Metadata
Title
Project Checksum
Category
general
UUID
1b0eb713aa194cd694dab364fc36ec2b
Source URL
https://wp.unil.ch/persuasivelab/2020/07/project-checksum/
Parent URL
https://wp.unil.ch/persuasivelab/research-projects/
Crawl Time
2026-03-23T21:50:22+00:00
Rendered Raw Markdown 
# Project Checksum

**Source**: https://wp.unil.ch/persuasivelab/2020/07/project-checksum/
**Parent**: https://wp.unil.ch/persuasivelab/research-projects/

In often cases software companies or independent developers distribute the binary files of their software using sources different than the original website. This creates a risk of making the original binaries corrupted, making the computer used to download them corrupt.

For instance, versions of popular programs (e.g., BitTorrent clients) corrupted and disseminated by hackers include malware that turns the victims’ computer into so-called bots, injects spyware and ads or even mine Bitcoins, thus generating profit for the hackers.

Trying to reduce this risk, developers use a cryptographic check-sum or hash, corresponding to the binary file of their program. The functions used to generate such check-sums are built in a way that it is not tractable to generate another file with the exact same check-sum. Therefore, if the binary file of a program is corrupted, the corresponding hash will be different from that of the original file, thus allowing the users who download it to detect the corruption and cancel its installation.

**Project Leader:** Kévin Huguenin.

**UNIL collaborators:** Bertil Chapuis.

**External collaborators:** Alexandre Meylan (Kudelski Security), Mathias Humbert (Armasuisse), Igor Bilogrevic (Google).

**Publications**

- A. Meylan, M. Cherubini, B. Chapuis, M. Humbert, I. Bilogrevic, and K. Huguenin. 2020. A Study on the Use of Checksums for Integrity Verification of Web Downloads. *ACM Transasctions on Privacy and Security* (TOPS), 24, 1, Article 4 (September 2020), 36 pages. DOI: [10.1145/3410154](https://doi.org/10.1145/3410154)
- B. Chapuis, O. Omolola, M. Cherubini, M. Humbert, K. Huguenin. An Empirical Study of the Use of Integrity Verification Mechanisms for Web Subresources. In Proc. of the The Web Conference (WWW’20), Taipei, Taiwan, Apr 2020. DOI:[10.1145/3366423.3380092](https://dx.doi.org/10.1145/3366423.3380092)
- M. Cherubini, A. Meylan, B. Chapuis, M. Humbert, I. Bilogrevic, K. Huguenin (2018). Towards Usable Checksums: Automating the Integrity Verification of Web Downloads for the Masses. In Proc. of the 25th ACM Conference on Computer and Communications Security (CCS’18), Toronto, ON, Canada, Oct 2018. DOI: [10.1145/3243734.3243746](https://dx.doi.org/10.1145/3243734.3243746)

#### Related Posts

### [The extent to which cyberbullying incidents are fueled by the disclosure of personal information: Prevention and Awareness](https://wp.unil.ch/persuasivelab/2023/09/the-extent-to-which-cyberbullying-incidents-are-fueled-by-the-disclosure-of-personal-information-prevention-and-awareness/ "The extent to which cyberbullying incidents are fueled by the disclosure of personal information: Prevention and Awareness")

26 September 202317 March 2026

### [Luca Reut](https://wp.unil.ch/persuasivelab/2020/07/luca-reut/ "Luca Reut")

22 July 202010 December 2024

### [Multiparty Privacy Conflicts (MPCs)](https://wp.unil.ch/persuasivelab/2020/07/multiparty-privacy-conflicts-mpc/ "Multiparty Privacy Conflicts (MPCs)")

20 July 202017 March 2026

#### About Mauro Cherubini

[View all posts by Mauro Cherubini →](https://wp.unil.ch/persuasivelab/author/mcherub1/ "Mauro Cherubini")