Glossary

Checksum / File Hash

A calculated value derived from a file's contents — used to verify the file has not been corrupted or tampered with during transfer.

Last updated

What Is a Checksum?

A checksum (also called a file hash or digest) is a fixed-length string of characters calculated from a file's contents using a mathematical algorithm. Even a single changed bit in the file produces a completely different checksum — this property makes checksums an extremely reliable way to verify file integrity.

How Checksums Verify File Integrity

  1. The original file creator calculates a checksum and publishes it alongside the download
  2. You download the file and calculate the checksum yourself
  3. If both checksums match, the file was downloaded without any corruption or tampering
  4. If they differ, the file was modified — either corrupted during transfer or tampered with

Common Hash Algorithms

AlgorithmOutput LengthStatus
MD5128-bit (32 hex chars)Not secure for cryptography; fine for integrity checks
SHA-1160-bit (40 hex chars)Deprecated for security; still used for integrity
SHA-256256-bit (64 hex chars)Current standard — recommended
SHA-512512-bit (128 hex chars)Higher security margin; same concept

How to Check a File Hash

Windows (PowerShell):

Get-FileHash filename.zip -Algorithm SHA256

macOS / Linux:

shasum -a 256 filename.zip

Compare the output to the published hash. They must match exactly — even one different character means the file is different.

Why This Matters for Downloads

When downloading large files (OS images, software installers, archives), always verify the SHA-256 hash if published. A mismatch means:

  • The download was corrupted mid-transfer (retry the download)
  • The file was modified by a third party (do not use it — download from the official source)