Checksums and Signatures
A checksum is a computed fixed length string calculated from the contents of a file.
In principle modifications to the file will also yield a different checksum. There are however ways to avoid this and these properties depends greatly on the algorithm used to calculate the checksum.
Example of two hashing algorithms used for checksumming on mac Os:
These are fixed length strings calculated from files with additional properties in the case that the hashes are strong.
- Not feasable to create two files from scratch with the same checksum
- Not feasable to modify a file and keep the same checksum
MD5 and SHA1 are weak hashes and don’t guarantee the above in general
SHA256 is generally accepted as strong.
Unlike checksum and general hashes signatures involve a secret; a key that makes only the keyholder able to apropriately sign message.