Cryptography - Message Digest (checksum|hash) (sha1|md5)

> Software Security > Cryptography - Key

1 - About

A message digest is a hash function (also known as a checksum) where the input is a message (ie a piece of data: file, payload).

It is used to verify that the data has not been altered in transit. The output of the hash function changes when the input has changed.

They can maps big files to short sequences of characters.

It transforms a binary message (e.g. a software patch or any other file is stored as binary) of any length to a shorter, fixed-length value.


3 - Procedure

A message digest is used to verify data integrity by running a hash operation on the binary message after it is received. The computed message digest is compared to the value that has already been posted. If the two values match, this indicates that the data has not been altered.

4 - How to check it

The MD5 and SHA-1 message digest functions are two of the more well-known and commonly used algorithms.

5 - Usage

For instance, on the fetch HTML element, you can find the digest in the integrity attribute

6 - Documentation / Reference