What is a checksum?

There are a lot of different methods available to calculate a hash of a file. The most well known methods are CRC, MD5, SHA1 and SHA256 checksums. Hash sums are generated to ensure the integrity of a file by comparing the fingerprint with a previous, safely stored version.

If the fingerprint of the file is equal to the stored version, the file has not been modified and you can trust it. Unintended modifications can happen through file transfer errors or infection through malware. Collisions or falsifications of the checksum needs to be avoided by the hash algorithm to consider it as a trustworthy algorithm. Two different files with the same fingerprint would be equal to a broken algorithm.

Using MD5 or SHA1 as parameters you are able to compare the checksum with this website.



How to calculate a checksum of a file?

Windows 2000 or higher: You can use the included Certutil.exe Command Line Tool that is part of the certificate services. It can be used to generate a fingerprint for any file as well. Just open the command prompt and type in "certutil -hashfile %FileName% %HashAlgorithm%". This tool supports the generation of MD2, MD4, MD5, SHA1, SHA256, SHA384 and SHA512 hash algorithms.

If you like a graphical interface more, you can use the Open Source tool HashCheck Shell Extension (Download). It makes it easy to select any file from the Windows Explorer and generate a fingerprint.

Linux: Go to the console and type in "sha1sum %FileName%" to generate a SHA1 checksum. You can use the command line tool md5sum in the same way to generate a MD5 checksum.