Checksums and Signatures

Checksums

A checksum is a computed fixed length string calculated from the contents of a file.

In principle modifications to the file will also yield a different checksum. There are however ways to avoid this and these properties depends greatly on the algorithm used to calculate the checksum.

Example of two hashing algorithms used for checksumming on mac Os:

1
2
3
4
5

# MD5 checksum 
md5 filename

# SHA256 checksum
shasum -a 256 filename

Cryptographic hash

These are fixed length strings calculated from files with additional properties in the case that the hashes are strong.

• Not feasable to create two files from scratch with the same checksum
• Not feasable to modify a file and keep the same checksum

MD5 and SHA1 are weak hashes and don’t guarantee the above in general

SHA256 is generally accepted as strong.

Signatures

Unlike checksum and general hashes, signatures involve a secret; a key that makes only the keyholder able to apropriately sign message.