Checksums and signatures
Checksums
Checksums indicate the integrity of data thus allowing (accidental) modification detection. By verifying checksums, manipulations and data corruption can be detected.
Checksums are calculated over valid, verified and non-corrupted data. When calculating the checksum again with the same algorithm (e.g., after a data transmission) the same checksum must result if the data is unaltered.
While checksums like CRC-32 are designed to detect simple communication errors, cryptographic checksums are designed to detect changes in large data sets. Such cryptographic checksums are called "hashes". Examples are SHAs (Secure Hash Algorithms).
A different checksum indicates that the data has been changed, for example due to manipulations, transmission errors, or memory errors (hardware failures).
Such a checksum comparison can be performed, among others, to verify the integrity of ...
- data loaded from the Internet (e.g., manufacturer's download portal) or via ftp. This also includes libraries, software/firmware patches, and setup files for Windows® application.
- data received as attachment via email (e.g. a library sent by colleagues).
- the integrity of software installations.
Signatures
A signature signs a hash which allows to verify the authenticity of the origin of data.
After calculating the checksum over a set of data, the hash can than be signed using a private key. The correctness and authenticity can then be verified at any time using the respective public key/certificate.
Example: When releasing a library in PLCnext Engineer, the engineering tool calculates checksums over the contained components which are then used as signature. If the library is later included in a project, the signature is verified each time the project is loaded. This way, any modifications (e.g., new version) or data corruptions are recognized.
Use case: integrity check of downloaded setup/firmware file
To comply with the IEC 62443 standard, the tamper protection of downloaded setup/firmware files is mandatory.
After downloading a setup file for any Windows® application or a firmware file for a controller from the Internet and prior to its installation, you must verify that the downloaded setup/firmware file has not been corrupted/tampered. To do this, you need to find out and write down the checksum of the download file from the provider before downloading it. After downloading the setup file, use a suitable tool to calculate a SHA256 checksum over the downloaded file. Only if the checksum you determine is identical to the providers's specification should you install the software.
Use case: integrity check of software installations
When installing software tools that have been developed according to the IEC 62443 standard, checksums are calculated over the installation.
By verifying these checksums, manipulations of the installation and data corruption can be detected.
To comply with the IEC 62443 standard, you must continuously check the integrity of relevant software installations. For that purpose, use primarily a standard Windows® tool. Alternatively, you can use the ChecksumCalculator tool provided by Phoenix Contact or any other suitable tool.