Data integrity refers to the accuracy, legitimacy, and consistency of information in a system. When a message is sent, particularly using an untrusted medium, data integrity provides us confidence that the message wasn't tampered with. What Are Potential Causes of Illegitimate Data? Data integrity provides protection from a wide range of problems which involve data being mutated against the purposes of the system. Some potential problems include: - Bits of data sent over an imperfect medium can become corrupted. For example, a wireless signal could be lost temporarily, or a wire could experience a noisy electrical signal. Physical Accident - The software responsible for communicating the message could have bugs that unintentionally mutate a subset of messages. Digital Accident - A man-in-the-middle could be altering messages in order to confuse correspondents or learn valuable information. Malicious Actor Solution - Checksum A checksum solves all three of the potential data integrity problems listed above. A checksum is a value derived from the message data and can be transmitted separately. This means checksum for a given message will always be the same. deterministic The receiver of a message can generate a checksum from the message, and if the generated checksum matches the one that was sent then the message couldn't have been tampered with. It is important to note that if the medium over which the checksum was obtained is untrusted then a malicious actor alter the message and the checksum. It is common good practice to sign the checksum using a digital signature. The digital signature provides proof that the sender of the checksum is who they say they are. could What Makes a Good Checksum? There are many types of checksums, but the best checksums are typically . Hash functions which have the following properties make great checksums for validating data integrity: cryptographic hash functions - The hash of the same message will always be the same, no randomness Deterministic - computing a checksum shouldn't use unnecessary resources (A is an inefficient checksum) Fast KDF - The likelihood of two different messages creating the same checksum should be astronomically unlikely Rare collisions - The result of the hash (AKA the "digest") should be short - no need to waste a lot of data. Small The hash function is often used to create checksum digests. SHA-256 Example - Validating a Real Checksum A common use case for checksums is the verification of a download. In this example, we are going to download the Bitcoin Core node software and verify its integrity. For an updated version go or just follow along to use version 0.19.1. I will assume you are on Mac OS, for a different OS follow the instructions on the . here download page Downloa d the program Download the checksum Open a terminal and go to the downloads folder: ~ cd /Downloads Compute and print the checksum of the downloaded dmg file: shasum -a bitcoin -osx.dmg 256 -0.19 .1 Which should print: 206d8d92189d22e735393abebeb7a2e7237a119dd448b4a40df8c357da1287b2  bitcoin-0.19.1-osx.dmg Then print the downloaded (expected) checksum: cat SHA256SUMS.asc | grep bitcoin -osx.dmg -0.19 .1 Which should match: 206d8d92189d22e735393abebeb7a2e7237a119dd448b4a40df8c357da1287b2  bitcoin-0.19.1-osx.dmg If they match, congratulations! Your download has been verified. No man in the middle altered the program that you downloaded. Again, keep in mind that in order to verify that the checksum you were provided wasn't tampered with, you would need also to verify the . GPG signature Thanks For Reading Follow us on Twitter if you have any questions or comments @q_vault Take game-like coding courses on Qvault Classroom to our Newsletter for more educational articles Subscribe Previously published at https://qvault.io/2020/05/04/achieving-data-integrity-using-cryptography/

Data Integrity In Cryptography

About Author

Comments

TOPICS

THIS ARTICLE WAS FEATURED IN

Related Stories

Untitled Story

A Complete Overview of Cryptography

Can Data Automation Transform The Workplace?

06/09/2018: Biggest Stories in the Cryptosphere

06/02/2018: Biggest Stories in the Cryptosphere

05/02/2018: Biggest Stories in the Cryptosphere

A Complete Overview of Cryptography

Can Data Automation Transform The Workplace?

06/09/2018: Biggest Stories in the Cryptosphere

06/02/2018: Biggest Stories in the Cryptosphere

05/02/2018: Biggest Stories in the Cryptosphere

Light-Mode

Classic

Newspaper

Dark-Mode

Neon Noir

Minty

HN StartUps