Available online at www.sciencedirect.

com

ScienceDirect
Available online at www.sciencedirect.com
Procedia Computer Science 00 (2022) 000–000
www.elsevier.com/locate/procedia
ScienceDirect
Procedia Computer Science 215 (2022) 331–339

4th International Conference on Innovative Data Communication Technology and

Application

Blockchain Based Data Integrity Security Management

Shailaja Salagramaa , Vimal Bibhub, Ajay Ranac
a
Research Scholar, Doctor of Philosophy, Information Technology, University of the Cumberland’s, Williamsburg, Kentucky ,USA
b,c
Amity University, Uttar Pradesh, Greater Noida, India

Abstract

Blockchain is current demanding technology in the field of data and information security. In this paper, we present a model of the
data integrity assurance by the use of blockchain. Our proposed method, the message authentication code is stored under the block
of blockchain with hash value, timestamp, and nonce. The existing message authentication code, SHA-256 is used to generate the
hash value to store into the blockchain after encrypting by asymmetric key cryptography with recipient public key. We also
compared the strength of our blockchain based data integrity assurance method with others existing method of integrity assurance
and management. We have applied penetration testing by using five different tools to test the strength and robustness of proposed
method of integrity assurance. It is found that blockchain based integrity assurance method is more robust than other methods of
integrity assurance.

©
© 2023
2023TheTheAuthors.
Authors.Published
Publishedby Elsevier B.V.B.V.
by Elsevier
This is an open access article under the CC BY-NC-ND
This is an open access article under the CC BY-NC-ND license (https://creativecommons.org/licenses/by-nc-nd/4.0)
license (https://creativecommons.org/licenses/by-nc-nd/4.0)
Peer-review under responsibility of the scientific committee of the 4th International Conference on Innovative Data Communication
Peer-review under responsibility of the scientific committee of the 4th International Conference on Innovative Data
Technologies and Application
Communication Technologies and Application
Keywords: Blockchain, Virtual Private Network, Data Integrity, Cyber Security, Secure Hashing, Message Digest

1. Introduction

Managing the data integrity in virtual space is one of the biggest challenges in the field of information security.
Cyber threats are advancing day by day with different attack morphologies and this causes more threats to private and
sensitive data under the virtual and cyber space. According to latest report it is statistically analyzed that in each
minute there is different categories of cyber-attacks occurring in cyber space which leads the financial harm and
repudiation losses to the users, organizations and also to the government entities. Cyber criminals are extending their
attack mechanisms by adopting the modern technologies such as artificial intelligence, fuzzy logics and many more.

* Shailaja Salagrama. Tel.: 16465618259

E-mail address: shaila25@me.com

1877-0509 © 2023 The Authors. Published by Elsevier B.V.

This is an open access article under the CC BY-NC-ND license (https://creativecommons.org/licenses/by-nc-nd/4.0)
Peer-review under responsibility of the scientific committee of the 4th International Conference on Innovative Data Communication
Technologies and Application

1877-0509 © 2023 The Authors. Published by Elsevier B.V.

This is an open access article under the CC BY-NC-ND license (https://creativecommons.org/licenses/by-nc-nd/4.0)
Peer-review under responsibility of the scientific committee of the 4th International Conference on Innovative Data Communication
Technologies and Application
10.1016/j.procs.2022.12.035
332 Shailaja Salagrama et al. / Procedia Computer Science 215 (2022) 331–339
2 Shailaja Salagrama et. all/ Procedia Computer Science 00 (2019) 000–000

This is increasing the stress over the security professional and experts to combat such advanced attacks to secure the
information technology assets and sensitive data. Moreover, virtualization of the infrastructure, software and platform

again, poses the new categories of challenges of cyber security by reducing the direct interface of the users and
resources. This advances the existing security problems chaotic and complex to address.

