Beginner

How to Verify File Integrity with SHA-256

Cryptographic verification ensures downloaded files haven't been tampered with or corrupted during transfer.

Why File Verification Matters

When you download software, you're trusting that the file you receive is identical to what the publisher released. Without verification, you're vulnerable to:

  • -Man-in-the-middle attacks: Attackers intercept downloads and inject malware
  • -Compromised mirrors: Download servers may be hacked without the publisher's knowledge
  • -Transmission errors: Network issues can corrupt files during transfer
  • -Storage degradation: Bit rot on storage media can silently corrupt files
Real-World Example

In 2016, Linux Mint's website was compromised. Attackers replaced the ISO download with a backdoored version. Users who verified the SHA-256 checksum detected the tampering immediately. Those who didn't installed malware.

Understanding SHA-256 Checksums

SHA-256 (Secure Hash Algorithm 256-bit) produces a unique 64-character hexadecimal fingerprint for any file. Key properties:

  • -Deterministic: Same file always produces the same hash
  • -Avalanche effect: Changing one bit flips ~50% of hash bits
  • -Collision resistant: Computationally infeasible to find two files with the same hash
  • -One-way: Cannot reverse the hash to recover the original file

Step-by-Step Verification

Step 1: Obtain the Official Checksum

Publishers provide checksums in several ways:

  • -Directly on the download page
  • -In a separate SHA256SUMS or checksums.txt file
  • -Signed with PGP/GPG for additional authenticity
Example from Ubuntu downloads:
a4acfda10b18da50e2ec50ccaf860d7f20b389df8765611142305c0e911d16fd ubuntu-22.04.3-desktop-amd64.iso
Security Note

Always get the checksum from the official source (the publisher's website), not from the same mirror where you downloaded the file. If a mirror is compromised, attackers could modify both the file and the checksum on that server.

Step 2: Calculate the File's Hash

Use our Hash Calculator or command-line tools:

macOS / Linux:
shasum -a 256 ubuntu-22.04.3-desktop-amd64.iso
or
sha256sum ubuntu-22.04.3-desktop-amd64.iso
Windows (PowerShell):
Get-FileHash ubuntu-22.04.3-desktop-amd64.iso -Algorithm SHA256
Windows (Command Prompt):
certutil -hashfile ubuntu-22.04.3-desktop-amd64.iso SHA256

Step 3: Compare the Hashes

The calculated hash must match the official checksum exactly. Even one character difference means the file has been modified.

✓ Hashes Match

File is authentic and intact.

Safe to proceed with installation or use.

✗ Hashes Don't Match

File has been modified or corrupted.

Delete the file and download again from the official source.

Automated Verification

For multiple files, use checksum files with automated verification:

Verify all files in SHA256SUMS:
sha256sum -c SHA256SUMS
Output shows OK for matching files, FAILED for mismatches

Common Use Cases

Operating System ISOs

Linux distributions, Windows ISOs, and macOS installers. Critical for bootable media where corruption could prevent installation.

Software Updates

Verify patches and updates before applying them to production systems. Especially important for security updates.

Research Data

Ensure datasets haven't been corrupted during transfer or storage. Essential for reproducible research.

Backup Verification

Confirm backup integrity before deleting originals. Generate checksums before backup, verify after restore.

Advanced: PGP Signature Verification

For maximum security, verify both the checksum file's PGP signature and the file's hash:

Complete verification workflow:
1. gpg --verify SHA256SUMS.gpg SHA256SUMS
Verify the checksum file is signed by the publisher
2. sha256sum -c SHA256SUMS
Verify your downloaded file matches the signed checksums

This two-step process ensures both the authenticity (via PGP) and integrity (via SHA-256) of your download.

Why Not MD5 or SHA-1?

You may encounter MD5 or SHA-1 checksums. Here's why they're insufficient for security:

MD5 (1991)

Cryptographically broken since 2004. Attackers can create malicious files with the same MD5 hash as legitimate files. Only acceptable for non-security checksums (detecting accidental corruption).

SHA-1 (1995)

Broken in 2017 by Google's SHAttered attack. Collision attacks are now practical. Deprecated for security use but still seen in legacy systems.

SHA-256 (2001)

Current standard. No known practical attacks. Part of the SHA-2 family, widely used in TLS, Bitcoin, and modern security systems.

Official Resources

Standards & Specifications

Implementation Documentation

Related Guides

All Guides Hash Calculator Algorithm Comparison