File verification


File verification

File verification is the process of using an algorithm for verifying the integrity or authenticity of a computer file. This can be done by comparing two files bit-by-bit, but requires two copies of the same file, and may miss systematic corruptions which might occur to both files. A more popular approach is to also store checksums (hashes) of files for later comparison.

Integrity verification

File integrity can be compromised, usually referred to as the file becoming corrupted. A file can become corrupted by a variety of ways: faulty storage media, errors in transmission, write errors during copying or moving, software bugs, and so on.

Hash-based verification ensures that a file has not been corrupted by comparing the file's hash value to a previously calculated value. If these values match, the file is presumed to be unmodified. Due to the nature of hash functions, hash collisions may result in false positives, but the likelihood of collisions is often negligible with random corruption.

Authenticity verification

It is often desirable to verify that a file hasn't been modified in transmission or storage by untrusted parties, for example, to include malicious code such as viruses or backdoors. To verify the authenticity, a classical hash function is not enough since they are not designed to be collision resistant; it is computationally trivial for an attacker to cause deliberate hash collisions, meaning that a malicious change in the file is not detected with by a hash comparison. In cryptography, this attack is called the collision attack.

For this purpose, cryptographic hash functions are employed often. As long as the hash sums cannot be tampered with — for example, if they are communicated over a secure channel — the files can be presumed to be intact. Alternatively, digital signatures can be employed to assure tamper-resistance.

File formats

*Simple file verification
*md5sum
*sha1sum

See also

*Checksum
*Comparison of file verification software


Wikimedia Foundation. 2010.

Look at other dictionaries:

  • Simple file verification — (SFV) is a file format for storing CRC32 checksums of files in order to verify the integrity of files. SFV can be used to detect random corruptions in a file, but cannot be used for checking authenticity in any meaningful way. Typically, the .sfv …   Wikipedia

  • Simple File Verification — Die Simple File Verification (kurz SFV, engl., Einfache Dateiverifikation) ist ein Verfahren zur Überprüfung der Integrität von Dateien über CRC32 Prüfsummen. Die übliche Dateiendung für SFV Dateien ist .sfv. Inhaltsverzeichnis 1 Funktionsweise 2 …   Deutsch Wikipedia

  • Comparison of file verification software — The following tables compare file verification software that typically use checksums to confirm the integrity or authenticity of a file. Contents 1 General 2 Program hash function support 3 Program features 4 …   Wikipedia

  • Verification — The word Verify And Verification can refer to:* Verification and Validation: In engineering or a quality management system, verification is the act of reviewing, inspecting, testing, etc. to establish and document that a product, service, or… …   Wikipedia

  • Verification and Validation — Verification Validation is the process of checking that a product, service, or system meets specifications and that it fulfils its intended purpose. These are critical components of a quality management system such as ISO… …   Wikipedia

  • File Transfer Protocol — (FTP) is a network protocol used to transfer data from one computer to another through a network such as the Internet.FTP is a file transfer protocol for exchanging and manipulating files over a TCP computer network. A FTP client may connect to a …   Wikipedia

  • File transfer protocol — Pour les articles homonymes, voir FTP. Pile de protocoles 7 • Application 6 • …   Wikipédia en Français

  • Verification and validation — IV V redirects here. For NASA s IV V Facility, see Independent Verification and Validation Facility. Verification and validation is the process of checking that a product, service, or system meets specifications and that it fulfills its intended… …   Wikipedia

  • File Allocation Table — For other uses, see Fat (disambiguation). FAT Developer Microsoft Full Name File Allocation Table FAT12 (12‑bit version) FAT16/FAT16B (16‑bit versions) FAT32 (32‑bit version with 28 bits used) Introduced …   Wikipedia

  • verification — pareiškėjo ar paramos gavėjo duomenų ir dokumentų patikra statusas Aprobuotas sritis parama žemės ūkiui apibrėžtis Fizinis ir (arba) administracinis pareiškėjo ar paramos gavėjo pateiktų duomenų ir dokumentų tikrinimas. nuoroda… …   Lithuanian dictionary (lietuvių žodynas)