Content deleted Content added
m Add ref. |
add referencing to statements |
||
Line 31:
== Checksum ==
Files can become corrupted for a variety of reasons, including faulty [[Computer Storage|storage media]], errors in [[Transmission (telecommunications)|transmission]], write errors during [[copying]] or moving, and [[software bug]]s. SFV verification ensures that a file has not been corrupted by comparing the file's [[cyclic redundancy check|CRC]] [[Hash function|hash]] value to a previously calculated value.<ref name="stealthisbook"/> Due to the nature of hash functions, [[hash collision]]s may result in [[false positive]]s, but the likelihood of collisions is usually negligible with random corruption. (The number of possible checksums is limited though large, so that with any checksum scheme many files will have the same checksum. However, the probability of a corrupted file having the same checksum as its original is exceedingly small, unless deliberately constructed to maintain the checksum.)▼
▲Files can become corrupted for a variety of reasons including faulty [[Computer Storage|storage media]], errors in [[Transmission (telecommunications)|transmission]], write errors during [[copying]] or moving, and [[software bug]]s. SFV verification ensures that a file has not been corrupted by comparing the file's [[cyclic redundancy check|CRC]] [[Hash function|hash]] value to a previously calculated value. Due to the nature of hash functions, [[hash collision]]s may result in [[false positive]]s, but the likelihood of collisions is usually negligible with random corruption. (The number of possible checksums is limited though large, so that with any checksum scheme many files will have the same checksum. However, the probability of a corrupted file having the same checksum as its original is exceedingly small, unless deliberately constructed to maintain the checksum.)
SFV cannot be used to verify the authenticity of files, as CRC32 is not a [[collision resistance|collision resistant]] hash function; even if the hash sum file is not tampered with, it is computationally trivial for an attacker to cause deliberate hash collisions, meaning that a malicious change in the file is not detected by a hash comparison. In cryptography, this attack is called a [[collision attack]]. For this reason, the [[md5sum]] and [[sha1sum]] utilities are often preferred in [[Unix]] operating systems, which use the [[MD5]] and [[SHA-1]] [[cryptographic hash function]]s respectively.
Line 41 ⟶ 40:
Despite the weaknesses of the SFV format, it is popular due to the relatively small amount of time taken by SFV utilities to calculate the CRC32 checksums when compared to the time taken to calculate cryptographic hashes such as MD5 or SHA-1.
SFV uses a [[plain text]] file containing one line for each file and its checksum<ref name="stealthisbook"/> in the format ''FILENAME<whitespaces>CHECKSUM''. Any line starting with a semicolon ';' is considered to be a comment and is ignored for the purposes of file verification. The delimiter between the filename and checksum is always one or several spaces; tabs are never used. A sample SFV file is:
; This is a comment
| |||