Hashing and digital signatures

Hashing protects integrity

We hashed passwords for secrecy. Hashing also protects integrity — proving data was not changed.
Change even one character of the input, and the hash changes completely.

import hashlib
print(hashlib.sha256(b"hello").hexdigest()[:16])
print(hashlib.sha256(b"hellp").hexdigest()[:16])   # totally different

Checking a download

Websites publish the hash of a file. After downloading, you hash your copy and compare.
If the two hashes match, the file arrived intact. If not, it was corrupted or tampered with.

Digital signatures

A digital signature proves who sent something and that it was not changed.
The sender hashes the message and encrypts that hash with their private key.
Anyone can check it with the sender's public key — only the real sender could have made it.

Your turn

Compare the hashes of an original and a received message. True means the message is intact.

Covers: A-Level 17.1 (digital certification), 6.2 (integrity).

Check whether a received message is unchanged. Hash both original and received with SHA-256 and print whether the two digests are equal (True or False).

import hashlib
original = "transfer 10 to alice"
received = "transfer 10 to alice"
# print True if their SHA-256 digests are equal, else False

Click Run to see the output here.

Hashing and digital signatures

Hashing protects integrity

Checking a download

Digital signatures

Your turn

Sign in

Log in or create account