I find a lot of times with my day-to-day work that I have to download files and then verify their checksums to ensure their integrity etc.  This made me consider what is a checksum?

Quoting Wikipedia

checksum is a small-sized datum derived from a block of digital data for the purpose of detecting errors which may have been introduced during its transmission or storage. It is usually applied to an installation file after it is received from the download server. By themselves, checksums are often used to verify data integrity but are not relied upon to verify data authenticity.

Quoting Google Dictionary

a digit representing the sum of the correct digits in a piece of stored or transmitted digital data, against which later comparisons can be made to detect errors in the data.

So basically a checksum is a way to verify a files integrity after you recieve it (usually download).

I often did this before when I would get an ISO file to install Linux or some other similar task.

This is very powerful because you consider how often we exchange files in our day to day business.  Not even considering technical professions, regular businesses can use checksums in their day to day work as well.  Consider a business that’s exchanging a contract.  The way you can verify that you have received the correct (and not tampered with) version is to use a checksum on the file received.

Network protocols typically use checksums to verify transmissions when they are sent and received.  Software Engineers use checksums to verify files that are downloaded and data that is transmitted as well.

There are also several variations in checksum algorithms, but some of the most common include MD5 and SHA256.

If you’d like to create your own checksums they are super easy on both Windows and Mac platforms.

On the Mac you can generate a checksum with the following

-To create an md5 checksum, open the terminal and enter md5 fileName
-To create a SHA256 checksum, open the terminal and enter shasum -a 256

On Windows you can create checksums with several programs, but you can also use a cert utility in the command prompt that will do this.

-Open Command Prompt and enter certutil -hashfile  SHA256
-This also works for the algorithms: MD2 MD4 MD5 SHA1 SHA256 SHA384 SHA512 (just repalce SHA256 with the associated algorithm from the list

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s