Executive Explanation.
File integrity and Digital Witness certificates — a high-level overview of what a certificate proves, and how it stays provable over time.
The certificate is a cryptographic link, not a copy.
A Digital Witness Certificate does not replace the original file. It creates a cryptographic link to the file as it existed at a specific moment in time. When a file is captured or ingested, a cryptographic hash (SHA-256) is computed directly from its contents. This hash functions as a unique mathematical fingerprint of the file: even the smallest change to the file would produce a completely different hash.
The fingerprint is sealed in a witness record.
The fingerprint is sealed in the Digital Witness record together with a timestamp and system context. From that moment forward, the witness record cannot be altered without detection. The certificate proves that a file with that exact fingerprint existed at the stated time. Evidence Binders preserve this relationship by including both the original files and their corresponding witness records, and by sealing the collection as a whole.
Verification is objective, repeatable, and trust-independent.
At any later point — including in a courtroom — integrity is demonstrated by recomputing the hash of the presented file and comparing it to the hash recorded in the certificate. If the hashes match, the file is proven identical to the original; if not, any alteration or substitution is immediately detectable. The comparison is objective and repeatable, and does not rely on trust in any party or system — only on cryptographic comparison of the file itself.
- ✓The certificate creates a cryptographic link, not a copy.
- ✓Any file modification results in a completely different hash.
- ✓Verification is objective, repeatable, and trust-independent.
Want this in front of a regulator or court?