According the latest report, around 2 trillion dollars were lost in 2019, due to different categories of cyber-attacks.
Besides, these financial losses to the various companies and industries and trust and repudiation are also damaged.
Cyber criminals are always with the clue to get the sensitive information by accessing the public or secured network
employing the technology to further abuse and gain the intentional benefits.

Managing the integrity of data is very complex processes for every category of data like data at rest, data at
processing and data at transmit. Reply attack is very common with data in transit and this attack causes a serious harm
to sender and receiver by losing the trust and money as well. Integrity of sensitive data such as identities, passwords,
business sensitive data etc. are required to be 100% protected while transmitted and received by the recipient.
Modification and alteration of such data over the web by hackers or by malware are very dangerous to all the entities
associated with communication.

Internet is open public network and its availability to all produces the problems to the users and companies to
secure the confidentiality and integrity. Technologies and tools such as Virtual Private Network (VPN), Secured
hashing Algorithm (SHA), Message Digest (MD5) etc. to protect the integrity of data while communicating are already
exists. These algorithms for integrity protection and management are robust but do not address those problems which
are inserted by the human errors. Knowledge and awareness of users are the main culprits for the hacking and
modification while data over the insecure medium having those mentioned protection. Therefore, a robust and secured
architecture framework by employing the blockchain technology to secure the integrity of sensitive and business
critical data over the web is very much required to enhance the security and privacy of data with respect to data
Integrity.

Blockchain technology is new technological framework in the field of information technology. This new
technology started by Bitcoin which is a digital encrypted currency. Blockchain is based on the distributed computing
concept where the data and transactions are stored in distributed ledger having distributed connected storage mediums.
Distributed computing framework of blockchain provides the chain of the block of information storage with old to
current new one.

Assuring the integrity of data can be promised by use of blockchain technology. Its cryptographic framework is
already so robust and also the chain of the data ensures the old data to be used to prove that the current one is altered
or modified or not. Therefore, blockchain based integrity management of the data can be boon in the field of
information and Cybersecurity. Further, the integration of blockchain technology with cyber security brings the new
plethora of the cyber security with advance framework of data integrity management.

According to CB blockchain seal, the creation of hash and then super hash which is being stored in blockchain
cannot be tampered. This does not address the data integrity but addresses the integrity of hash value of super hash in
blockchain. This hashing and super hashing methodologies can be used with data also to seal the data from
unauthorized modification, but it is costly option. Therefore, a less costly and cryptographic methodology is required
to address the cost and seal the data by employing the blockchain technology.

2. Related Work

Data integrity is related to the serious threat of manipulation and alteration during the storage and transmission.
The data is being tampered by malicious actors for getting the advantages with respect to destruction of trust and
money. Data users always want to ensure that the consuming data is accurate and not altered during the communication
 Shailaja Salagrama et al. / Procedia Computer Science 215 (2022) 331–339 333
Shailaja Salagrama et all./ Procedia Computer Science 00 (2019) 000–000 3

with the network channels. Rosco Kalis et. al [1], stated that A blockchain based hash validation method is used to
actual data is stored separately from blockchain and a data identifier and hash of the data are submitted under
blockchain. This proposed method provides the validation of actual data against the hash on the blockchain anytime.
This method also ensures the blockchain based validation of hash is being able to find the malicious and accidental
modification of data.

Alex. R. Mathew, et.al. [2], Several use cases of blockchain technology are addressed for the cyber security
industries. Mostly all the researchers in the area of cybersecurity are favoring the adoption of blockchain technology
to enhance information shielding to make the robust security infrastructure. Three of the problematic areas of cyber
security such as confidentiality, integrity and availability are effectively addressed by employing the blockchain. A
single blockchain is considered the best application for the Cybersecurity to protect these three security issues.

T. Aste, et. al [3] Distributed ledger having cryptographic technology as inclusion is enabler of the transaction
with trust among the participants those are not trusted. Z. Zheng, et. al. [4] After introduction to Bitcoin blockchain
in 2008, many of the blockchain systems, like Ethereum, Hyperledger Fabric are developed based of the blockchain
technology [4].

