Tech Demo

This is a tech demo. Some functions may be missing or not working.

Zurück zum Blog

How Cryptographic Hash Chains Make Your Audit Logs Tamper-Proof

· Logproof Team · 7 Min. Lesezeit · cryptography security hash-chains

When someone says their audit logs are "immutable," the critical follow-up question is: how do you prove it? Writing records to a database and calling them immutable is not enough. Any database administrator — or anyone who gains access to the database — can modify records silently. True immutability requires a mechanism that makes tampering detectable, not just inconvenient. That mechanism is cryptographic hash chaining.

The Problem with Plain Database Audit Logs

Let us start with the most common approach to audit logging in SaaS applications. You create an audit_events table, insert a row every time something significant happens, and maybe set some database-level permissions to restrict who can modify the table.

CREATE TABLE audit_events (
    id BIGSERIAL PRIMARY KEY,
    action VARCHAR(255) NOT NULL,
    actor_id VARCHAR(255),
    target_type VARCHAR(255),
    target_id VARCHAR(255),
    metadata JSONB,
    created_at TIMESTAMP NOT NULL DEFAULT NOW()
);

This works as an activity log, but it fails as a compliance-grade audit trail. Here is why:

Modification is undetectable. A database administrator can run UPDATE audit_events SET action = 'user.login' WHERE id = 42; and there is no trace of the original value. The row looks like it was always that way.

Deletion is undetectable. DELETE FROM audit_events WHERE id BETWEEN 100 AND 200; removes a hundred events, and unless someone is tracking the exact count and IDs of all events, nobody will notice the gap.

Insertion of false records is undetectable. Someone can insert backdated events that never actually occurred. The created_at timestamp is just a column value — it can be set to any date.

Backup-level attacks are possible. Even if you restrict application-level access, someone with access to database backups or the underlying storage can modify data at rest.

The fundamental issue is that a relational database is designed for CRUD operations. It is an excellent tool for application state, but it provides no built-in mechanism to prove that data has not been altered. For compliance and security purposes, you need something more.

How Hash Chains Work

A hash chain is a data structure where each entry includes a cryptographic hash that depends on the previous entry. This creates a linked sequence where modifying any single entry invalidates every entry that follows. Let us build one step by step.

Step 1: Understanding Cryptographic Hash Functions

A cryptographic hash function takes an input of any size and produces a fixed-size output (the "hash" or "digest"). SHA-256, which produces a 256-bit (32-byte) output, is the most widely used. It has three properties that matter for our purposes:

Deterministic: The same input always produces the same hash. SHA-256("hello") will always equal 2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824.

Pre-image resistant: Given a hash output, it is computationally infeasible to determine the input. You cannot reverse-engineer the original data from its hash.

Collision resistant: It is computationally infeasible to find two different inputs that produce the same hash. For SHA-256, the probability of a random collision is approximately 1 in 2^128 — a number so large that it is effectively zero.

These properties mean that a SHA-256 hash acts as a unique fingerprint for a piece of data. If even a single bit of the input changes, the output hash changes completely and unpredictably.

Step 2: Chaining the Hashes

Here is where it gets interesting. Instead of hashing each audit event independently, we incorporate the hash of the previous event into the current event's hash calculation.

Let us walk through a concrete example. Suppose we have three audit events:

Event 1 (the genesis event):

action: "user.created"
actor_id: "admin_001"
timestamp: "2026-02-25T10:00:00Z"
previous_hash: "0000000000000000000000000000000000000000000000000000000000000000"

Since this is the first event, the previous hash is all zeros (a conventional starting value). We compute the hash of Event 1 by concatenating all fields and hashing them:

hash_1 = SHA-256("user.created|admin_001|2026-02-25T10:00:00Z|0000...0000")
       = "a3f2b8c91e4d7..."  (64 hex characters)

Event 2:

action: "user.role.updated"
actor_id: "admin_001"
timestamp: "2026-02-25T10:05:00Z"
previous_hash: "a3f2b8c91e4d7..."  (hash_1 from above)

Now we compute Event 2's hash, incorporating Event 1's hash:

hash_2 = SHA-256("user.role.updated|admin_001|2026-02-25T10:05:00Z|a3f2b8c91e4d7...")
       = "7b9e1f3a82c56..."

