Authenticity Verification
It is often desirable to verify that a file hasn't been modified in transmission or storage by untrusted parties, for example, to include malicious code such as viruses or backdoors. To verify the authenticity, a classical hash function is not enough as they are not designed to be collision resistant; it is computationally trivial for an attacker to cause deliberate hash collisions, meaning that a malicious change in the file is not detected with by a hash comparison. In cryptography, this attack is called the collision attack.
For this purpose, cryptographic hash functions are employed often. As long as the hash sums cannot be tampered with — for example, if they are communicated over a secure channel — the files can be presumed to be intact. Alternatively, digital signatures can be employed to assure tamper-resistance.
Read more about this topic: File Verification
Famous quotes containing the word verification:
“A fact is a proposition of which the verification by an appeal to the primary sources of our knowledge or to experience is direct and simple. A theory, on the other hand, if true, has all the characteristics of a fact except that its verification is possible only by indirect, remote, and difficult means.”
—Chauncey Wright (1830–1875)