When it comes to working in the digital world, the question of files’ authenticity is of great importance. A checksum is data computed from data contained in the given file which can be used to check if the given file was modified or not. This article will help you how to find the checksum of a file and whether it is correct or not using Get-FileHash in Powershell in Windows.

What is Hash?

Hash is an alphanumeric string created by processing bytes of the file by some algorithm. This hash value is of significantly lower magnitude than the size of the actual file and is listed right alongside the file that you are downloading; allowing you to take your downloaded file, run your hash value against it, and check if the two hashes match.

The use of these hashmap values is different algorithms and utilities that are used that come with the programming languages. Every algorithm will provide another hash; however, the utility used for creating the hash will provide the same hash value when you select another algorithm.

What is a Checksum?

A checksum is a value created from the data within a file. This has the role of pointing at the file like a fingerprint. When a file is downloaded one can hash it and compare it to the checksum of the file given by the source to check if the file was modified.

Why Verify Checksums?

• Integrity Verification: Checks that the file has not been changed by anyone, especially before using or updating.
• Security: Prevents malicious modifications.
• Error Detection: Detects corrupted files if it is used during the downloading or transferring of files.

Using Get-FileHash in PowerShell

PowerShell is a scripting language and command-line interface to the operating system for administration. Get-FileHash is a cmdlet that calculates the hash value for a file using a named hash algorithm.

Step 1: Open PowerShell

Press Windows + X and select Windows PowerShell (or Windows PowerShell (Admin) if you need administrative privileges).

Step 2: Navigate to the File Directory

Use the cd (Change Directory) command to navigate to the directory where your file is located. For example, if your file is in C:\Users\YourName\Downloads, you would enter:

cd C:\Users\YourName\Downloads

Step 3: Calculate the File’s Checksum

To calculate the checksum of the file the Get-FileHash cmdlet needs to be run and the file path needs to be supplied. Indeed, by default, the hash of the image is calculated using the SHA-256 algorithm, but you can set what kind of hash to generate, for instance, MD5 or SHA-1.

For SHA-256:

Get-FileHash yourfile.ext

For MD5:

Get-FileHash yourfile.ext -Algorithm MD5

For SHA-1:

Get-FileHash yourfile.ext -Algorithm SHA1

Replace yourfile.ext with the actual name and extension of your file.

Example:

If you have a file named example.txt in the current directory:

Get-FileHash example.txt

The output will look something like this:

Algorithm       Hash                                                                   Path
---------       ----                                                                   ----
SHA256          D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2      C:\Users\YourName\Downloads\example.txt

Hash Code Output

Step 4: Compare the Checksum

Compare the computed checksum with one that is given by the source. If they match, congratulations, your file is still safe. Otherwise, the file could be accidentally corrupted or modified in some way and the original lost.

(Get-FileHash C:\Users\YourName\Downloads\example.txt -A SHA256).hash -eq "YourHashCode"

Comparing

The Output results as True, Its matched.

Detailed Explanation

1. Opening PowerShell:

• PowerShell is a specific shell in the network that is higher in terms of scripting capability than the Command Prompt.
• The users may employ the Windows + X command to open the PowerShell among the choices in the menu.

2. Navigating to the File Directory:

• The processor abbreviation for it is a shorthand of cd: ‘change directory,’ and it is used to get to different directories when working on the Windows command line.
• Make sure you are in the right directory where the target file is found to ease the command.

3. Calculating the File’s Checksum:

• Get-FileHash happens to be a PowerShell cmdlet which computes the hash value of a given file.
• Primarily, it has the SHA-256 algorithm integrated into it but you can use others by simply entering -Algorithm.

4. Comparing the Checksum:

• This should be cross-checked with the value for checksum expected from the source of the file.
• Values in parallel with those of the originals assure the file’s accurate condition, and different data point to the problem.

Common Hash Algorithms

• MD5 (Message Digest Algorithm 5): Generates a 128-bit hash value. Faster, but does not protect against collisions as effectively.
• SHA-1 (Secure Hash Algorithm 1): Creates a 160-bit result key or hash value. Safer than MD5 but currently not resistant to some kinds of attacks.
• SHA-256 (Secure Hash Algorithm 256): SHA-2 family member that creates the 256-bit hash value. It is highly secure and very commonly used in today’s world.

Here are a few items to be aware of:

• The more the file size is the more time is likely to consuming when calculating the hash. For example, I have observed that as large as 500GB images can sometimes may take couple of hours.
• The hash is given with respect to the content of the file and is not dependent on the date/time stamps, etc.
• For example, if you create a file called “HelloWorld. txt” and put “Hello World” in it, the hash is:For example, if you create a file called “HelloWorld. txt” and put “Hello World” in it, the hash is:
• A591A6D40BF420404A011733CFB7B190D62C65BF0BCDA32B57B277D9AD9F146E
• If you change the name of the file to a “GoodbyeWorld. txt”, the hash does not change.
• If you change the text inside the file to “Goodbye World” and save it, the hash is now:If you change the text inside the file to “Goodbye World” and save it, the hash is now:
• C96724127AF2D6F56BBC3898632B101167242F02519A99E5AB3F1CAB9FF995E7
• However, if I replace the content back to ‘Hello World’ the hash is equal to the previous hash value.

As mentioned above you can write some text in a file and use such a file as the location of a variable in Go, and in the same time get the same hash value. Hashes are calculated on the content to check their authenticity. You can try for instance, modifying the text from “Hello World” to “Hello world”(lowercase w on “world) Here, you will note that the hash that is generated is different.

LARGE FILES

In addition to simple checks when comparing the content, adjusted for the fact that downloaded files can be larger, a hash is useful when there are large copies.

For instance, just the other day I was working on a file transfer of a relatively big size where there was a rude interruption from the network. The transfer auto-resumed, but due to this network interruption I could not be certain there was no data corruption. I reverted the hash on both the source and the destination to check if there were any problems with the file; as a result, I saved an hour of downloading a file that did not need to be downloaded again.

VALIDATE AGAINST TAMPERING

Another use of this could be to perhaps guarantee that files were not altered. Of course, you can have good security measures in place, but there is always a way that someone can reach files that they should not.

If you want to be sure files were not touched at all, you can record the result of computation against all the files into a text file and put that into another location/into immutable media. And then any time you need to do validation, you can run another compute against those files and invariably, all is well. This will nicely suit the paranoid person within your organization to the extreme.

Conclusion

Checksum is an effective and very basic way of confirming that the content you are receiving or the physical storage media is indeed secure and has not been tampered with. By conducting this in PowerShell, the task is easy and quick because the Get-FileHash cmdlet can accomplish this. Thus, using the tips described in this article, you can effectively check the reliability of the files in Windows.

NOTE: Ensure that you always compare the checksum provided by the file source to detect any potential tampering or corruption. This practice is crucial for maintaining the security and reliability of your digital files.

How to Verify Checksum of a file in Windows – FAQs

Why is verifying a checksum important?

Verifying a checksum is crucial to ensure that a file hasn’t been corrupted or altered during download or transfer. This is particularly important for software, firmware, and other critical files.

How do I verify a checksum?

1. Calculate the checksum of the downloaded file using the same algorithm as the provided checksum.
2. Compare the calculated checksum with the provided checksum.
3. If the checksums match, the file is likely intact. If they don’t match, the file might be corrupted or tampered with.

What should I do if the checksums don’t match?

If the checksums don’t match, it’s recommended to redownload the file and verify the checksum again. If the issue persists, contact the source of the file for assistance.