Reputation: 4268
How does hash functions (such as md5) verify if the files downloaded are not corrupt?
I wish to know how do software verify the downloaded files are not corrupt by using hash functions?
Upvotes: 0
Views: 276
Answers (2)
Reputation: 3398
Consider password hash verfication process....
you signup to "www.example.com" and they ask for your password
"your-secret-password" >> gets hashed and becomes gn234hs (for example)
You now have a "reference" hash
you come back a month later and as long as you provide same password the hash function will produce the same output gn234hs - which matches the original and verifies that what you entered is the same as what was entered last time.
No big insights there....
what if, instead of feeding in a password - someone feed a binary representation of a file or a collection of text files into the hashing function.
[010101001010101... huge number] >> hash function
hash function produces 32j4h234j234k23j4h23k4h23kj423kj4h3
you now have a "reference hash" for that file.
Now you get a file off the internet
If you run the file through the same hashing function and you get
32j4h234j234k23j4h23k4h23kj423kj4h3 - same as for a password - you know the file is a bit for bit representation of the original.
So the question is, I get how a hash can represent a password thats only a few characters , but how can a hash represent an unbelievably huge binary sequence or text file, be "sensitive" enough to detect changes and still have a unique quality?
Basically, because of the "randomness" of the output of cryptographic hash functions (as distinct from ordinary hashes) and the number of possible combinations a hash can have is so huge, that whilst its possible for different permutations of the items being hashed to result in the same hash - its so small as to be considered statistically insignificant.
Its a bit oversimplified, but hopefully that helps. There (obviously) is tons of info on the subject if you google it, e.g. the wiki article linked to already.
Upvotes: 1
Reputation: 9251
You should read http://en.wikipedia.org/wiki/File_verification,
"Hash-based verification ensures that a file has not been corrupted by comparing the file's hash value to a previously calculated value. If these values match, the file is presumed to be unmodified." That's how
Upvotes: 1
Related Questions
- How does MD5Sum algorithm work?
- How does comparing images through md5 work?
- when I hash a file with Md5 what is hashed?
- How a download user checks md5 after file download?
- MD5 Checksums on Downloads
- MD5 file integrity check
- Why is checking MD5 hash important
- Does md5_file download the file it is getting the checksum from?
- Why do some sites have a md5 string on each file?
- Calculating MD5 of a file to guarantee integrity