Page 24 - ITU Journal - ICT Discoveries - Volume 1, No. 2, December 2018 - Second special issue on Data for Good
P. 24

ITU JOURNAL: ICT Discoveries, Vol. 1(2), December 2018




          2.   SIGNED DATA BLOCKS                              provide  algorithm  independence  and  promote
                                                               system  resilience  in  coping  with  cryptographic
          In  a  SignedData  blockchain,  the  SignedData  CMS   change.  The  data  content  of  a  block  is  signed
          message  type  serves  as  a  container  for  the  two   indirectly, by including a hash  of the data in a
          basic  components  that  make  up  the  blocks  of  a   messageDigest  attribute.  This  required  CMS
          Bitcoin blockchain as illustrated in Fig. 1.         attribute is signed to link the data component of a
                                                               SignedData  block  to  its  SignerInfo  header,  as
                                                               indicated by the up arrows in Fig. 2.

                                                               3.    SIGNED ATTRIBUTES

                                                               3.1   Hash pointers


                                                               The  SignerInfo  block  header  illustrated  in  Fig.  1
                                                               contains a precedingBlock attribute. This attribute
                                                               is signed to link a SignedData block to the previous
                                                               block  in  the  blockchain,  as  indicated  by  the  left
                                                               arrows in Fig. 2. Adjacent blocks in the blockchain
                    Fig. 1. SignedData blockchain block
                                                               are 'hash-linked' using a precedingBlock attribute
          These  components include data in the  form of  a    value. This value contains a hash (message digest)
          "block  of  items  to  be  timestamped"  and  a  "block   of  the  SignerInfo  header  of  the  previous  block  in
          header" [4]. The block of items to be timestamped    the blockchain.
          and its associated header can be represented in a
          SignedData message to create a blockchain block.     A precedingBlock attribute is defined as a hash and
                                                               a location indicator using ASN.1 as follows:

          In  the  SignedData  type,  the  "block  of  items"  [4]
          component  is  a  value  of  type  Data,  an  opaque   precedingBlock ATTRIBUTE ::= {
                                                                 WITH SYNTAX  HashPointer
          string of octets. Type Data can contain information              ID  id-PrecedingBlock
          of  any  type  or  format.  This  information  may   }
          contain flat or structured content, such as a set of
          transactions in a  distributed  ledger.  However,  for   HashPointer ::= SEQUENCE {
                                                                  hash        DigestedData  OPTIONAL,
          the  purposes  of  SignedData  message  processing,      pointers    Pointers  OPTIONAL
          the  content  is  treated  as  unstructured  and  its   } (ALL EXCEPT ({ -- None present -- }))
          structural  details  ignored.  The  "block  header"  [4]   Pointers ::=
          component of a SignedData block is a value of type      SEQUENCE SIZE(1..MAX) OF pointer Pointer
          SignerInfo. A series of block header and associated
          data components are illustrated in Fig. 2.           Pointer ::= CHOICE {
                                                                  uri        URI,
                                                                  rfid       RFID,
                                                                  gps        GPS,
                                                                  address   Address,
                                                                  dbRecord  DBRecord,
                                                                  ...  -- Expect other pointer types --

                                                               }
                                                               The  precedingBlock  attribute  contains  a  value  of
                      Fig. 2. SignedData block series
                                                               type HashPointer that implements a Hash Pointer
          The  SignerInfo  header  is  a  structured  data  type   abstract data type. Type HashPointer can be  used
          whose fields include a signing key identifier, a set   to  specify  the  location  of  the  previous  block  in  a
          of attributes to be signed, and the signature of the   SignedData blockchain and to verify the integrity of
          message signer over the signed attributes. Both the   the  data  content  at  that  location.  A  value  of  this
          signature algorithm and digest algorithm identifier   type  contains  "a  pointer  to  the  place where some
          information are also included in type SignerInfo to   information  is  stored"  that  is  paired  with  a
                                                               "cryptographic  hash  of  the  information"  [5].  The





            2                                © International Telecommunication Union, 2018
   19   20   21   22   23   24   25   26   27   28   29