A hash-based secure interface on plain connection

This paper proposes a hash-based secure interface between two nodes on the Internet, especial between two interfaces or two web pages. Digital signatures and public-private keys are traditionally used to provide integrity and authentication. This paper proposes an alternative method which uses a shared private key and a public hash function for a message that is sent over a plain connection without losing integrity and authentication. An additional private algorithm is needed when the message has been hashed based on the message and the salt (the shared private key), and the hashed value will be re-computed with the private algorithm to produce a string named as checksum. At the other end, when a message is received with a checksum the same process is followed to produce a new checksum. If the produced checksum is equal to the received checksum, the message is legitimate. For efficiency and reliability, a timestamp and validity period is introduced to the scheme. The salt gets more salty with time included and so does the secure interface.