Event 3:

action: "document.accessed"
actor_id: "user_042"
timestamp: "2026-02-25T10:10:00Z"
previous_hash: "7b9e1f3a82c56..."  (hash_2 from above)

hash_3 = SHA-256("document.accessed|user_042|2026-02-25T10:10:00Z|7b9e1f3a82c56...")
       = "e5d4c3b2a19f8..."

Each event's hash depends on the hash of the event before it, which depends on the hash of the event before that, and so on back to the genesis event. This is the chain.

Step 3: Why Tampering Breaks the Chain

Now suppose an attacker wants to modify Event 2 — perhaps changing the action from user.role.updated to user.login to hide a privilege escalation. When they change Event 2's data, its hash changes:

tampered_hash_2 = SHA-256("user.login|admin_001|2026-02-25T10:05:00Z|a3f2b8c91e4d7...")
                = "1a2b3c4d5e6f7..."  (completely different from the original hash_2)

But Event 3 still records the original hash_2 as its previous_hash. Now there is a mismatch: Event 3 says its previous hash should be 7b9e1f3a82c56..., but Event 2's actual hash is 1a2b3c4d5e6f7.... The chain is broken.

The attacker could try to fix this by also updating Event 3's previous_hash to match the tampered Event 2. But then Event 3's hash would change too, breaking the link to Event 4. The attacker would need to recompute every hash from the tampered event all the way to the end of the chain.

This cascading effect is what makes hash chains powerful. Modifying a single event requires rewriting every subsequent event in the chain. And if any external party has recorded the hash of the latest event (or any event after the tampered one), the rewrite is detectable.

Verification: Proving Integrity

Verification is the process of walking the chain and checking that every link is valid. The algorithm is straightforward:

1. Start at Event 1
2. Compute its hash from its data and the genesis previous_hash
3. Compare the computed hash to the stored hash
4. Move to Event 2
5. Compute its hash from its data and Event 1's hash
6. Compare the computed hash to the stored hash
7. Continue until the end of the chain
8. If every computed hash matches the stored hash, the chain is intact
9. If any hash mismatches, identify the first broken link

This verification can be performed by anyone with read access to the audit log. It does not require any secret keys or special permissions. The math is deterministic — given the same input data, anyone will compute the same hashes.

For a chain of N events, verification requires N hash computations. SHA-256 is fast — a modern processor can compute millions of hashes per second — so verifying even large chains (millions of events) takes only seconds.

SHA-256: Why This Specific Algorithm

SHA-256 (part of the SHA-2 family, standardized by NIST) is the standard choice for hash chains for several reasons:

Security margin: SHA-256 has a 128-bit security level against collision attacks. Breaking it would require approximately 2^128 operations — far beyond the capability of any current or foreseeable computing technology, including quantum computers using Grover's algorithm (which would reduce the security to approximately 2^128 for pre-image attacks, still considered safe).

Performance: SHA-256 is hardware-accelerated on most modern CPUs (Intel SHA Extensions, ARM Cryptography Extensions). This means computing hashes adds negligible latency to audit event processing.

Standardization: SHA-256 is approved by NIST, accepted by SOC2 and ISO 27001 auditors, and is the hash function used in TLS, Bitcoin, and most digital signature schemes. Using it means you never have to justify your choice of algorithm to an auditor.

Output size: The 256-bit (32-byte) output is compact enough to store efficiently but long enough to provide strong collision resistance.

Hash Chains vs. Blockchain

If hash chaining sounds familiar, it should — blockchains use the same fundamental technique. But there are important differences that make a purpose-built hash chain more appropriate for audit logging than a blockchain.

