How many times have you received a document or a file, and you needed to be sure that you were reading the original version of that file? Moreover, how can you trust a generic .exe, a script or whatever you receive as “attachment”?
Let me introduce a smart solution created ad hoc to check what’s behind a file.
We are talking about the MD5 algorithm!
The MD5 algorithm is a widely used hash function producing a 128-bit hash value. Although MD5 was initially designed to be used as a cryptographic hash function, it has been found to suffer from extensive vulnerabilities. It can still be used as a checksum to verify data integrity, but only against unintentional corruption.
Like most hash functions, MD5 is neither encryption nor encoding. It can be reversed by brute-force attack.
For example, you can create useful “fingerprints” of your work, and then share it.
Like this one: click here and download a .mol2 (Histidine).
How you can trust that the file you are you going to download is really “the” file we are talking about?
Well, with MD5 you can always be sure of its origin, because I have assigned to it a MD5 signature:
MD5 (Histidine.mol2) = 8926aab5d9b3e9a88f642a25a50c6146
If you download it you can see by yourself what is the MD5 without opening the file!
From your terminal just type:
$ md5 Histidine.mol2
and you will get this output:
$ MD5 (Histidine.mol2) = 8926aab5d9b3e9a88f642a25a50c6146
So now you are pretty sure: this is an information strictly related to your file. Not only this, but this is a unique information!
(Yes it can reversed by a brute force attack but it isn’t easy and it waste a lot of time/computing power!)
If you add only a “space” at end of the file the hash of this file will change like this:
$ md5 Histidine.mol2
$ MD5 (Histidine.mol2) = 0084ce853a6308b4959bd711f1172b80
The fingerprints change dramatically!
There isn’t anymore any relation between two strings! And we have just added a single space at end of .mol2 file!
No one could never modify this info or even try to understand what was the info behind such fingerprints.
There are a lot of applications for “signing” a file in this way, rather than just check the origin of a file: for example, you can avoid any modification to your files done by other people, because as we’ve seen every edit will dramatically change the fingerprint itself!
Of course, md5 is also one of the best option to validate any information.