InfoSec Notes
Comprehensive guide to the integrity principle of the CIA Triad, covering hash functions, digital signatures, checksums, database integrity, and techniques to detect and prevent unauthorized data modification.
Understanding Integrity
Integrity in information security ensures that data remains accurate, complete, and trustworthy throughout its lifecycle. It guarantees that information has not been altered, corrupted, or tampered with by unauthorized parties or processes.
Integrity addresses two critical questions:
- Has this data been modified since it was created or last validated?
- Can I trust that this data accurately represents what it claims to?
Types of Integrity
Data Integrity
Ensures that stored data has not been altered without authorization.
| Type | Description | Example |
|---|---|---|
| Physical Integrity | Protection from physical damage | RAID arrays, UPS systems |
| Logical Integrity | Correctness of data values | Database constraints, validation rules |
| Entity Integrity | Unique identification of records | Primary keys, no null identifiers |
| Referential Integrity | Consistency between related records | Foreign key constraints |
| Domain Integrity | Valid values within allowed ranges | Data type checks, range validation |
System Integrity
Ensures that systems operate correctly and have not been tampered with.
System Integrity Verification Flow
=====================================
Boot Process
BIOS/UEFI → Secure Boot → Bootloader → Kernel → OS
| | | | |
v v v v v
[Verify] [Verify] [Verify] [Verify] [Verify]
Firmware Signatures Hash Modules Configs
If ANY step fails → HALT (integrity compromised)
Technical Mechanisms for Integrity
1. Hash Functions
Hash functions produce a fixed-length fingerprint of data. Any change to the input, no matter how small, produces a completely different hash.
Hash Algorithm Comparison
| Algorithm | Output Size | Speed | Security Status | Use Case |
|---|---|---|---|---|
| MD5 | 128 bits | Very Fast | BROKEN (collision attacks) | Legacy checksums only |
| SHA-1 | 160 bits | Fast | DEPRECATED (collision found 2017) | Git (legacy) |
| SHA-256 | 256 bits | Medium | Secure | General purpose, blockchain |
| SHA-3 | Variable | Medium | Secure | Alternative to SHA-2 |
| BLAKE2 | Variable | Very Fast | Secure | High-performance applications |
2. Digital Signatures
Digital signatures provide both integrity and non-repudiation:
Digital Signature Process
============================
Signing (Sender)
Document → [Hash Function] → Hash Digest
|
v
Private Key → [Sign] → Digital Signature
|
v
Document + Signature → Sent to Recipient
Verification (Recipient)
Received Document → [Hash Function] → Computed Hash
|
Received Signature → [Verify with |
Public Key] → Extracted Hash
|
Compare ←-------+
|
Match? → Integrity Confirmed
No Match? → Document TAMPERED
3. Message Authentication Codes (MAC)
MACs provide integrity verification using a shared secret key:
import hmac
import hashlib
def create_mac(message: str, key: bytes) -> str:
"""Create a Message Authentication Code."""
return hmac.new(key, message.encode(), hashlib.sha256).hexdigest()
def verify_mac(message: str, key: bytes, expected_mac: str) -> bool:
"""Verify message integrity using MAC."""
computed_mac = hmac.new(key, message.encode(), hashlib.sha256).hexdigest()
return hmac.compare_digest(computed_mac, expected_mac)
# Shared secret between sender and receiver
shared_key = b"super_secret_shared_key_2024"
# Sender creates message with MAC
message = "Payment of $500 approved for order #789"
mac = create_mac(message, shared_key)
print(f"Message: {message}")
print(f"MAC: {mac}")
# Receiver verifies integrity
is_valid = verify_mac(message, shared_key, mac)
print(f"\nIntegrity verified: {is_valid}")
# Attacker modifies message
tampered = "Payment of $5000 approved for order #789"
is_valid = verify_mac(tampered, shared_key, mac)
print(f"Tampered message verification: {is_valid}") # False!Database Integrity Controls
-- Entity Integrity: Primary key constraint
CREATE TABLE transactions (
transaction_id SERIAL PRIMARY KEY,
account_id INTEGER NOT NULL,
amount DECIMAL(10,2) NOT NULL,
timestamp TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
checksum VARCHAR(64)
);
-- Referential Integrity: Foreign key constraint
ALTER TABLE transactions
ADD CONSTRAINT fk_account
FOREIGN KEY (account_id)
REFERENCES accounts(account_id);
-- Domain Integrity: Check constraints
ALTER TABLE transactions
ADD CONSTRAINT chk_amount
CHECK (amount > 0 AND amount < 1000000);
-- Trigger for integrity audit
CREATE TRIGGER audit_transaction_changes
BEFORE UPDATE ON transactions
FOR EACH ROW
EXECUTE FUNCTION log_modification();Real-World Integrity Attack: SolarWinds (2020)
Attack overview: Russian state hackers compromised the build system for SolarWinds Orion software, injecting malicious code that was distributed to 18,000+ organizations through legitimate software updates.
Integrity failure analysis:
- Build system integrity was not verified
- Code signing used compromised build pipeline
- Update verification trusted the compromised certificate
- No independent hash verification of builds
Lessons learned:
- Implement reproducible builds
- Use multiple independent signing authorities
- Verify build integrity with out-of-band checksums
- Monitor for unexpected code changes in CI/CD pipeline
Integrity Monitoring with File Integrity Monitoring (FIM)
Interview Questions
- What is the difference between integrity and authentication?
- Integrity ensures data has not been modified (answers "has this changed?"), while authentication verifies the identity of a user or system (answers "who are you?"). Digital signatures provide both — they verify the signer's identity AND that the data hasn't been altered.
- Explain the avalanche effect and why it's important for hash functions.
- The avalanche effect means that a tiny change in input (even one bit) produces a drastically different hash output (approximately 50% of bits change). This is crucial because it makes it impossible to predict how a change will affect the hash, making tampering detectable.
- What is the difference between a hash function and a MAC?
- A hash function takes only data as input and produces a digest — anyone can compute it. A MAC (Message Authentication Code) additionally requires a secret key, so only parties who know the key can create or verify the MAC. MACs prevent an attacker from forging a valid integrity check.
- How would you implement integrity controls for a financial transaction system?
- Use digital signatures on all transactions, implement database constraints and triggers, maintain audit logs with tamper-evident logging, use checksums for data in transit, implement File Integrity Monitoring on critical systems, and use blockchain or append-only databases for transaction records.
- What is a collision in hash functions and why does it compromise integrity?
- A collision occurs when two different inputs produce the same hash output. This compromises integrity because an attacker could substitute a malicious file that produces the same hash as the legitimate one, passing integrity checks. This is why MD5 and SHA-1 (where collisions were found) are deprecated.
Summary
Integrity is the silent guardian of trustworthy information systems. While confidentiality breaches make headlines, integrity failures can be far more dangerous — undetected data manipulation can lead to incorrect decisions, financial fraud, and safety hazards. Implementing robust integrity controls through hashing, digital signatures, access controls, and monitoring is essential for maintaining trust in information systems.
Exam Focus
Revise definitions, diagrams, examples, and short-answer points for Integrity in Information Security.
Interview Use
Prepare one clear explanation, one practical example, and one common mistake for this Information Security topic.
Search Terms
information-security, information security, information, security, fundamentals, integrity, integrity in information security
Related Information Security Topics