Page 24 - ITU Journal - ICT Discoveries - Volume 1, No. 2, December 2018 - Second special issue on Data for Good
P. 24
ITU JOURNAL: ICT Discoveries, Vol. 1(2), December 2018
2. SIGNED DATA BLOCKS provide algorithm independence and promote
system resilience in coping with cryptographic
In a SignedData blockchain, the SignedData CMS change. The data content of a block is signed
message type serves as a container for the two indirectly, by including a hash of the data in a
basic components that make up the blocks of a messageDigest attribute. This required CMS
Bitcoin blockchain as illustrated in Fig. 1. attribute is signed to link the data component of a
SignedData block to its SignerInfo header, as
indicated by the up arrows in Fig. 2.
3. SIGNED ATTRIBUTES
3.1 Hash pointers
The SignerInfo block header illustrated in Fig. 1
contains a precedingBlock attribute. This attribute
is signed to link a SignedData block to the previous
block in the blockchain, as indicated by the left
arrows in Fig. 2. Adjacent blocks in the blockchain
Fig. 1. SignedData blockchain block
are 'hash-linked' using a precedingBlock attribute
These components include data in the form of a value. This value contains a hash (message digest)
"block of items to be timestamped" and a "block of the SignerInfo header of the previous block in
header" [4]. The block of items to be timestamped the blockchain.
and its associated header can be represented in a
SignedData message to create a blockchain block. A precedingBlock attribute is defined as a hash and
a location indicator using ASN.1 as follows:
In the SignedData type, the "block of items" [4]
component is a value of type Data, an opaque precedingBlock ATTRIBUTE ::= {
WITH SYNTAX HashPointer
string of octets. Type Data can contain information ID id-PrecedingBlock
of any type or format. This information may }
contain flat or structured content, such as a set of
transactions in a distributed ledger. However, for HashPointer ::= SEQUENCE {
hash DigestedData OPTIONAL,
the purposes of SignedData message processing, pointers Pointers OPTIONAL
the content is treated as unstructured and its } (ALL EXCEPT ({ -- None present -- }))
structural details ignored. The "block header" [4] Pointers ::=
component of a SignedData block is a value of type SEQUENCE SIZE(1..MAX) OF pointer Pointer
SignerInfo. A series of block header and associated
data components are illustrated in Fig. 2. Pointer ::= CHOICE {
uri URI,
rfid RFID,
gps GPS,
address Address,
dbRecord DBRecord,
... -- Expect other pointer types --
}
The precedingBlock attribute contains a value of
Fig. 2. SignedData block series
type HashPointer that implements a Hash Pointer
The SignerInfo header is a structured data type abstract data type. Type HashPointer can be used
whose fields include a signing key identifier, a set to specify the location of the previous block in a
of attributes to be signed, and the signature of the SignedData blockchain and to verify the integrity of
message signer over the signed attributes. Both the the data content at that location. A value of this
signature algorithm and digest algorithm identifier type contains "a pointer to the place where some
information are also included in type SignerInfo to information is stored" that is paired with a
"cryptographic hash of the information" [5]. The
2 © International Telecommunication Union, 2018