Security

How to verify MD5 and SHA-1 checksums with Terminal

How do you quickly check a file's integrity on your Mac? It's easy with Terminal and one simple command.

Every second, millions of people around the world download data. With the monumental amount of data circulating back and forth from the internet to every corner of the world, it's no wonder there are major security issues at every turn and pass. And while some attacks come from dedicated hackers, many of the problems can be avoided by being mindful of what is being downloaded to our computers.

SEE: The 15 most frightening data breaches

One simple method that involves little more than a command run against the file downloaded is the checksum. Otherwise known as a hash, these values are the result of running a series of algorithms against any kind of file type. The resulting sequence generated provides you with some peace of mind in knowing the file(s) have been unfettered — so long as the hash value matches those provided by vendors, such as Apple, Microsoft, and a host of third-party developers.

The two main types of checksums are MD5 and SHA. The checksum types are similar in result, though go about the hash generation process in different ways, particularly in the strength of the underlying encryption used in the algorithm.

MD5 uses a 128-bit digest size. Even though MD5 has been compromised, it is still the most used type of checksum. Command: md5 filename.extension (Figure A).

Figure A

checksumfiga012216.jpg
Image: Jesus Vigo/TechRepublic

SHA offers expanded security, using a 160-bit digest size for SHA-1. The more secure SHA-2 and SHA-3 cryptographic hashes offer up to 512-bit digest sizes and an overall hardened cryptanalysis. Command: shasum filename.extension (Figure B).

Figure B

checksumfigb012216.jpg
Image: Jesus Vigo/TechRepublic

The concept behind using a checksum for verification purposes is that a developer may write code for an application. Upon packaging the app, the developer can run a checksum on the file to determine its hash. This value is then made publicly available, allowing users to run their own checksum against the downloaded file from a webserver and compare the value generated in Terminal to that of the developer's posted value.

If the values match, chances are quite good the integrity of the original file has not been compromised (Figure C). If the values don't match, there is good reason to believe the file (or contents there of) may have undergone an unauthorized modification, which is common for malware, like Trojan horses or spyware.

Figure C

checksumfigc012216.jpg
Image: Jesus Vigo/TechRepublic

Sound off

Have you ever used checksums when creating data? If so, how was the experience? Let us know in the comments.

Also see

About

Jesus Vigo is a Network Administrator by day and owner of Mac|Jesus, LLC, specializing in Mac and Windows integration and providing solutions to small- and medium-size businesses. He brings 19 years of experience and multiple certifications from seve...

Editor's Picks

Free Newsletters, In your Inbox