Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

What's an MD5 Signature?

I keep seeing references to “MD5” signatures, and even had a
security program I run tell me that an MD5 signature wasn’t correct. So, what’s
an MD5 signature?

Well, it’s Message Digest algorithm number 5.

That doesn’t help, does it?

MD5 is one technique that’s frequently used to make sure that a file hasn’t
been altered.

Become a Patron of Ask Leo! and go ad-free!

An MD5 signature, also called an MD5 path or hash, and more officially a
message digest, is simply a number. It’s a big number (128bits, or 16 bytes, or
a number somewhere between 0 and just over 10 to the 38th), that’s calculated
from the contents of a file. The entire file is read, the bytes combined
numerically via a special algorithm and the result is the MD5 hash.

The algorithm for the calculation of that number is designed to be
relatively quick to compute, and, perhaps more importantly, very unique.

What do I mean by unique? It’s considered almost impossible for two
different files to result in the same number being calculated as the MD5 hash.
This is important because if a file changes for any reason, the MD5 hash that
would be calculated from it would also be different.

Thus, publishing both a file and its original MD5 hash allows you
to download a file, calculate the MD5 hash on the file you just downloaded, and
confirm, or deny, that the file is correct.

Subscribe to Confident Computing! Tech problem solving & safety tips & a weekly confidence boost in your inbox every week.

I'll see you there!

10 Reasons Your Computer is Slow

Slow Computer?

Speed up with my special report: 10 Reasons Your Computer is Slow, now updated for Windows 10.

NOW: name your own price! You decide how much to pay -- and yes, that means you can get this report completely free if you so choose. Get your copy now!

1 thought on “What's an MD5 Signature?”

  1. Thank you for detailed explanation.
    I recommend to add some references to software
    caclulating MD5 Signature.


Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.