DataAtRestIcon

Creating Digital Signatures With Swift

The
main purpose of a digital signature is to verify the integrity of
some information. For a simple example, let’s say you had a file that
was transferred over the network and you want to check that the
entire file was transferred correctly. In that case, you would use a checksum.

“A
checksum is a small-sized datum derived from a block of digital data
for the purpose of detecting errors which may have been introduced
during its transmission or storage” — Wikipedia

How do
we derive that checksum? The best option is to use a hash. A hash function will take a variable amount of data and will output a signature of fixed length. For example, we could publish a file along with its hash online. When someone downloads the file, they can then run the same hash function on their version of the file and compare the result. If the hashes are the same then the copied or downloaded file is the same as the original. 

A hash is also a one-way function. Given the resulting output, there is no
computationally feasible way to reverse that hash to reveal what
the original input was. SHA, Secure Hash Algorithm, is a well-known standard that refers to a group of hash functions that have this property and certain others, which make them useful for digital signatures.

About SHA

SHA has undergone many iterations since it was first published. The
first and second iterations, SHA-0 and SHA-1, are now known to
have major weaknesses. They are no longer approved for security
implementations: they generally shouldn’t be used for applications relying on
security. However, the SHA-2 family includes versions called SHA-256 and SHA-512, and these are
considered secure. “256” and “512” simply refer to the resulting number of
bits produced. For this tutorial, we are going to use SHA-512.

Note: Another older popular hash algorithm was MD5. It was also found to have significant flaws.

Using SHA is great for checking if data was accidentally corrupted,
but this doesn’t prevent a malicious user from tampering with the
data. Given that a hash output is of a fixed size, all an attacker
needs to do is figure out which algorithm was used given the output
size, alter the data, and recompute the hash. What we need is
some secret information added to the mix when hashing the data so
that the attacker cannot recompute the hash without knowledge of
the secret. This is called a Hash Message Authentication Code (HMAC).

HMAC

HMAC can authenticate a piece of information or message to make sure that it originated from the correct sender and that the information has not been altered. A
common scenario is when you are talking to a server with a back-end API for your app. It may
be important to authenticate to ensure that only your app is allowed
to talk to the API. The API would have access control to a
specific resource, such as a /register_user endpoint. The client would need to sign its request to the /register_user endpoint in order to successfully use it.

When
signing a request, it is common practice to take selected parts of
the request, such as POST parameters and the URL, and join
them together into a string. Taking agreed-upon elements and putting
them in a particular order is called canonicalization. In
HMAC, the joined string is hashed along with the secret key to
produce the signature. Instead of calling it a hash, we use the term signature in the same way that a person’s signature in real life is used to verify identity or integrity. The signature is added back to the
client’s request as a request header (usually also named “Signature”). A
signature is sometimes called a message digest, but the two terms can
be used interchangeably.

Over on
the API side, the server repeats the process of joining the
strings and creating a signature. If the signatures match, it proves
that the app must have possession of the secret. This proves the
identity of the app. Since specific parameters of the request were also part of the string to be signed, it also guarantees the integrity of the request. It prevents an attacker from performing a man-in-the-middle attack, for example, and altering the request parameters to their liking.

Powered by WPeMatico

Leave a Comment

Scroll to Top