What is the difference between authentication and nonrepudiation?

Authentication confirms the identity of a user or system. It verifies that someone is who they claim to be. For example, when you log into a computer system using a username and password, the system authenticates your identity.

Non-repudiation provides undeniable proof that an action occurred, preventing the originator from falsely denying that they performed the action. It ensures that the sender cannot later claim they did not send a message, and the receiver cannot claim they did not receive it. An example is a digital signature on an electronic contract, which proves the signatory's origin and the integrity of the document, making it impossible for them to deny signing it later. Authentication is often a prerequisite for effective non-repudiation. For more details on non-repudiation, you can refer to McCullagh and Caelli's work on Non-repudiation in the digital environment.