LITIGATION SUPPORT TIP OF THE NIGHT

A MD5 hash value is described as a 128 bit value and a SHA-1 hash value is a 160 bit Value. Why are these values assigned to them? Each is is composed of hexadecimals. Every hexadecimal is composed of 4 bits or half a byte. A MD5 hash value will have 32 alphanumeric characters or hexadecimals. 32 times 4 equals 128. A SHA-1 hash value Is composed of 40 hexadecimals. 40 times 4 is 160. A hexadecimal can be any number from 0 to 9 or any letter from A to F. it’s well known that bytes are comprised of 0’s and 1’s. The range runs from 0000 0000 to 1111. Hexadecimal represents these values from 00 to FF. So so the hash value: d8a7106ad8c28875e2f447be2092b004 Can also be be represented as: 11011000101001110001000001101010110110001100001010001000011101011110001011110100010001111011111000100000100100101011000000000100

The MD5 and SHA1 hash algorithms use the Merkle–Damgård construction to deal with long inputs. The term 'message' is used to refer to any electronic file input for which a hash function generates an alphanumeric code of a fixed number of characters. The Merkle–Damgård construction breaks a message into smaller blocks of the same size and generates a hash function for each. The first small or compression hash function is added to a fixed value, and then each successive compression hash function is added to the next. A padding value is added to the last block so all of the blocks are the same size. The padding value is a series of 0's and 1's. The hash function takes an input of any size and generates an output hash value of a fixed length. The unique digital fingerprint or the hash value is known as the message digest.

The basis of the construction is that if each compression hash function is collision resistant (it will not give the same value for two different inputs), then the hash function will be collision resistant. It is the Merkle-Damgård construction that allows hash functions to deal with message inputs of variable lengths.

See the below diagram of the Merkle-Damgard construction.

Mridul Nandi, Characterizing Padding Rules of MD Hash Functions Preserving Collision Security, National Institute of Standards and Technology, in Colin Boyd, Juan González Nieto J. (eds.) Information Security and Privacy (2009), available at: https://eprint.iacr.org/2009/325.pdf

As a security measure, after downloading a file, it's a good idea to check its MD5 hash value against one posted on a developer or a data provider's site in order to confirm that the correct file has been saved on your PC.

Nero makes available a free MD5 verifier which can be downloaded for free here.

Simply paste the known MD5 value in the first box and then select the downloaded file in 'Step 2'.

If the files are identical the 'Step 1' value will be shown in green, and this message will appear:

If they are not the same, the 'Step 1' value will be shown in red, and a message like this will appear.