Verifying integrity of a download | iso535

 

Verifying Integrity of a Download

In this assignment you will verify that a file you download has not been changed during download.

Go to the site https://www.openoffice.org/download/index.html.

Note that there two download options: “Download full installation” and “Download language pack.”

Because you will work only with the hash values in this exercise, please download the smaller file for the sake of time (i.e., download the “language pack” file).

Use an online hash calculator to calculate the MD5 and SHA256 hashes for the downloaded file. You can use https://md5file.com/calculator.

Copy these values into a Word file. Take a screenshot.

Go back to the site https://www.openoffice.org/download/index.html.

Note that there are links for MD5 and SHA256 hashes of the files on the site.  Click on MD5 for Language Pack. Save it on your computer and open it with Notepad. Take a screenshot of the hash file showing the MD5 hash value.

Do the same for the SHA256 hash value.

Compare these hash values with the ones that you calculated when you downloaded the file. Are they the same?

                                                                                          What to Submit

Copy and paste the three screenshots of the hash values in a Word file. Label them “MD5 calculated,” “MD5 from the site,” etc.

In the Word file, include your answers to the following questions:

  1. What is your conclusion if the provided MD5 hash value is the same as the one you calculated?
  2. What is your conclusion if the provided MD5 hash value is different from the one you calculated?
  3. If the provided hash value is the same as the one you calculated, does that mean that this is absolutely the right file that delivers what it promises, or could it be malicious? Explain.
  4. How could a second hash value (such as SHA256, in this case) help to verify the integrity of the download? Explain.

Also, answer the following questions, reflecting on your experience with this assignment:

  1. What was the most challenging part of this activity?
  2. What was the most enjoyable part of this activity?
  3. Do you think you have a good understanding of how hash functions are used for checking the integrity of a download as a result of this activity? Why or why not?

Grading Rubric:

Max. Points

Screenshots of four hash values

20

Answers to questions about hash functions

60

Style

10

Answers to reflection questions

10

Total

100