A checksum or hashsum is a fixed-size data computed from an arbitrary block of digital data for the purpose of detecting accidental errors that may have been introduced during its transmissions or storage. The integrity of the data can be checked at any later time by recomputing the checksum and comparing it with the stored one. If the checksums do not match, the data was certainly altered.
A cryptographic hash function is a deterministic procedure that takes an arbitrary block of data and returns a fixed-size bit string, the hash value, such that an accidental or intentional change to the data will almost certainly change the hash value. In many contexts, the data to be encoded are often called the "message", and the hash value is also called the message digest or simply digest.
The ideal hash function has four main properties:
* it is easy to compute the hash for any given data,
* it is extremely difficult to construct a text that has a given hash,
* it is extremely difficult to modify a given text without changing its hash,
* it is extremely unlikely that two different messages will have the same hash.
In cryptography, MD5 (Message-Digest algorithm 5) is a widely used cryptographic hash function with a 128-bit hash value. MD5 has been employed in a wide variety of security applications, and is also commonly used to check the integrity of files. Collision has been found in the MD5 algorithm, meaning that you may get a same md5 hash value from two different files, indicate md5 hash is no longer unique. Therefore, some of the downloads uses sha-1 for data integrity checksum, one of the example is Fedora 7 DVD.
The SHA (Secure Hash Algorithm) hash functions are a set of cryptographic hash functions. The three SHA algorithms are structured differently and are distinguished as SHA-0, SHA-1, and SHA-2. No attacks have yet been reported on the SHA-2 variants. sha-1 uses 160 bits.
sha1sum is a computer program which calculates and verifies SHA-1 hashes. It is commonly used to verify the integrity of files. It (or a variant) is installed by default in most Unix-like operating systems, including Mac OS X. Variants include shasum, sha224sum, sha256sum, sha384sum and sha512sum, which use a specific larger hash function than SHA-1. Versions for Microsoft Windows also exist. Some weaknesses have been found in SHA1. However, sha1sum is still usable for general-purpose file checksumming, and is widely considered more secure than MD5 or a CRC.
md5sum is a computer program that calculates and verifies 128-bit MD5 hashes. The MD5 hash (or checksum) functions as a compact digital fingerprint of a file. It is extremely unlikely that any two non-identical files existing in the real world will have the same MD5 hash. The md5sum program is installed by default in most Unix, Linux, and Unix-like operating systems or compatibility layers. BSD variants (including Mac OS X) have a similar utility called md5. Versions for Microsoft Windows do exist. Note that a cryptanalytic attack on the MD5 algorithm has been found, which means a method has been found to calculate a file that will have a given md5sum in less than the time required for a brute force attack. Although it would still be quite computationally expensive to construct such a file, md5sum should not be used in situations where security is important (such as cryptographic hashing). It is still useful for general-purpose file integrity verification, such as protecting against random bit flips.
How to create MD5 checksum?
Let say you want to check the file getos.sh.
> md5sum getos.sh
02b0ca290739f9d50fa6591e3892d3dd getos.sh
With this, it prints out the 128 bit fingerprint strings. Tally the string you obtained with the provided one. Provider do the same way to obtain this string and publish to the site.
Another way let say you have more files to verify, you can create a text file, such as md5sum.txt
283158c7da8c0ada74502794fa8745eb ubuntu-6.10-alternate-amd64.iso
549ef19097b10ac9237c08f6dc6084c6 ubuntu-6.10-alternate-i386.iso
5717dd795bfd74edc2e9e81d37394349 ubuntu-6.10-alternate-powerpc.iso
99c3a849f6e9a0d143f057433c7f4d84 ubuntu-6.10-desktop-amd64.iso
b950a4d7cf3151e5f213843e2ad77fe3 ubuntu-6.10-desktop-i386.iso
a3494ff33a3e5db83669df5268850a01 ubuntu-6.10-desktop-powerpc.iso
2f44a48a9f5b4f1dff36b63fc2115f40 ubuntu-6.10-server-amd64.iso
cd6c09ff8f9c72a19d0c3dced4b31b3a ubuntu-6.10-server-i386.iso
6f165f915c356264ecf56232c2abb7b5 ubuntu-6.10-server-powerpc.iso
4971edddbfc667e0effbc0f6b4f7e7e0 ubuntu-6.10-server-sparc.iso
First column is the md5 string and second column is the location of the file. To check all them from file, do this:
> md5sum -c md5sum.txt
The output will be like this if success
...
ubuntu-6.10-desktop-amd64.iso: OK
ubuntu-6.10-desktop-i386.iso: OK
...
How to perform sha1 checksum?
The lines below are fedora 7 DVD iso’s Hash
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
96b13dbbc9f3bc569ddad9745f64b9cdb43ea9ae F-7-i386-DVD.iso
To perform sha1 checksum, it works similar to md5sum
> sha1sum F-7-i386-DVD.iso | grep "96b13dbbc9f3bc569ddad9745f64b9cdb43ea9ae"
Copy and paste the sha1 code and paste it with grep after the pipelines, if a line has returned indicate it passes the checksum, else, too bad :( , you have to download the iso again.
Ref: Wikipedia & linux.byexamples.com
1 comment:
Rather, rather
Post a Comment