits. Given a public key, you never know to whom it belongs. A public key packaged in a digital certificate signed by a trusted certificate authority does. A public key packaged in a digital certificate signed by a trusted certificate authority does. So, the public key alone can not be used for authentication and render non-repudiation.

IPsec and Non-repudiation

• Non-repudiation of packets from the technical perspective is far from the non-repudiation of messages from the legal perspective.
• In the early days, Cisco and RFC 1826 states that IPsec supports non-repudiation. However, subsequent RFCs (RFC 2403 and RFC 4302) subvert this point:

RFC 1826 for Non-repudiation

The Authentication Header is a mechanism for providing strong integrity and authentication for IP datagrams. It might also provide non-repudiation, depending on which cryptographic algorithm is used and how keying is performed. For example, use of an asymmetric digital signature algorithm, such as RSA, could provide non-repudiation.  (RFC 1826)

However, RFC 2403 and RFC 4302 subvert the statement that AH provides non-repudiation.

RFC 2402 for Authentication

The IP Authentication Header (AH) is used to provide connectionless integrity and data origin authentication for IP datagrams (hereafter referred to as just “authentication“), and to provide protection against replays.  (RFC 2402)

RFC 4302 for Integrity

The IP Authentication Header (AH) is used to provide connectionless integrity and data origin authentication for IP datagrams (hereafter referred to as just “integrity“) and to provide protection against replays. (RFC 4302)

Please refer to IPsec and Non-repudiation for details.

Reference

• Hotel rating
• RSA (cryptosystem)
• Non-repudiation
• IPsec and Non-repudiation

A BLUEPRINT FOR YOUR SUCCESS IN CISSP

My new book, The Effective CISSP: Security and Risk Management, helps CISSP aspirants build a solid conceptual security model. It is not only a tutorial for information security but also a study guide for the CISSP exam and an informative reference for security professionals.

• It is available on Amazon.
• Readers from countries or regions not supported by Amazon can get your copy from the author’s web site.

作為CISO，您經常出差並通過VPN連接到公司郵件服務器以確保安全。 您想從一家豪華的五星級酒店向CEO發送戰略計劃。 以下哪項最能確保電子郵件不可否認性？(Wentz QOTD)
A. 使用金鑰對(key pair)的非對稱加密
B. 橢圓曲線數字簽名算法 (ECDSA)
C. IPsec的傳輸(transport)模式及AH協定與憑證(certificates)
D. IPsec的通道(tunnel)模式及ESP協定與共享秘鑰(shared secret)