v3n2 Hash Algorithm in Verification of Certificate Data Integrity and Security
v3n2 Hash Algorithm in Verification of Certificate Data Integrity and Security
DOI: https://doi.org/10.34306/att.v3i2.212
Abstract
The hash function is the most important cryptographic primitive function and is an
integral part of the blockchain data structure. Hashes are often used in cryptographic
protocols, information security applications such as Digital Signatures and message
authentication codes (MACs). In the current development of certificate data security, there are
2 (two) types of hashes that are widely applied, namely, MD and SHA. However, when it
comes to efficiency, in this study the hash type SHA-256 is used because it can be calculated
faster with a better level of security. In the hypothesis, the Merkle-Damgård construction
method is also proposed to support data integrity verification. Moreover, a cryptographic hash
function is a one-way function that converts input data of arbitrary length and produces output
of a fixed length so that it can be used to securely authenticate users without storing
passwords locally. Since basically, cryptographic hash functions have many different uses in
various situations, this research resulted in the use of hash algorithms in verifying the integrity
and authenticity of certificate information.
1. Introduction
Authenticated encryption scheme is an important issue of certificate data security. It is
necessary to ensure that data is sent to the specified recipient securely over the network. In
general, such transactions should achieve good confidentiality and authenticity [1]. To
overcome this convenience problem, a hash algorithm in the blockchain is used, where the
digital platform allows the only valid and verified transactions. Hash is designed to find
duplicate nodes on certificates issued in the same ledger and can achieve trusted transactions
in P2P networks over the internet [2]. The hash algorithm is the most important cryptographic
primitive function, an integral part of the blockchain data structure. Hashes are often used in
cryptographic protocols, information security applications such as Digital Signatures and
message authentication codes (MACs) [3]. A cryptographic hash function is a one-way
function that converts input data to an arbitrary length and produces an output with a fixed
length [4][5]. The output is usually referred to as a "hash value" which is presented in figure 1.
For a hash function to fulfill its purpose and be usable, a hash function needs to fulfill
5 (five) core properties such as:
1. Input can be a string of various sizes , but each output has a fixed length, say a
256-bit output or a 512-bit output.
2. The hash value must be efficiently computed for any given data.
3. Deterministic, in the sense that the same input when applied to a hash algorithm will
return the same hash.
4. It is not possible to return and generate data from a hash value.
5. Every small change in the data must greatly affect the output hash, so that no one can
correlate the new hash value with the old hash after the change.
Apart from the core properties, the hash must also satisfy the following 3 (three)
security properties:
1. Collision resistance: Implies that it is impossible to find two different inputs, say, X and
Y, with the same hash value [6]. Makes the hash function H() collision-resistant
because neither can find X and Y, so H(X) = H(Y). Most online stores, such as the App
Store, use this property to ensure file integrity.
2. Preimage Resistance: Where this property means that it is computationally impossible
to reverse the hash function.
3. Second Preimage Resistance: This property indicates that if given the input X and
returns a hash H(X), it is impossible to find Y, so H(X) = H(Y). It can be said that if the
hash function is already collision resistant, then it is also resistant to the second
preimage [7].
It can be noted that for the output of an n-bit hash value, an average effort of 2n is
required to break the second preimage and preimage resistance, and 2n/2 for the collision
resistance [8]. From the properties that the hash function needs to fulfill, it is clear that in
verifying the integrity and security of certificate data, hash algorithms are indispensable and
trustworthy.
2. Research Methods
In the current development of certificate data security, there are 2 (two) types of
hashes that are widely applied, namely, MD and SHA. However, when it comes to efficiency, in
this study the hash type SHA-256 is used because it can be calculated faster with a better
level of security. SHA-256 belongs to the SHA-2 hash function family, which is used by Bitcoin
and produces a 256-bit hash value [9]. The construction method is needed to avoid data
collisions, where the construction method used in SHA-256 is the Merkle-Damgård
construction as shown in Figure 2 [10].
Figure 2. Describes how a message is first divided into 512-bit blocks. When the
non-last message is not an exact multiple of 512 bits, it will be filled with one 1 bit to reach a
512 bit block [11]. The 512 bit block is further divided into 16 32 bit word blocks (16 × 32 =
512). Each block goes through 64 rounds, where each 32-bit word goes through a series of
combination operations of some common functions such as XOR, AND, OR, NOT [12].
Agile methods were also applied to demonstrate the significant benefits of simple,
iterative and agile techniques for planning and controlling innovative product projects
combined with traditional project management best practices [13]. This method is very
supportive to verify the data integrity of the certificate using a hash algorithm.
3. Literature Review
Hash algorithms include features, such as one-way, deterministic cryptography, faster
computation, avalanche effects, and must be impact-resistant. Judging from the many features
available, 10 (ten) literature reviews on hash algorithms were carried out, as follows:
Access to a patient's medical history is essential for prescribing drugs correctly, with
blockchain can dramatically improve the healthcare framework. In the research conducted by
Sudeep Tanwar, several solutions were explored to increase the boundaries in the health care
system using blockchain technology [14], but in this study we did not focus on hash algorithm
research on educational institutions.
