Ned,
There are two things here:
Non-repudiation of receipt
*and*
Non-repudiation of message receipt
Yes. If I digitally sign a message/receipt, I cannot later repudiate. But, if
I receive a message, I can repudiate having received it by not signing a receipt
for it. Subtle, but I tend to characterize them differently.
Regarding your scenerio, the burden of proof has to rest on B. Lack of evidence
to the contrary, will most likely constitute as B cheating. If he really is
cheating, then he will be punished. The judge won't beleive his claim that he
did not receive E and A will be granted whatever the consequences for having the
receipt is. The fact that the judge won't believe B constitutes as B not being
able to repudiate the "message receipt". Lawyers?
I am glad you agree with me on the denial-of-service front.
Having signed a receipt for EM, B must either make sure he has E, *or* notify
a judge immediately. The receipt is all A needs to prove B received *or* is
capable of receiving the message M. That's all B-CEM is, assuming a trusted
third party. S-CEM requires no third party *during* the transaction.
Hope this helps,
Ali