Non-repudiation is the security principle that prevents a sender from denying having performed a specific action, such as sending a message or approving a transaction. In CEH-aligned cryptography, non-repudiation is most commonly achieved using digital signatures backed by public key cryptography and, in many real-world deployments, supported by digital certificates and a trusted certificate authority. When Alice digitally signs the email contract, she uses her private key to create a signature that is mathematically tied to both her identity and the exact content of the message. Bob can then use Alice’s corresponding public key to verify the signature. If verification succeeds, it provides strong evidence that the message originated from the holder of Alice’s private key and that the content has not been altered since it was signed.

This is different from confidentiality, which is about preventing unauthorized disclosure of message contents through encryption. It is also distinct from integrity alone: integrity ensures the message was not modified, but non-repudiation adds accountability by binding the action to a specific signer in a way that can be demonstrated to a third party. Availability is unrelated here, as it concerns ensuring systems and data are accessible when needed.

CEH materials emphasize that non-repudiation depends on proper key management and trust infrastructure. If Alice’s private key is compromised, the evidentiary value is weakened. Therefore, protecting private keys with secure storage, access controls, and revocation mechanisms is essential to preserve non-repudiation.