Featured:
Allergies
Tech Know
Grilling Guide
eHow Now Blog

How to Use Hashes to Detect Computer Tampering

Security-conscious computer users can ensure they are getting pristine copies of any documents or software they download (and be alerted to alterations that occur to files on their own computers) by ensuring that those files can pass a hash function. Hash functions are sophisticated programs that analyze the binary code of a document and produce a string, known as the hash value, that you can use to detect changes.

Instructions

    • 1

      Download a hash-checking program. Popular choices are MD5 and SHA-2. This tutorial will assume you are using MD5, but the process will be the same for either.

    • 2

      Find the MD5 hash value. If you downloaded software or documents from the Internet, the developer's web page may contain the hash value on it. Otherwise, you must generate it yourself. On Windows, after you have downloaded a MD5 program, you can do so by dragging the document onto the MD5 program icon.

    • 3

      Record the known hash value for the pristine file in another location, such as a text file, a database or just a sheet of paper.

    • 4

      Repeat step 3 anytime you want to check the file or document for modification. Any variation in the hash value indicates the file has been changed.

Tips & Warnings

  • Some web browsers and operating systems will look for hash values automatically and use them to verify downloaded documents and files before giving the user access to them.

  • The basic concept of a hash can be illustrated with an arithmetic problem. Take a list of numbers: 1 1 1. One way to tell if one of the numbers has changed is to add them together: 1 + 1 + 1 = 3. Because you know the sum of all the numbers is 3, should you ever perform the addition and discover that the result is anything other than three, you know that the list of numbers (your data) has been modified. Of course, this trivial example could be very easily fooled (2 + 0 + 1), which is why real hash programs use far more sophisticated methods.

  • Hash checking only works if you can obtain a hash for a copy of a file known to be pristine from which to base your comparisons.

Suggest item

Related Searches:

References

Comments

You May Also Like

Related Ads

thumbnail
Featured