Transaction integrity ensures that any illegitimate user’s modification to the message can be detected. Modification includes insertion, deletion, substitution or changes to the status of a given message. Integrity involves guarding against improper information modification or destruction, and includes ensuring comprises timely, accurate, complete, and consistent data. The information must not be manipulated in any way, either through electronic errors or human intention.
Integrity violation may occur whenever a message is altered while transit between the sender and receiver. For ensuring transaction integrity, two separate algorithms are applied to message. These are:
- Hash function
- Digital signature
A strong hashing function ensures that data modification does not go undetected. And by then digitally signing the hash value, one can ensure that the hash can be trusted. So, hash function and digital signatures should be applied to a message for ensuring transaction integrity.
Hash functions are effective tools to help maintain integrity. Hash functions are used as primitive for ensuring integrity of messages and for performing mutual authentication.
A hash function is a process where a data message is passed through an algorithm, which can be considered as a formula or a series of mathematical steps to achieve a particular task.
Applying a hash functions to a data to a data message results in a number which is substantially smaller than the data message, and is called a message digest or hash value.
- It users no secret key.
- The message digest it produces cannot be inverted to produce the original information.
- The algorithm and information about how it works are publicly available.
- Hash collisions are nearly impossible.
MD5 is an example of a hash algorithm
An encrypted message digest is called signature. A purchase order accompanied by the digital signature provides the merchant positive identification of the sender and assures the merchant that the message was not altered.
Thus, in order to ensure security of electronic transactions, developing countries are using a framework called digital signature. A digital signature is an electronic signature that can be used to authenticate the identity of the sender of a message or the signer of a document, and possibly to ensure that the original content of the message or document that has been sent is unchanged. Digital signatures are easily, and can be automatically time-stamped.