16

What is the difference between Sha1sum, Sha256sum and Md5sum ? and how to check all these for some iso file? and how to create md5sum.txt file in ubuntu ?

Pandya
  • 24,618
Marko Blanka
  • 189

3 Answers3

12

If you look at the man page for each of those, you'll see that they say:

md5sum - compute and check MD5 message digest

sha1sum - compute and check SHA1 message digest

sha256sum - compute and check SHA256 message digest

That tells you that they all create a message digest, which is a one-way function that takes as its argument an arbitrarily sized data and returns a fixed size hash. A hash is considered impossible (within the bounds of practicality) to reverse and to find two different messages with the same hash (called a collision).

The difference between the three is the algorithm used to generate this hash.

MD5 was invented in the early 1990s and is considered flawed and obsolete by now.

SHA1 was also developed in the early 1990s. It is considered stronger than MD5, but not strong enough. Its use is currently being withdrawn from the digital signature on X.509 digital certificates.

SHA256 is the currently recommended hash function.

Unless you have a reason to use the weaker algorithms, then SHA256 is the way to go.

To create the text file, simply redirect the output to the file. For example, if you have a Ubuntu ISO image you want to hash:

 md5sum Ubuntu.iso > md5sum.txt

Of course, that works with the other variants too.

You can then (for example) distribute that file over the Internet and the recipient can check the hash again with:

md5sum Ubuntu.iso

That will print the MD5 hash which the recipient can compare with the content of the md5sum.txt file that you will have published. If they are the same, the file hasn't been tampered with.

Of course, it would be better to use sha256sum than md5sum. You'll often find a selection of these hashes published (md5sum.txt, sha1sum.txt and/or sha256sum.txt) with an ISO to allow for the fact that some systems might not have all of these utilities.

garethTheRed
  • 33,957
2

MD5, SHA-1, and SHA-256 are different hash functions (digests). They are different both in algorithm and output size.

If you check big files then you can accelerate the process by avoiding having to read the file several times. A general approach is

mkfifo md5 sha1 sha256
md5sum md5 >md5.txt &
sha1sum sha1 >sha1.txt &
sha256sum sha256 >sha256.txt &
zsh -c 'setopt MULTIOS; cat input >md5 >sha1 >sha256'

In this case it is simpler, though, because there is a program which computes several digests simultaneously:

gpg --print-mds input
Hauke Laging
  • 90,279
1

md5sum is about 3 times faster than sha256sum (HDD at read speed about 150MB/s)

[#25#wangx@windows:系统盘] $ ll manjaro-xfce-19.0.2-200303-linux54.iso -h
-rwxrwxrwx 1 wangx wangx 2.6G Mar  5  2020 manjaro-xfce-19.0.2-200303-linux54.iso*
[#26#wangx@windows:系统盘] $ time md5sum manjaro-xfce-19.0.2-200303-linux54.iso
bc1207cbb099fa07a089aa9e1afaf82d  manjaro-xfce-19.0.2-200303-linux54.iso

real    0m5.468s
user    0m4.547s
sys     0m0.891s
[#27#wangx@windows:系统盘] $ time sha256sum manjaro-xfce-19.0.2-200303-linux54.iso
ce49445ae48667389a70bf4f5247634520e0ed81a3d09f6ff64db0a6970a1123  manjaro-xfce-19.0.2-200303-linux54.iso


real    0m14.490s
user    0m13.453s
sys     0m0.969s
[#28#wangx@windows:系统盘] $ time md5sum manjaro-xfce-19.0.2-200303-linux54.iso
bc1207cbb099fa07a089aa9e1afaf82d  manjaro-xfce-19.0.2-200303-linux54.iso


real    0m5.438s
user    0m4.344s
sys     0m1.047s
[#29#wangx@windows:系统盘] $

md5sum is shorter, so if you have more than 2**64 = 18446744073709551616 files, there is a big chance that a conflict will occur.

ramwin
  • 131