Salman et al. [5] highlighted the problems and related challenges of the use of security services with centralized
architecture of security system for various applications. They provided the comprehensive survey about the blockchain
based methods for the security services for applications requiring the authentication, confidentiality, integrity,
accessibility and access control and governance of resources and information system infrastructure under the
distributed network environment. Their study provides the valuable information for the security services by enabling
the blockchain technology.

Igor Zikratov et.al [6], explored many usability and novel techniques to ensure the prevention of cyber security by
blockchain technology. They have stated various usability of blockchain in the area if smart contacts, digital
distributed ledger security, secured record keeping, message integrity security by their novel research works.
Distributed ledger based transactional framework has abundant potential to be used to protect the digital assets.

Jaewon Noh, Sangil Jeon, Sangil Jeon & Sunghyun Chu [7[, proposed a message authentication scheme by using
blockchain technology. The message authentication scheme for anonymity and information decentralization is taken
by the help of blockchain. Public and private key along with the Message Authentication code (MAC) are used to
secure the authentication. The consensus algorithm is used to compose the blockchain system for proofing and
practical Byzantine Fault Tolerance (PDFT) are integrated with the process of message authentication. Authors claims
that their proposed method for message authentication is secured from attacks such as impersonation from internal
and external attackers.

Rui Zhang, Rui Xue, and Ling Liu, [8], discussed comprehensively and proposed the overview of the security and
privacy of blockchain. They introduced the notion of blockchain and its utility through the transactions through
Bitcoin. The representative consensus algorithm, hash based chained storage, protocol mixing, anonymous signatures,
are reviewed for the security and privacy with the blockchain technology.

3. Blockchain and Integrity Assurance Methodology

Blockchain is a tamperproof and immutable solution for the information. Basic structure of blockchain states that the
blocks under the chain cannot be modified and only can be added. This ensures that the Authentication code of
message of the sender cannot be modified once stored in the blockchain. Therefore, this property of the blockchain is
a full-proof solution to the message to detect the message is altered during the communication or not. The
authentication code or hash value computed from the encrypted message is placed under the blockchain which is
accessible by receiver the access and recompute the hash value. The condition as used in message authentication is
same as used with traditional integrity management of the message. The difference between this one and traditional
334 Shailaja Salagrama et al. / Procedia Computer Science 215 (2022) 331–339
4 Shailaja Salagrama et. all/ Procedia Computer Science 00 (2019) 000–000

approach of message authentication is that, this proposed one is blockchain based whereas traditional is simple stored
in the data packet.

3.1 Structure of a Blockchain

Blockchain is chain of blocks having the header, previous block hash value, time stamp, nonce, merkle root and
the body where transactional data is stored [9]. The detailed block’s structure and links of the chain from next block
to previous block is given in figure 1.

Fig 1. Structure of Blocks in Blockchain

The structure of blockchain in figure 1, shows that each of successive block has link to previous block and same
information except body are stored with each block by different value. This property of blockchain makes its
immutable and non-modifiable. Hash value, time stamp, nonce for each of the block under the chain of block are
different than each other. Therefore, it is very easy to find which block holds the message authentication code for the
given message. The time stamp and nonce provide the clue that this is the actual block body data for Message
authentication code under the blockchain.

3.2 Blockchain Cryptographic Strength

Blockchain is mainly a peer-to-peer network consists of two separate terms block and chain. Block refers the data
and chain is the list in database of blockchain technology. The list is linked by use of the cryptography. It is a tricky
concept under blockchain as there are two categories of cryptographic algorithms are used with it [10]. These two are
asymmetric key cryptography and hash function such as SHA-256. Asymmetric key cryptography uses the pair of
keys in which one private and other is public keys for a user. Hash function SHA-256 is used to provide the many
benefits such as producing avalanche effect, uniqueness, deterministic and quickness. Above mentioned properties of
blockchain makes it unique in nature that when the data value in block is changed then its hash value also change.
Therefore, the code for integrity which is stored under the block is non modifiable. If modified then hash value cannot
match and finally, it is found that the data is modified during the communication [11][12].

