ROSEN: RObust and SElective Non-repudiation (for TLS)

Abstract

A versatile non-repudiation service that can be used directly and without application-specific modifications is desirable in many realistic use-cases. Since TLS is one of the most popular current means of secure communication, several proposals have been made for augmenting it with a general, flexible and efficient non-repudiation service. However, none of them offers sufficient robustness for scenarios that require high reliability. Also, they lack flexibility by requiring the party providing non-repudiable evidence to do so for all content transmitted within a given TLS session. In this paper, we propose ROSEN, an extension for TLS that provides non-repudiation using an efficient checkpointing mechanism that minimizes loss of evidence in the presence of faults in order to increase robustness and ensure reliability. In addition, ROSEN inherits privacy-preserving properties of prior methods and introduces selective non-repudiation which allows the party providing non-repudiable evidence to selectively and efficiently redact parts of the session so as to make them repudiable.