Ancient Authentication and Integrity Checking
Authentication and integrity mechanisms have been in use for thousands of years! One of those methods was the wax seal, with references as early as the Pharaohs in ancient Egypt.
The wax seal was designed to serve two purposes:
Signature/Author Verification (Authentication)
The first was to verify that the document came from the person mentioned. Seals, typically in the form of a Signet Ring, were unique to the owner and destroyed when the owner died. Just as a private key, the ring would never leave the owner’s presence and only the owner would use the ring. Technically, the ring could be forged, but I’m guessing there would be a high price to pay for the forger if they were caught! Learn more about the modern resurgence here.
The physical seal is still in use today for company formation documents, birth certificates, and other official documents.
Electronic Signature and Verification
One modern example of this is Git Commit Signing, where a developer signs a commit with their private key and it is verified by an external entity with their public key. See here for a more detailed explanation.
The second purpose of the seal was to signify integrity of the document. An unbroken seal on an envelope meant that the contents of the document were not altered. The wax itself was melted on the envelope and should break should there be any signs of tampering of the contents.
Note: I highly recommend attending the Tamper Evident village at Defcon where possible. They have a contest every year to see how far a team can get past many “tamper evident” seals on packages in use today.
Electronic Integrity Verification
Integrity verification comes in a variety of forms today, but one of the most common forms is the use of the hash. Not to be confused with “encryption”, which is a two way operation1, the hash function is a one-way operation on a piece of data that outputs unique information based on the input data. It’s supposed to be “strong” enough that it would be hard to replicate.
For example, MD5 is an algorithm that is no longer in favor for high security integrity checking, but can be used for verifying the download of a file such as an ISO or Zip file.
The equivalent of integrity checking in the digital world would be generating a hash of the document. Digitally signing the hash would then provide authenticity that you are the person that generated the hash.
Summary - Software Supply Chain Security
I would be amiss for not mentioning the importance of digital signatures and integrity checking in the modern enterprise. From the verification of code updates by 3rd party companies to digital signatures of Git commits from developers (1st and 3rd party) to verification of people during the onboarding process, there is no shortage of injection points where strong authentication or integrity checking is needed.
As always, conducting frequent threat modeling exercises is important to help understand and prioritize where security is needed in your environment.