Re: MD5 sums. An MD5 sum is just a "hash" or digest of a larger collection of data. They are used to detect whether data was modified. When you download a file from the internet, you can compute the MD5 sum locally, and if it matches the published sum, you can be reasonably sure that your copy of the data was transferred error free.
The simplest smallest possible hash algorithm would be to count all the 1 bits in a file, and set the hash to 0 if the sum was even, or set the hash to 1 if the sum was odd. This is called a "parity" bit. This works okay if you only have a few bits of information, but it doesn't work well at all if you more than a byte or so. If you errantly flip an even number of bits anywhere in the data, the parity bit computes the same. If you have a 1MB file, it's pretty much useless as a method to detect data corruption.
The MD5 algorithm is many orders of magnitude more complex than a parity bit, and is good at detecting pretty much any reasonable type of data corruption that might occur even for very large files. It works great when you transfer a file over a network and want to be sure that there wasn't corruption due to a buggy piece of equipment somewhere along the way.
The MD5 algorithm isn't cryptographically secure, though. This means that an intelligent bad actor can intentionally corrupt the data in a way that happens to compute the same MD5 sum as the original data. Remember that with the parity bit, all you need to do is flip an even number of bits anywhere to get the same even or odd sum. Because MD5 is more complicated, the bad actor needs to be smarter or have smart software, and perhaps they might need a very powerful computer to do it, but it's something that can be done with affordable time and money. An especially skilled bad actor might even be able to craft the "corrupted" data to appear correct but contain a malicious payload.
Therefore, MD5 sums have limited value as hard proof of anything important. For that, you really need something like private/public key based cryptography. It's just a good practical way to make sure you got an error free copy of your favorite stupid cat video from an https secured website you trust.
Re: MD5 sums. An MD5 sum is just a "hash" or digest of a larger collection of data. They are used to detect whether data was modified. When you download a file from the internet, you can compute the MD5 sum locally, and if it matches the published sum, you can be reasonably sure that your copy of the data was transferred error free.
The simplest smallest possible hash algorithm would be to count all the 1 bits in a file, and set the hash to 0 if the sum was even, or set the hash to 1 if the sum was odd. This is called a "parity" bit. This works okay if you only have a few bits of information, but it doesn't work well at all if you more than a byte or so. If you errantly flip an even number of bits anywhere in the data, the parity bit computes the same. If you have a 1MB file, it's pretty much useless as a method to detect data corruption.
The MD5 algorithm is many orders of magnitude more complex than a parity bit, and is good at detecting pretty much any reasonable type of data corruption that might occur even for very large files. It works great when you transfer a file over a network and want to be sure that there wasn't corruption due to a buggy piece of equipment somewhere along the way.
The MD5 algorithm isn't cryptographically secure, though. This means that an intelligent bad actor can intentionally corrupt the data in a way that happens to compute the same MD5 sum as the original data. Remember that with the parity bit, all you need to do is flip an even number of bits anywhere to get the same even or odd sum. Because MD5 is more complicated, the bad actor needs to be smarter or have smart software, and perhaps they might need a very powerful computer to do it, but it's something that can be done with affordable time and money. An especially skilled bad actor might even be able to craft the "corrupted" data to appear correct but contain a malicious payload.
Therefore, MD5 sums have limited value as hard proof of anything important. For that, you really need something like private/public key based cryptography. It's just a good practical way to make sure you got an error free copy of your favorite stupid cat video from an https secured website you trust.