Every individual has their own fingerprints which is unique to them. In the same way, for every electronic record or digital record, a hash value could be created. This hash value acts as the unique digital fingerprint of the document, which is unique to them. By electronic records we mean files, data, videos, audios, chats, call recording and forth. It also encompasses any information created, processed or stored in a digital format. Digital records includes computer file such as PDFs, JPEG and so forth
Each of these electronic records have their own hash value which are generated. And they are generated by applying a cryptographic algorithm which is a mathematical formula. This process is many a times known as digital fingerprint which turns the entire file's content into a unique, fixed-length alphanumeric string.
Hash value of an electronic record is generated by using certain cryptographic functions such as SHA-1, SHA-256 and MD5 which are in alphanumeric form. These functions also help in verifying whether a particular file has been altered. Because once a hash value is created by these functions, they remain the same until and unless the content of the electronic records are altered. Once the content of the electronic records are altered, then a new hash value is created.
Most commonly used functions are MD5, SHA-1 and SHA-256. MD5, SHA-1 have been in use years but presently SHA-256 is used to generate hash value due to its enhanced and better security features.
Importance Of Hash Value
Hash values of the electronic records remain the same until and unless any changes or alterations are been made in them. Even changes in the tiniest detail of a file, changes the hash value. Supposedly, when a copy of an image is sent to another person, the hash value is generated for the image. The other person would also have the same hash value as it is there with the sender. But once there is an alteration made in the image, because alteration leads to the generation of a completely new hash value which is completely different from the original record. This process helps us in knowing about the originality of the image, about the authenticity of the image. If any altered image is been sent, then the hash values also gets altered.
For example, there is an image whose hash value is- MD5: 20ca2cghfhfghfgf4554564f305
Now if any change is made in the image, then the hash value also changes. And the new hash value of the altered image would be-
MD5: 20hjsdsbchjdhfhwfhdwfjkf4532
Thus, change in one tiny detail in a file, changes the hash value completely.
Hash Value In The Legal Arena
Different hash values for the same electronic record helps in proving the alterations that are been made in the electronic document. Since the hash value remain the same and it changes only when the changes are been made in the document, this would help in knowing about the originality of the document, about the authenticity of the document. Indeed, altered and manipulated image would result in an altered hash value.
Information Technology (Amended) Act, 2008
Section 3(2) of the Information Technology (Amended) Act, 2008 provides that the authentication of an electronic record should be tested by the use of asymmetric crypto system and hash function. And the explanation to this section provides that, "Hash function" means an algorithm mapping or translation of one sequence of bits into another, generally smaller, set known as "Hash Result" such that an electronic record yields the same hash result every time the algorithm is executed with the same electronic record as its input making it computationally infeasible
1. to derive or reconstruct the original electronic record from the hash result produced by the algorithm;
2. that two electronic records can produce the same hash result using the algorithm.”
Thus once an electronic record is seized, then the hash value is to be generated and each time the electronic record should be able to produce the same hash value. Its only when there is a change made in the electronic record only then the electronic record will show a different hash value. Many a times there is a delay in generating the hash value after an electronic record is seized. This delay makes the electronic record weak for admission.
Bharatiya Sakshya Adhiniyam (BSA)
Section 63 of the Bharatiya Sakshya Adhiniyam (BSA),2023 governs regarding the admissibility of electronic records. It provides that for an electronic record to be admissible in law, certain conditions are to be fulfilled. One such condition is providing the hash value. Section 63 provides a schedule which provides the certificate which is to be filled by the party as well as the expert, wherein they need to provide the hash value. The hash value is to be generated once any electronic record or the digital record is seized.
The certificate to be filled has two parts- Part A and Part B. Part A is to be filled by the party and part B is to be filled by the expert. If electronic evidence is tempered, defence could be created that the hash value is compromised and the electronic evidence would be inadmissible. Hash values provide security to the electronic documents. And if there is any alteration in the file then it's hash value will change and will signify that the file has been altered, tempered or changed in some manner, in such cases electronic evidence cannot be relied upon and the evidence would be inadmissible under section 63 of BSA.
Leading Case Laws on Hash Value
The of Williams v. Sprint/United Mgmt. Co., 230 F.R.D. 640 (D. Kan. 2005) wherein the court has observed that for an electronic record, there is a hash mark and if there is any alteration in the file, there is an alteration in the hash value too. That the party producing the file can ascertain the originality of the file by way of the hash value. Assuring thus, that the original file has not been manipulated or tempered.
In Umesh S/o. Vittal Patil Vs. State Of Karnataka, the Karnataka High Court issued certain guidelines pertaining to the electronic evidences. One such guideline states that the hash value of the electronic record must be collected to authenticate the evidence. That the originality and authenticity of the electronic evidence can be known by hash value. The court further held that hash value at the time of seizure or creation of the record, the hash value is also to be generated to ensure that there is no tempering or lapses after the record has been seized.
Hash value, thus, is an important aspect in proving the originality of the electronic record, once it is seized or created. It is based upon this hash value that the electronic evidence produced before the court is admitted in subsequent trial stage.
Author is an Advocate practcing at Gauhati High Court. Views are personal.