DEFINITION: A key capability in ISO 14721 conforming digital repositories is ensuring the integrity of the records in its custody, which involves two related preservation actions. The first action generates a cryptographic hash algorithm that normalizes any digital object regardless of size or content type to a fixed length bit stream (e.g., 156 bits). This fixed length bit stream is called a hash digest and it serves as a digital fingerprint. Depending upon the "strength" of the hash digest algorithm used, it is "computationally infeasible" for two different digital objects to have the same hash digest or to reconstruct a data object from this hash digest.
The second action involves integrity fixity that supports an unbroken electronic chain of custody captured in Preservation Description Information (PDI) in AIPs. Hash digests cannot support this chain of custody because migration to newer file formats will introduce changes in the underlying bit streams. Affixing a digital signature to an AIP that authenticates it after any preservation action will mitigate this issue. Over time digital signatures support a strong, unbroken chain of electronic custody.