The Portable Freeware Collection Forums

http://www.nirsoft.net/utils/hash_my_files.html

Since the "Checksum Calculators" area lacks a program that can handle unicode, this should be a good addition. It calculates MD5, SHA1, and CRC32.

V1.52 is available

V1.55 is available

Added To TPFC: http://www.portablefreeware.com/index.php?id=1535

A lot has changed about this program since the last time I tested it including more SHA hashes and VirusTotal submission, bringing it line with other similar programs here on the site. I like it. Program entry and screenshot have been updated.

It's my preciousss!

Wouldn't it be time to implement Blake2b? It's faster e more secure:
https://blake2.net/

siegfried wrote: ↑time to implement Blake2b? It's faster e more secure: https://blake2.net/

While I agree on principle, let it be noted that the same applies to most hashers posted at TPFC.

Midas wrote: ↑Wed May 15, 2019 3:34 am let it be noted that the same applies to most hashers posted at TPFC.

Yes, you're right.

siegfried wrote: ↑Wed May 15, 2019 12:59 am Wouldn't it be time to implement Blake2b? It's faster e more secure:
https://blake2.net/

I'm impressed that it's faster than MD5, but I wonder how it performs with something other than modern processors. As BLAKE was written specifically for those toolsets, older machines (especially 32-bit), cell phones, and anything with an ARM processor will likely not have that kind of speed.

Regardless, if I was going to run de-duplication on a large file collection, it seems like Blake would be the way to go. Also, if services like Virustotal start using it for file reputation, I think it would take off rapidly. However, for my own local file verification, I'll probably stick with CRC32 checks.

---

Related:
* Hashing use cases
* SHA1 Cracked?

webfork wrote: ↑Wed May 22, 2019 4:36 pm SHA1 Cracked?

SHA-1 has been subject to more attacks since then: https://en.wikipedia.org/wiki/SHA-1#The_SHAppening

Wikipedia wrote: The authors estimated that the cost of renting enough of EC2 CPU/GPU time to generate a full collision for SHA-1 at the time of publication was between US$75K–120K, and noted that was well within the budget of criminal organizations, not to mention national intelligence agencies. As such, the authors recommended that SHA-1 be deprecated as quickly as possible.

Of cource, no one is going to spend a hundred grand to compromise a random freeware program, so how much these attacks matter depend on what exactly SHA-1 is used for.