4. Proposed Model

Integrity of data and message can be assured by many existing algorithms like MAC, hashing, MD5 and many more.
These Algorithms are based on cryptographic tools and methodologies, so that weakness is always with the transmitted
data with data integrity is common. Attackers may use same algorithm and hash function to change the message and
recalculate the code to attach in similar way as sender to fool the receiver [13]. Therefore, it is required to develop
 Shailaja Salagrama et al. / Procedia Computer Science 215 (2022) 331–339 335
Shailaja Salagrama et all./ Procedia Computer Science 00 (2019) 000–000 5

such an integrated system using blockchain to create the strong integrity assurance to make attacker impossible to
violate the message integrity while the message is transmitted via open network.

We proposed an algorithm Message Integrity Assurance Using Blockchain (MIAUB), which is able to integrate
the blockchain with private and public key cryptography to provide non modifiable message for integrity assurance.

Sender End :-
Step 1 – Input Plain Message
Process Message
Step 2. Select Symmetric Cipher Algorithm (AES 128 Bit)
Step 3. Generate Random Value from (Plain Message)
Step 4. Generate Key SK by Random Value
Encrypt ESK (Plain Message)
Step 5. SHA (ESK(Plain Message), KeySK)
Step 6. Packet (PKR (SHA (ESK(Plain Message, KeySK))))
Pubval = PKR(T1(T, Hash Value, + KeySK))
Step 7. Add Pubval in chain of Blockchain
Step 8. Commit
Send (Packet (PKR (SHA (ESK(Plain Message, KeySK))))

Recipient End:-

Step 1. Receive Packet (PKR (SHA (ESK(Plain Message, KeySK)))

Step 2. PRR ((SHA (ESK(Plain Message, KeySK))
Step 3. Read (Pubval) – Block (Blockchain)
T1, Hash Value, SK = PRR(Pubval)
Step 4. SHA (ESK(Plain Message, KeySK))
Step 5. Is Hash Value = Current SHA is equal Then
Decrypt ESK(Cipher Message)
Else
Abandoned
[SK – Symmetric Encryption/Decryption Key, PKR – Public Key of Recipient, PRR – Private Key of Recipient, T –
Time Stamp, SHA – Secured Hash Algorithm, AES – Advance Encryption Standard]

Proposed Algorithm is for both sender and receiver. Algorithm processes from sender side and finishes at receiver
side. The timestamp for hash value stored in blockchain ensure the message hash value and indicates about any change
as same time stamp with date and time cannot be found if updated or modified by adversaries.
336 Shailaja Salagrama et al. / Procedia Computer Science 215 (2022) 331–339
6 Shailaja Salagrama et. all/ Procedia Computer Science 00 (2019) 000–000

5. Functional Block Diagram of Algorithm

Block diagram of proposed model of data integrity assurance by use of the blockchain technology is presented in
fig. 2.

Fig 2. Proposed Data Integrity Model Diagram

There are many methods available and also in use to assure the integrity of data. These methods are Message
Digest, Message Authentication Code, Secured Hashing Functions, etc. The proposed method of integrity assurance
also uses the Secured hashing function and additionally the asymmetric key cryptography with respect to store in
 Shailaja Salagrama et al. / Procedia Computer Science 215 (2022) 331–339 337
Shailaja Salagrama et all./ Procedia Computer Science 00 (2019) 000–000 7

blockchain [14]. The strength of each of the method with respect to vulnerabilities like manipulation, deletion, error
scope, cryptography and security is presented in table 1.

