Skip to main content

Ways to verify Data Integrity [Resolved]

I've had looks to existing subjects but it usually gets heavily complicated while I'm new to this kind of stuff and I'd prefer to understand concepts first in order to understand better concrete solution.

I have a client/server application and I'm wondering about its design since every client will be able to generate files (through an interface) to send them to server, but I want the server to be able to say whether or not the file was created with the interface or handly-crafted by a malicious user.

Any existing commons methods? I wondered about hashing the file or using creating my own blockchain but I'm not familiar with this kind of data structure yet, and I've heard it needs some starting time before it really gets kind of "unbreakable", otherwise it's too easy to break.

I've found a page which is about "data tampering", it says the best may to protect from tampering is to restrict access, and that I should use a firewall, but my application will have an online and an offline mode as well, and I need to make sure every file created with connection being established is detected as "corrupted" by the server when the client connects and try to send the file to the server.

Question Credit: Axel Carré
Question Reference
Asked May 13, 2019
Posted Under: Security
1 Answers

As long as you have a proper SSL in place 95% of your risk factors are eliminated. Because your data-stream is encrypted, a MiM cannot read what you are sending or modify any data in it without completely corrupting what is received on the other side. In order for the file to be intercepted for modification, the attacker would need some manner of malware on your local machine at which point, most validation processes become a moot point if your attacker knows what he is doing.

That said, your best bet to prevent externally modified files from being opened by your program is to add tracking codes for each file. The tracking code could be some product of the file's Hash and a verification key coded into your program. That way, even if an end user tries to figure out how to sidestep your upload procedure and push his own file, it won't have a valid key and your program will know not to allow it to be opened.

credit: Nosajimiki
Answered May 13, 2019
Your Answer