Consensus overhead: Blockchains require a consensus mechanism (proof of work, proof of stake, or similar) to agree on the state of the chain across multiple parties. For audit logging, there is typically a single authority writing events, so consensus is unnecessary overhead.

Transaction costs: Public blockchains charge fees for every transaction. At audit logging volumes (thousands to millions of events per day), this becomes prohibitively expensive.

Latency: Blockchain transactions are not instant. Bitcoin blocks take approximately 10 minutes; even faster chains have multi-second finality. Audit events need to be recorded in real-time.

Privacy: Public blockchains are, by definition, public. Audit log data is sensitive and should not be visible to the world.

Simplicity: A hash chain for audit logging is a straightforward data structure. You do not need miners, validators, smart contracts, gas fees, or consensus protocols. You need sequential hashing with verification.

The correct analogy is this: blockchain is a distributed, trustless hash chain with consensus. Audit logging needs a centralized, efficient hash chain with verification. The cryptographic foundation is the same; the infrastructure requirements are entirely different.

Handling Concurrent Writes

One practical challenge with hash chains is ordering. Since each event's hash depends on the previous event, events must be written sequentially. In a concurrent system where multiple events might arrive simultaneously, you need a serialization mechanism.

Common approaches include:

Sequential queue: Route all audit events through a single queue that processes them in order. This is the simplest approach and works well for most SaaS applications. At typical audit logging volumes, a single queue can process thousands of events per second.

Partitioned chains: Maintain separate hash chains per tenant, stream, or category. Events within each chain are sequential, and chains can be processed independently. This provides higher throughput while maintaining integrity within each partition.

Sequence numbers: Assign monotonically increasing sequence numbers to events before hashing. This provides a canonical ordering even if events are processed slightly out of order.

Logproof uses partitioned chains at the workspace level, meaning each customer's audit trail is an independent hash chain. This provides strong integrity guarantees while supporting high-throughput concurrent writes across tenants.

How Logproof Implements Hash Chains

When you send an audit event to Logproof's API, here is what happens:

  1. Event reception: The event is received and validated against the schema.
  2. Sequencing: The event is assigned a position in the workspace's hash chain.
  3. Hash computation: The event's hash is computed from its data fields combined with the previous event's hash.
  4. Storage: The event and its hash are written to immutable, append-only storage.
  5. Response: The API returns the event ID and its hash, so you can independently verify it later.

Verification is available through a dedicated API endpoint:

curl https://logproof.de/v1/verify \
  -H "Authorization: Bearer your-api-key"

This walks the entire chain for your workspace and returns the verification result: either a confirmation that the chain is intact, or identification of the first broken link (which, in a correctly operating system, should never occur).

You can also verify individual events by requesting their hash and checking it against the chain:

curl https://logproof.de/v1/events/{id}/verify \
  -H "Authorization: Bearer your-api-key"

Key Takeaways

  • Database tables are not tamper-proof. Anyone with write access can modify, delete, or insert records without leaving a trace.
  • Hash chains create cryptographic linkage between events. Modifying any event breaks the chain from that point forward.
  • SHA-256 provides strong, standardized guarantees. It is fast, hardware-accelerated, and accepted by all major compliance frameworks.
  • Verification is deterministic and open. Anyone with read access can verify the chain without secret keys.
  • Hash chains are not blockchains. They share cryptographic foundations but differ in overhead, cost, latency, and complexity. Audit logging needs the former, not the latter.
  • Concurrent writes require serialization, but this is a solved problem with well-understood approaches.

If your audit logs cannot be independently verified for integrity, they are not truly tamper-proof — they are just trusted. And in the compliance world, trust is not enough. Cryptographic proof is what closes the gap between "we believe our logs are intact" and "we can prove it."

Artikel teilen

Auf X posten Auf LinkedIn teilen

Bereit für manipulationssichere Audit-Logs?

Starte in Minuten mit einem einzigen API-Call. Kostenloser Plan verfügbar.

Kostenlos starten →