Table 1. Comparison of Strength of Methods Used for Data Integrity Assurance

Integrity Assurance Method Strength
Manipulation Deletion Error Scope Cryptographic
MAC Yes Yes Yes Yes
MD5 Yes Yes Yes Yes
SHA-256 Yes Yes Yes Yes
Proposed Blockchain Based No No Yes Yes

According to table 1. Data, it is clear that blockchain based data integrity assurance method is more robust and
pertains high strength than any other existing methods of data integrity insurances. One weakness is common error
scope exists with each of the methods. This error scope is due to the computational error by transmission or loss of
data.

6. Result Analysis

Blockchain based data integrity assurance method is more robust than existing methods. Penetration testing is
setup to test the integrity of data processed through the given algorithm of blockchain based integrity assurance. We
have used 5 rounds of penetration testing to define the robustness of our proposed algorithms. Data we selected to
apply pen test is presented in table 2.

Table 2. Penetration Test Result

Rounds Message Authentication Tools Res ults
Code
1 87 Acunetix Fail
2 87 Astra Fail
3 87 Wireshark Fail
4 87 OpenSSL Fail
5 87 Nmap Fail

7. Analytical Strength

Proposed method to ensure the data integrity is straightforward with the use of blockchain technology. Table 1.
Represents the strengths of integrity assurance by different methodologies including proposed methodology.
Blockchain based data integrity assurance method proposed here have the following strength as per the properties of
blockchain.
• Immutable Property – the block having the message authentication code is immutable. It means once the block is
added to the chain of block then it cannot be altered or deleted.
• Temper Proof – The block data is temper proof so that the information placed under the block cannot be altered
by any means.
• Authenticity – The access of the block is only possible by correct access privilege. This ensures that no can access
the block information without the access credentials.

These three properties are related to the block chain technology. Additionally, the proposed algorithm advances
the strength of integrity assurance by inclusion of encryption methodologies. A set of symmetric and asymmetric key
338 Shailaja Salagrama et al. / Procedia Computer Science 215 (2022) 331–339
8 Shailaja Salagrama et. all/ Procedia Computer Science 00 (2019) 000–000

cryptography provide the bundle of security for the data in case of its integrity.

• Random value is generated by taking the message/data

• Symmetric key for AES 128 bit is created by random value and message/data is encrypted.
• Hashing is taken encrypted message/data and symmetric key and block packet data is created.
• Packet is again encrypted by public key of receiver
• Packet is added to blockchain and sent to receiver end

These encryption steps create more confusion and diffusion of message/data so that its strength becomes optimal.
Strength of our proposed algorithm to ensure data integrity is analysed with following factors under table 3.

Table 3. Comparison of Strength of Integrity Assurance by Blockchain and Other Methods

Message/Data State Message Authentication Other Integrity Assurance
Code Blockchain Based
Integrity Assurance
Stored Data 100% 80%
Data in Transit 90% 60%
Data at processing 80% 40%

The data state is primary factor as indicated by strength under table 3. Stored data does not need to remove any
encryption but in case of data in transit and processing some of the cryptographies are required to be removed [15].
Therefore, the strength of both blockchain based integrity assurance and other method for same are different with
percentage. The analytical strength of different stages of data is represented with fig. 3.

Fig 3. Analytical Strength at Different Stage of Data

8. Conclusion

Blockchain based data integrity assurance is novel method to assure the integrity of data which is either in storage
or in communication from source to recipient. This proposed method of data integrity assurance is robust technique
to the management of data integrity with current scenario of cyber-attacks. The property of blockchain such as
immutable and non-modifiable provide the guarantee to the sensitive and critical data to not be changed during the
communication. Cybercriminal when changed the communicated data, it is very easy to detect the change during the
communication. The robust blockchain based data integrity assurance is current requirement of the organizations and
business firms to secure the data from the cyber-attacks. The details of the model and block diagram of the functional
 Shailaja Salagrama et al. / Procedia Computer Science 215 (2022) 331–339 339
Shailaja Salagrama et all./ Procedia Computer Science 00 (2019) 000–000 9

method of blockchain based data integrity assurance method is optimal and also provide the cryptographic security to
sensitive data.

