Using Md5sum und sha1sum for Checking Downloaded Files

From Thomas-Krenn-Wiki
Jump to: navigation, search

Message Digest 5 (MD5) and Secure Hashing Algorithm 1 (SHA1) are widely distributed Hashing Algorithms in terms of cryptography, which calculate a 128-bit or 160-bit hash value (or checksum) from any file desired. As a rule, the checksum is stored in a separate file after successful download. Using special programs, the checksum can then be re-calculated for the downloaded file. If the two checksums are identical, the file integrity has been confirmed. According to it, there were no errors during the file download.

Installing and Using MD5 and SHA1 Software

Installing

MD5 and SHA1 software is available for both Linux as well as Windows.

  • Linux: the md5sum and sha1sum utilities are installed by default by most Linux distribution files.
  • Windows: fciv.exe[1]

Checking MD5 & SHA1 Checksums

Linux

Move the downloaded file and the associated MD5 hash file to a folder and execute the following command from the command line.

md5sum -c datei.md5

To check the SHA1 file, execute the following command similarly.

sha1sum -c datei.sha1
Example
benutzer:~/Ordner$ ls
datei.iso  datei.md5

benutzer:~/Ordner$ md5sum datei.iso 
161a1957728be5d530c3fab67ac40652  datei.iso

benutzer:~/Ordner$ cat datei.md5 
161a1957728be5d530c3fab67ac40652  datei.iso

benutzer:~/Ordner$ md5sum -c datei.md5 
datei.iso: OK

Windows

Move the downloaded file and the associated MD5 hash file to a folder and execute the following command using the fciv.exe.

fciv.exe -v -md5 datei.md5

To check the SHA1 file, execute the following command similarly.

fciv.exe -v -sha1 datei.md5

If the checksums agree then the downloaded file is free from errors.

Generating MD5 & SHA1 Checksums

Linux

To create an MD5 file for a file that you would like to provide for downloading, enter the following command from the command line.

md5sum datei > datei.md5

To create a SHA1 file, execute the following command similarly.

sha1sum datei > datei.sha1

Windows

To create an MD5 file for a file that you would like to provide for downloading, enter the following command using fciv.exe.

fciv.exe -add -md5 datei.md5

To create a SHA1 file, execute the following command similarly.

fciv.exe -add -sha1 datei.sha1

Security Instructions

MD5 is now no longer considered secure, because various file exhibiting the same MD5 checksums can be created with little effort, as has been proven.[2] In this manner, an attacker can create an infected file, whose hash value agrees with the original checksum during the test, even though the content is different than the original file.

Progress has also be made in attacking SHA1.[3] However, SHA1 is still not considered to have been hacked. The reason for this is that attacks on SHA1 require too much time for daily use.

References

  1. Availability and Description of the "File Checksum Integrity Verifier" Utility (Microsoft Knowledge Base)
  2. Consequences of Successful MD5 Attacks (heise.de)
  3. Consequences of successful SHA1 Attacks (heise.de)

Additional Information

Related articles

Linux Performance Measurements using vmstat
Using rdiff-backup under Linux
Installing Strawberry Perl in Windows