🔐

Cryptography for Data Integrity and Authentication

Jul 23, 2025

Overview

This lecture covers how cryptography ensures data integrity and authenticity, focusing on hashes for proof of integrity and digital signatures for proof of origin.

Proof of Integrity

  • Proof of integrity verifies that received data matches the originally sent data.
  • A hash (or message digest/fingerprint) is a short string generated from the plain text data.
  • Any change in the data, even a single character, results in a completely different hash.
  • Comparing the hash of received data to the original hash reveals if data has been altered.
  • Example: Hashes can be used to check if a downloaded file, like the Gutenberg encyclopedia, has been changed.

Proof of Origin and Non-Repudiation

  • Hashing alone does not prove who sent the data, only that it hasn't changed.
  • Proof of origin (authentication) associates data with its sender, often using a digital signature.
  • A digital signature ensures non-repudiation, meaning the sender cannot deny sending the data.
  • Digital signatures work by encrypting the hash of the data with the sender's private key.
  • The recipient uses the sender's public key to decrypt and verify the digital signature.

Digital Signature Process Example

  • Alice creates a message and a hash of that message.
  • Alice encrypts the hash with her private key to create a digital signature.
  • Alice sends both the plain text and digital signature to Bob.
  • Bob uses Alice's public key to decrypt the signature and obtain the original hash.
  • Bob hashes the received message himself and compares it with the decrypted hash.
  • If the hashes match, Bob confirms both message integrity and Alice as the sender.

Key Terms & Definitions

  • Proof of Integrity — Verifying that data hasn't been altered since it was sent.
  • Hash (Message Digest/Fingerprint) — A short, fixed-size string uniquely representing the content of data.
  • Proof of Origin (Authentication) — Confirming who sent the data.
  • Non-Repudiation — The sender cannot deny authorship of the data.
  • Digital Signature — An encrypted hash of a message using the sender's private key.
  • Private Key — A secret cryptographic key known only to the sender.
  • Public Key — A publicly available key used to verify digital signatures.

Action Items / Next Steps

  • Review how hashing and digital signatures protect data integrity and authenticity.
  • Practice verifying file hashes and understanding digital signature workflows.
  • Prepare questions on non-repudiation and authentication for next class.

Full transcript