9. Future Scope

This research work lacks the deployment of proposed model; therefore, the scope of this work is to be deployed in
the real time environment to provide the data integrity assurance. The deployment should be based on the proposed
model of data integrity assurance and the test can be performed for the robustness and functional scope of the given
algorithm.

References

[1] Rosco Kalis, Adam Belloum, ‘Validating data integrity with blockchain’, University of Amsterdam Amsterdam,
The Netherlands. https://ipfs.io/.
[2] Alex. R. Mathew, ‘Cyber Security through Blockchain Technology’, International Journal of Engineering and
Advanced Technology (IJEAT). ISSN: 2249 – 8958, Volume-9 Issue-1, October 2019.
[3] T. Aste, P. Tasca, T. Di Matteo, Blockchain technologies: the foreseeable impact on society and industry,
Computer 50 (9) (2017) 18–28.
[4] Z. Zheng, S. Xie, H. Dai, X. Chen, H. Wang, An overview of blockchain technology: architecture, consensus, and
future trends, in: 2017 IEEE International Congress on Big Data (BigData Congress), 2017, p. 557564.
[5] T. Salman, M. Zolanvari, A. Erbad, R. Jain, M. Samaka, Security services using blockchains: a state-of-the-art
survey, in: IEEE Communications Surveys & Tutorials, 2018, https://doi.org/10.1109/COMST.2018.2863956 [6]
[6] Igor Zikratov, Alexander Kuzmin, Vladislav Akimenko, Viktor Niculichev, Lucas Yalansky, Ensuring Data
Integrity using Blockchain Technology, April 2017, DOI:10.23919/FRUCT.2017.8071359, Conference: 2017
20th Conference of Open Innovations Association (FRUCT)
[7] Jaewon Noh, Sangil Jeon, Sangil Jeon & Sunghyun Chu, Distributed Blockchain-Based Message Authentication
Scheme for Connected Vehicles. January 2020, Electronics 9(1):74, DOI:10.3390/electronics9010074
[8] Rui Zhang, Rui Xue, and Ling Liu. 2019. Security and Privacy on Blockchain. ACM Comput. Surv. 1, 1, Article
1 (January 2019), 35 pages. https://doi.org/10.1145/3316481
[9] Liang, Ying-Chang. (2020). Blockchain for Dynamic Spectrum Management. 10.1007/978-981-15-0776-2_5.
[10] Nikita Storublevtcev (2019), Cryptography in Blockchain, Computational Science and Its Applications – ICCSA
2019, 2019, Volume 11620, ISBN : 978-3-030-24295-4.
[11] Jamoos, Mohammed. (2014). Data Integrity Mechanism Using Hashing Verification. International Journal of
Network Security.
[12] Hambouz, Ahmed & Shaheen, Yousef & Manna, Abdelrahman & Al-Fayoumi, Mustafa & Tedmori, Sara. (2019).
Achieving Data Integrity and Confidentiality Using Image Steganography and Hashing Techniques. 1-6.
10.1109/ICTCS.2019.8923060.
[13] Adel, Radwa & Fouad, M. & Aboul-Dahab, Mohamed. (2013). Design and Implementation a new Security Hash
Algorithm based on MD5 and SHA-256. International Journal of Engineering Sciences & Emerging Technologies.
6. 29-36.
[14] Zequan Zhou, Xiling Luo, Yi Bai, Xiaochao Wang, Feng Liu, Gang Liu, Yifu Xu, (2022). "A Scalable
Blockchain-Based Integrity Verification Scheme", Wireless Communications and Mobile Computing, vol. 2022,
Article ID 7830508, 13 pages, 2022. https://doi.org/10.1155/2022/7830508.
[15] S. G. Stubblebine and V. D. Gligor, "On message integrity in cryptographic protocols," Proceedings 1992 IEEE
Computer Society Symposium on Research in Security and Privacy, 1992, pp. 85-104, doi:
10.1109/RISP.1992.213268.