PKI systems made available to users of unsecured public networks such as the Internet are an example of a secure infrastructure designed and made available to provide digitally secure TTP. The CCI consists of a secure computer system that acts as a certification body (CA) to issue and verify digital certificates. Digital certificates contain the public key and other credentials needed to verify the validity of the certificate. As long as trust in the CERTIFICATION BODY is maintained (and therefore trust in the security of the private key), the digital certificates issued by the CERTIFICATION BODY and the documents it has signed remain trustworthy. As long as trust is assured, the certification body acts as a TTP and ensures the non-neutrality of signatures created by entities with digital certificates issued through the certification body. In their paper “Non-Repudiation in the Digital Environment”, Adrian McCullagh and William Caelli presented an excellent review of the traditional non-rejection model and current trends for non-technical crypto-technical rejection. The document was published online by First Monday – you can find it at www.firstmonday.dk/issues/issue5_8/mccullagh/index.html. Ineligibility is the property of consent to compliance with an obligation. Specifically, it is the inability to disprove responsibility. For example, if you take a pen and sign a (legal) contract, your signature is an ineligibility device. Thereafter, you may not contradict or refute the terms of the contract to retake any part of the agreement. Common methods of digital communication or storage are message authentication codes (MACs) that are useful when communicating parties have agreed to use a common secret they both own and Digital Signatures, a more powerful tool that enables innoceillability in a publicly verifiable way.
Note that the goal is not to achieve privacy: in both cases (MAC or digital signature), it is enough to hang a day on the otherwise clear and visible message. If privacy is required, an encryption scheme can be combined with the digital signature or some form of authenticated encryption can be used. Digital origin verification means that the certified/signed data likely comes from someone who has the private key corresponding to the signing certificate. If the key used for the digital signature of a message is not properly protected by the original owner, a digital counterfeit can occur. [5] Ineligibility provides protection against a person who wrongly denies having performed a particular act. It is used to determine whether a particular person has exhausted a specific action, such as creating information, sending a message, authorizing information, and receiving a message. For example, unshakability protects individuals from subsequent claims by an author, not having written a particular document, a sender, a message for not sending, a recipient, a message for not receiving a message, or a signer for not signing a document. With this and other possible attacks on private keys, it becomes difficult, according to the common law position, for someone trying to prove the identity of an alleged signatory.
This common law position was established and established in a paper-based environment, where the certificate became the trust mechanism used to prevent non-denial of a signature. However, for a digital signature to be valid, it must be created by a fully reliable mechanism. . . .