Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

What’s an MD5 Signature?

Question: I keep seeing references to “MD5” signatures, and even had a security program I run tell me that an MD5 signature wasn’t correct. So, what’s an MD5 signature?

Well, it’s Message Digest algorithm number 5.

That doesn’t help, does it?

MD5 is one technique that’s frequently used to make sure that a file hasn’t been altered.

Become a Patron of Ask Leo! and go ad-free!

An MD5 signature, also called an MD5 path or hash, and more officially a message digest, is simply a number. It’s a big number (128bits, or 16 bytes, or a number somewhere between 0 and just over 10 to the 38th), that’s calculated from the contents of a file. The entire file is read, the bytes combined numerically via a special algorithm and the result is the MD5 hash.

The algorithm for the calculation of that number is designed to be relatively quick to compute, and, perhaps more importantly, very unique.

What do I mean by unique? It’s considered almost impossible for two different files to result in the same number being calculated as the MD5 hash. This is important because if a file changes for any reason, the MD5 hash that would be calculated from it would also be different.

Thus, publishing both a file and its original MD5 hash allows you to download a file, calculate the MD5 hash on the file you just downloaded, and confirm, or deny, that the file is correct.

Do this

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

I'll see you there!

1 thought on “What’s an MD5 Signature?”

  1. Thank you for detailed explanation.
    I recommend to add some references to software
    caclulating MD5 Signature.


Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.