Many ordinary users would really not care about message digests or hash functions.
To shed light on this, here is an introduction with the following basic facts:
- Data transmitted over the Internet heavily relies on checksums.
- The TCP protocol used to transmit data over the Internet relies on verification of these checksums to make sure that packets sent from your computer to various web sites are correct and not damaged when they reach the web sites, or, the other end.
- Several times, we tend to download huge files like Linux distributions from the Internet. The creators of those ISO files or images give us some hashes along with them to validate that the whole ISO or image was downloaded correctly and not mixed up in transit.
- The hash functions for Fedora 17 or Ubuntu 12.04 LTS Linux Operating System ISO files can be viewed at this link.
- Therefore, I would view a hash as a digital signature of the entire file downloaded to tell me if there was a change in the file contents while it was downloaded.
- If the hashes match, you got a perfectly valid ISO or image file. If they don’t, there was either an error or there was a compromise on the ISO image. Anyway, you would not proceed to use the ISO image or file if the hash did not match.
- Hashes tell you that the content you received was not changed. They assure you that what you have downloaded was accurate and matching up to what was posted up for you to download.
- Verifying the hash also saves you the trouble of installing a defective ISO image onto your computer and later finding that it was corrupt and you need to download it again.
- Lastly, these can also be used in email communication to tell receivers of your email that it was not altered while it was in transit. They also form the basis of the digital signature when you sign an e-mail using a digital certificate.
In short, hashes help us to calculate a single set of digits that are like a checksum of the file. In Linux, you can have hashes for almost any file on your computer. The functions to do this are free and the most common is explained below, with an example.
To experiment with various hash functions, you can try the following with a smaller file:
$ gedit hello.txt <enter>
hello <enter>
Save the file
Now try the following commands in a terminal window to see the hashes generated for each hash type.
$ openssl dgst -md5 hello.txt <enter>
MD5(hello.txt)= b1946ac92492d2347c6235b4d2611184
$ openssl dgst -md4 hello.txt <enter>
MD4(hello.txt)= 63481c78ae04c201fa01ea9d2b1db56d
$ openssl dgst -ripemd160 hello.txt <enter>
RIPEMD160(hello.txt)= 0057b0dc5aac7c215a9a458d6c3c85cd21089af8
$ openssl dgst -sha hello.txt <enter>
SHA(hello.txt)= ddedaa052ea8a1b8f827fc0a209a464158898a10
$ openssl dgst -sha1 hello.txt <enter>
SHA1(hello.txt)= f572d396fae9206628714fb2ce00f72e94f2258f
$ openssl dgst -sha224 hello.txt <enter>
SHA224(hello.txt)= 2d6d67d91d0badcdd06cbbba1fe11538a68a37ec9c2e26457ceff12b
$ openssl dgst -sha256 hello.txt <enter>
SHA256(hello.txt)= 5891b5b522d5df086d0ff0b110fbd9d21bb4fc7163af34d08286a2e846f6be03
$ openssl dgst -sha384 hello.txt <enter>
SHA384(hello.txt)= 1d0f284efe3edea4b9ca3bd514fa134b17eae361ccc7a1eefeff801b9bd6604e01f21f6bf249ef030599f0c218f2ba8c
$ openssl dgst -sha512 hello.txt <enter>
SHA512(hello.txt)= e7c22b994c59d9cf2b48e549b1e24666636045930d3da7c1acb299d1c3b7f931f94aae41edda2c2b207a36e10f8bcb8d45223e54878f5b316e7ce3b6bc019629
$ openssl dgst -whirlpool hello.txt <enter>
whirlpool(hello.txt)= 63f8341c1720d76087bb66a8f3fc9ea21a279edeae866a3611ba425cbd9ac9a4e39b97066b492fed6037988a72a045344c8675107e6bb569276c2f597ea9cbb7
$ openssl md5 xubuntu-15.04-desktop-amd64.iso <enter>
The above validates the hash of the downloaded Xubuntu 15.04 desktop linux distribution. It guarantees that the file that was downloaded on the hard disk is the same as that on the website.
MD5, MD4, SHA1, SHA224, and so on are the types of hashes that can be generated using the openssl program in Linux. Most popular are MD5, SHA256.
Guess what? Hashes are also used in communication over a wireless LAN.
askmeaboutlinux 