Workbook on Digital Private Papers > Administrative and preservation metadata > Metadata for authenticity: hash functions and digital signatures
Metadata for authenticity: hash functions and digital signatures
Introduction
Authenticity and integrity are important characteristics of archives and it is natural that archivists are concerned about ensuring the ongoing authenticity of digital archives, which are so easily and near undetectably altered. This ongoing authenticity is also important to the creators of material, as well as to the researchers who will rely on it to inform their research. The OAIS model requires that 'fixity information' be held for digital objects so that their moral and physical integrity can be verified over time. Hash functions and digital signatures are two means of creating and validating such fixity information and both have a number of potential applications in the acquisition, management and dissemination of personal digital archives. Paradigm has therefore explored the nature and uses of hash functions and digital signatures; an overview of these technologies and consideration of how they might be useful to archivists is provided here.
Archival uses for fixity information
Fixity information documents authentication mechanisms used to ensure that the materials stored by a preservation repository have not been altered in an undocumented manner. Creating and verifying fixity information is therefore an integral part of the management process for authentic digital objects ensuring that the repository can be confident of the authenticity and integrity of its digital objects. Many repositories will wish to record some level of fixity information about the digital files and metadata (and versions thereof) that they manage. Not only is fixity information an important part of the OAIS information model, it is also included in a number of metadata schemas for digital objects including PREMIS, METS and others.
When should fixity information be created and verified?
Fixity information can be created or verified at numerous stages in the preservation workflow. The management policy for the archive, its context and the level of confidence required will dictate when and what type of fixity information is created and how often it is verified. Appropriate points in the lifecycle for generating and verifying fixity information include:
- At point of creation - creators could themselves decide to create fixity information for some of their digital files and perhaps to use a digital signature to encrypt sensitive data.
- At point of accession - archivists or creators could create fixity information when accessioning digital archives which can later be used to verify that digital archives have not been subject to any unauthorised transformation during the process of transferring material to the Library and ingesting it into a digital repository.
- At point of ingest - archivists record fixity information as part of the preservation metadata of an archive, which can be used thereafter to verify the continuing authenticity of the material.
- At point of transformation - changes to metadata and the creation of new versions of digital objects through file format migrations can be a necessary part of the digital preservation process, but fixity information is required to provide an audit trail of such actions so that new versions of objects and their metadata are trustworthy.
- As part of normal maintenance routines - fixity information may be used to ensure the continuing authenticity of material when undertaking regular maintenance activities, such as system back-up.
- At point of dissemination - it is possible that researchers may expect repositories to sign the digital archives they make available, so that their authenticity is assured.
