Checksums and Signatures


A checksum is a computed fixed length string calculated from the contents of a file.

In principle modifications to the file will also yield a different checksum. There are however ways to avoid this and these properties depends greatly on the algorithm used to calculate the checksum.

Example of two hashing algorithms used for checksumming on mac Os:

# MD5 checksum 
md5 filename

# SHA256 checksum
shasum -a 256 filename

Cryptographic hash

These are fixed length strings calculated from files with additional properties in the case that the hashes are strong.

MD5 and SHA1 are weak hashes and don’t guarantee the above in general

SHA256 is generally accepted as strong.


Unlike checksum and general hashes, signatures involve a secret; a key that makes only the keyholder able to apropriately sign message.

Related Articles