Checksum
A checksum is like a fingerprint for a file. Run any file through a checksum algorithm and it produces a unique string of characters. If even a single byte in the file changes, that fingerprint changes completely. Two identical copies of a file always produce the exact same fingerprint, no matter where they are in the world. This lets you confirm a download arrived exactly as the publisher intended.
A checksum is the output of a cryptographic hash function applied to a block of data. Hash functions are one-way mathematical operations with three critical properties:
Deterministic: the same input always produces the same output, on any machine, anywhere.
Avalanche effect: a single-bit change in the input produces a completely different output. There is no gradual drift; the change is total and unpredictable.
Preimage resistance: given the hash output, it is computationally infeasible to reconstruct the original input.
Collision resistance: it is computationally infeasible to find two different inputs that produce the same hash output.
Common algorithms:
| Algorithm | Output size | Status | Use |
|---|---|---|---|
| MD5 | 128-bit (32 hex chars) | Broken | Legacy only; do not use for security |
| SHA-1 | 160-bit (40 hex chars) | Broken | Deprecated; collision demonstrated |
| SHA-256 | 256-bit (64 hex chars) | Current | Standard for download verification |
| SHA-512 | 512-bit (128 hex chars) | Current | Higher assurance, larger output |
| SHA-3 | Variable | Current | NIST standard; Keccak construction |
SHA-256 and SHA-512 are both members of the SHA-2 family, designed by the NSA and standardized by NIST. They are the current defaults for download verification.
Checksums verify integrity, not authenticity. A matching checksum proves the file was not corrupted in transit. It does not prove the file came from the expected publisher. If an attacker compromises the server hosting both the file and the checksum, they can replace both. GPG signatures address the authenticity gap.
Computing and verifying checksums
# Compute the SHA-256 hash of a downloaded file
sha256sum ubuntu-24.04-desktop-amd64.iso
# a435f6f393dda581172490eba797417a... ubuntu-24.04-desktop-amd64.iso
# Compute SHA-512 instead
sha512sum ubuntu-24.04-desktop-amd64.iso
# Verify against a published checksum file (Linux)
# The file SHA256SUMS contains: <hash> <filename>
sha256sum -c SHA256SUMS --ignore-missing
# ubuntu-24.04-desktop-amd64.iso: OK
# Windows PowerShell equivalent
Get-FileHash .\ubuntu-24.04-desktop-amd64.iso -Algorithm SHA256
# macOS uses shasum with -a flag for algorithm selection
shasum -a 256 ubuntu-24.04-desktop-amd64.isoEvery major Linux distribution publishes SHA-256 (and often SHA-512) checksums alongside their ISO releases. Ubuntu posts a SHA256SUMS file at releases.ubuntu.com; Kali Linux, Fedora, and Debian all follow the same pattern. Security tools like Wireshark, VirtualBox, and OpenWRT firmware images do the same. The workflow is always: download the file from any source, download the checksum from the official site, run sha256sum -c or Get-FileHash, and only proceed if the hashes match. A mismatch means either a corrupted download (re-download) or a tampered file (report it and do not use it). For software that will be deployed to production systems or burned to install media, skipping checksum verification is the kind of shortcut that shows up in post-incident reports.