Security
SmartWatch does not have any authentication, since the publisher is sending the information to an unknown endpoint. EPS adds extra security to this by including these standards:
- HTTPS, which is required when set to active mode
- A signature header so that the consumer can validate the sender
- Certificate tracking to monitor changes to the endpoint
- A lengthy secret token is used to increase hashing results
Hash Algorithms
Secure Hash Algorithms, also known as SHA, are a family of cryptographic functions designed to keep data secured. It works by transforming the data using a hash function: an algorithm that consists of bitwise operations, modular additions, and compression functions.
The hash function then produces a fixed-size string that looks nothing like the original. We use SHA256 and SHA-512, which differ in word size; SHA-256 uses 32-byte words where SHA-512 uses 64byte words.
The purpose of hash is to ensure that the data integrity is maintained and the data is not tampered in the transit.
The X-JHA-Signature appears in the HTTP header, which is the hash of the transmitted message. The receiver can calculate the hash to ensure that it matches what is in the HTTP header (see Hash Example for details).
| ALGORITHM | IMPLEMENTED |
|---|---|
| HMAC SHA256 | 11/28/2018 |
| HMAC SHA512 | 11/28/2018 |