Ensuring Transaction Integrity:- Transaction integrity ensures that any illegitimate user’s modification to the message can be detected. The modification includes insertion, deletion, substitution or changes to the status of a given message.
Integrity involves guarding against improper information modification or destruction and includes ensuring comprises timely, accurate, complete, and consistent data.
The information must not be manipulated in any way, either through electronic errors or human intention.
Ensuring Transaction Integrity in E-commerce
Integrity violation may occur whenever a message is altered while transiting between the sender and receiver. For ensuring transaction integrity, two separate algorithms are applied to message.
- Hash function
- Digital signature
A strong hashing function ensured that data modification does not go undetected. And by then digitally signing the hash value, one can ensure that the hash can be trusted.
So, the hash function and digital signatures should be applied to a message for ensuring transaction integrity.
Hash functions are effective tools to help maintain integrity. Hash functions are used as primitive for ensuring the integrity of messages and for performing mutual authentication.
A hash function is a process where a data message is passed through an algorithm, which can be considered as a formula or a series of mathematical steps to achieve a particular task.
Applying hash functions to a data to a data message results in a number which is substantially smaller than the data message, and is called a message digest or hash value.
- It uses no secret key.
- The message digest it produces cannot be inverted to produce the original information.
- The algorithm and information about how it works are publicly available.
- Hash collisions are nearly impossible.
MD5 is an example of a hash algorithm
An encrypted message digest is called signature. A purchase order accompanied by the digital signature provides the merchant positive identification of the sender and assures the merchant that the message was not altered.
Thus, in order to ensure the security of electronic transactions, developing countries are using a framework called digital signature.
A digital signature is an electronic signature that can be used to authenticate the identity of the sender of a message or the signer of a document, and possibly to ensure that the original content of the message or document that has been sent is unchanged.
Digital signatures are easy and can be automatically time-stamped.