A file’s hash value is an unique ID for that file to identify itself. It’s generated by one of the hash function or algorithm based on some information about the file, CRC32, MD5, and SHA-1 are the ones mostly used. Accuhash explains it fairly well how it works.
Simply put, a some piece of information – the JPG image, or MP3 music, or in general any file for example – is run through a hash function (through MD5 for example). The result is a relatively short (128 bits or 16 bytes for MD5) string of digits, which is likely to be unique.
If you change even one byte in this file, and then run it through the function again, the result should be different. This is used as a way to verify whether a file has been altered.
Such feature comes very handy for verifying the integrity of files or other piece of information. You often see these numbers from download page on some of the website and you can use these numbers to verify to make sure the file you downloaded is the same one listed on the website. But the question is how to easily find these numbers from the files after I downloaded them.
HashTab is a free Windows application that adds a tab called File Hashes into the Properties window for any files that let you easily find out the hash value for any given file.
By default, it lists hash values from 3 hash functions, CRC32, MD5, and SHA-1, but you can add more by selecting more from the Settings option. There are total 14 of them available for you to use.
To use these information to verify the integrity of the file you download from the Internet, you need to find out the original hash values which are usually provided by the software provider and are usually listed right on the download page. For example, VMware Player 4.0.3 for Windows installation file has the following hash value listed on their website.
And after the file is downloaded, let’s go to the File Hashes tab to find out if the file is indeed the exact same one as the one VMware put on the web.
Hooray…it does, which means the file is downloaded successfully.
Another use of these hash values is to verify if the file is legitimate. If you are uncertain if a file you found in your system is legit, just go to the File Hashes tab of that file and copy SHA-1 value into the clipboard and paste it to Virustotal, a free service that analyzes suspicious files and urls to quickly identify the virus, worms, trojans, and all kinds of malwares.
Tip my hat to Windows Guides for sharing such a useful tool and tip on using it with Virustotal.