Blockchain technology in the field of power systems seems to have been widely
proposed through research conducted by Maria Luisa Di Silvestre, where the relationship with
physical assets makes blockchain applications more complex but also more reliable and
associated with measurable benefits. The application of blockchain technology in the field of
power systems, clarifies some technical aspects of the promising technology, features and
applications developed, and focuses on the future of innovative applications in electrical
energy [15]. This research can be used as a reference for the application of blockchain
technology through hash algorithms in the world of education.
Proposed a new hashing model in reinforcement with redundancy elimination, can
fully utilize large-scale similarity information and eliminate redundant hash bits by deep gain
learning, but currently the system under study is more about redundancy elimination for
effective image capture [16]. Performing comparisons on the similarity of hashing algorithms
manually is a complex task and requires a lot of time, therefore it needs to be further
integrated to identify strengths and weaknesses [17].
3. Non-repudiation: Since the sender signed the certificate, it cannot deny that it did not
send the message. Non-repudiation is the most desirable property where there is a
possibility of data exchange disputes.
Resembling a hash pointer data structure, Merkle trees are also tamper-proof.
Breaking at any level in the tree is the same as causing a mismatch of hashes that have been
stored at one level in the hierarchy. It is very difficult for hackers to change all the hashes in
the entire tree and the integrity of any certificate transaction sequence can be ensured.
The merkle tree provides a very efficient way to verify the specific transactions
belonging to a particular block. If there are "n" transactions in the Merkle tree, then this
verification takes only Log(n) time as shown in Figure 4.
To verify whether a transaction or other certificate belongs to the Merkle tree, it is not
necessary to check all items and the entire tree. It can be started by calculating the hashes of
two concurrent transactions, seeing if they match the parent hash. Then proceed with verifying
the parent and sibling hashes at that level to get another parent hash. Continuing this process
all the way to the top root hash is the fastest possible way for transaction verification (only
Log(n) time for n items). Since there are eight transaction elements (n = 8), only three
calculations (log2 8 = 3) will be required for verification.
5. Listing Program
The following is an example of code for different hash functions. This section is only
intended to provide information on how to use hash functions programmatically. Sample code
uses Python but will be very similar in different languages.
5. Conclusion
Since basically, cryptographic hash functions have many different uses in various
situations, this study yields 6 (six) conclusions:
1. The hash function is used to verify the integrity and authenticity of certificate
information. The blockchain data structure, using cryptographic hashes, and the use
of Merkle trees make transaction verification easier and faster.
2. Hash functions can also be used to index data in a hash table. This can speed up the
search process. Instead of the whole data, if we search by hash (assuming the hash
value is much shorter compared to the whole data), then it should obviously be faster.
3. Hashes can be used to securely authenticate users without storing passwords locally.
If the hacker hacks into the server, then it cannot get the password from the stored
hash. Whenever a user tries to log in, the hash of the entered password is calculated
and matched against the stored hash.
4. This study uses a hash function as a proof of work (PoW) algorithm to improve the
security and privacy of the certificate.
5. Cryptographic functions are one-way and cannot be reversed. They are deterministic
and produce the same output for a given input. However, any changes to the input will
produce a completely different output when the final result is displayed.
6. The use of blockchain for verification purposes is in its early stages, and there are
many research possibilities on hash algorithms that need to be considered in the
future
Decentralized solutions where transactions are public are likely to have different types
of attacks. Attempts at counterfeiting are the most obvious of all, especially when conducting
transactions of value such as certificate verification. Hash algorithms can be used to ensure
the system is resistant to certificate data falsification. If the transaction and signed hash has
been done, no one can change the transaction, nor can anyone deny that the transaction has
been made.
Acknowledgment
This research was supported by University of Raharja and supported by Ristekdikti in
the simlitabmas grant research project.
References
[1] Tsai, JL (2009). Convertible multi-authenticated encryption scheme with one-way hash
function. Computer Communications, 32(5), 783-786.
[2] Scholar, PG College Fees Transaction Using Hash Functions of Blockchain Model.
[3] Bos, JW, Halderman, JA, Heninger, N., Moore, J., Naehrig, M., & Wustrow, E. (2014,
March). Elliptic curve cryptography in practice. In International Conference on Financial
Cryptography and Data Security (pp. 157-175). Springer, Berlin, Heidelberg.
[4] Goyal, V., O'Neill, A., & Rao, V. (2011, March). Correlated-input secure hash functions.
In Theory of Cryptography Conference (pp. 182-200). Springer, Berlin, Heidelberg.
[5] Lefebvre, F., Czyz, J., & Macq, B. (2003, September). A robust soft hash algorithm for
digital image signatures. In Proceedings 2003 International Conference on Image
Processing (Cat. No. 03CH37429) (Vol. 2, pp. II-495). IEEE.
[6] Steinberger, J. (2010, May). Stam's collision resistance conjecture. In Annual
International Conference on the Theory and Applications of Cryptographic Techniques
(pp. 597-615). Springer, Berlin, Heidelberg.
[7] Contini, S., & Yin, YL (2006, December). Forgery and partial key-recovery attacks on
HMAC and NMAC using hash collisions. In International Conference on the Theory and