sha-1 checksum

October 3rd, 2007 mysurface Posted in Misc, sha1sum | Hits: 66880 | 3 Comments »

What is sha-1 checksum? I heard about md5 checksum, did sha-1 makes any different?

Sha-1 is another algorithm that is used to verify data integrity, but MD5 uses 128bits where sha-1 uses 160 bits. Refers to the article in slashdot, title MD5 To Be Considered Harmful Someday, collision has been found in the MD5 algorithm, meaning that you may get a same md5 hash value from two different files, indicate md5 hash is no longer unique. Therefore, some of the iso downloads uses sha-1 for data integrity checksum, one of the example is Fedora 7 DVD. But do you think md5 checksum value will collides if you have done errornous download of DVD iso?

Anyway, sha1 serves as an alternatives to MD5. There exist sha-224, sha-256, sha-384, sha-512 that uses various bits of message digest for data integrity test just in case sha1 collision had been discovered someday in future.

Okay how to perform sha1 checksum?


The lines below are fedora 7 DVD iso’s Hash, indicates that they uses SHA-1


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

96b13dbbc9f3bc569ddad9745f64b9cdb43ea9ae  F-7-i386-DVD.iso
fc2e7ab25550afb78608c7f432d0af6c6a7b2105  F-7-i386-rescuecd.iso
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFGWfrHtEJp0E8qb9IRAlKbAJ4lFgv2g1t2HHkx9qBR+MICRTjEZACeKW1G
PARJf/frcaGIB27Lw8R3Nng=
=GQMy
-----END PGP SIGNATURE-----

To perform sha1 checksum, it works similar to md5sum, kinda refers back to the examples here.

sha1sum F-7-i386-DVD.iso |  grep "96b13dbbc9f3bc569ddad9745f64b9cdb43ea9ae"

Copy and paste the sha1 code and paste it with grep after the pipelines, if a line has returned indicate it passes the checksum, else, too bad :( , you have to download the iso again.

Related Posts
How to safely upgrade your ubuntu to Hardy Heron 8.04?
After a long wait, Ubuntu Hardy Heron 8.04 have released! If you plan to upgrade your current Ubuntu, I suggest you don'...

md5 checksum how to
First of all, what is md5 ? MD5 is an algorithm that is used to verify data integrity through the creation of a 128-b...

3 Responses to “sha-1 checksum”

  1. sebsauvage Says:
    April 10th, 2008 at 6:45 pm

    BTW, collisions have also been found in sha1 :-)

    So everyone should use at least SHA-256, or simple use a concatenation of MD5 and SHA1. (128+160=288 bits).

  2. Maricela Hulme Says:
    February 9th, 2011 at 10:45 am

    Can I simply say what a aid to seek out somebody who truly knows what theyre talking about on the internet. You undoubtedly know tips on how to carry a problem to gentle and make it important. More folks must learn this and understand this side of the story. I cant believe youre no more common since you undoubtedly have the gift.

  3. nm Says:
    March 8th, 2011 at 5:43 am

    “meaning that you may get a same md5 hash value from two different files, indicate md5 hash is no longer unique.”

    If you use hashing for data integrity – sending a contract in value of $25 000 000 to a client, yes the uniqueness in other words, the complexity is important.

    If you use hashing to see that your porn collection copied to the online storage happened unaltered = not important.

    For latter case, it would be enough that you get a hash result either with 1 or 0 values. You don’t mind if both GurlzShakingWildly.avi and ExpectedRidingwithMorals.mpg has the hash value of 1.

    Just you want to know that at the other end it’s the same hash value you have locally.

Leave a Reply