Hash of empty file

Checking the hash checksum of downloaded files can help indicate if a file has been tampered with. Hash collisions are possible by intentionally manipulating a harmful file to have the same hash as the expected file. The simpler the hash function, the more likely hash collisions are. Hash collisions have been demonstrated for MD5 and SHA-1.

SHA-256 is a popular SHA-2 hash function for which it takes longer to generate collisons.

Example empty file hash

We use CMake command tool as a platform-independent command line tool to generate and compute hashes. The results are the same regardless of the tool used.

In general, the hash length is fixed for a given hash function. The input file size does not affect the hash length.

First create an empty file:

cmake -E touch empty-file

SHA-512 hash of an empty file:

cmake -E sha512sum empty-file
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e  empty-file

SHA-256 hash of an empty file:

cmake -E sha256sum empty-file
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855  empty-file

SHA-1 hash of an empty file:

cmake -E sha1sum empty-file
da39a3ee5e6b4b0d3255bfef95601890afd80709  empty-file

MD5 hash of an empty file:

cmake -E md5sum empty-file
d41d8cd98f00b204e9800998ecf8427e  empty-file