Site Tools

Trace: checksums
checksums

Table of Contents

File Checksums

A checksum (or hash) is a datum computed from digital data to verify the integrity of that data. Typically you use a program to calculate the checksum of a file. Then after this file has been transmitted to another location, the same checksum algorithm is used to compute the checksum there. If the two checksums are the same, it is unlikely that the data has been changed during transmission or in other ways.

PATS submission archive (official record)

When you complete a report submission (initial plan, interim, or final) or certain ethics documentation uploads, PATS e-mails you a single line that records the official merged ZIP archive. That line includes:

  • Size — byte length of the ZIP on the server.
  • BLAKE3 — a 64-digit hex digest (256-bit BLAKE3 hash) from the BLAKE3 family. Verify it on your own computer with the b3sum tool (same algorithm as the reference b3sum utility). Example: b3sum –no-names yourfile.zip should print the same hex value as in the e-mail (ignore any filename the tool may print unless you use –no-names).
  • SIG — a PATS signature binding that line to your deployment; you cannot forge it without the server secret, but you can use Size and BLAKE3 to prove the ZIP bytes match what was recorded.

During migration, some older archives may still show MD5 and SHA1 in that line instead of BLAKE3. Those older lines remain verifiable against the ZIP (and SIG) for accidental corruption, but MD5 and SHA1 are deprecated for cryptographic strength; new submissions use BLAKE3. If your e-mail shows BLAKE3, use b3sum; if it shows MD5/SHA1, use md5sum / sha1sum (or equivalent) on the downloaded ZIP and compare to the line.

Note that PATS modifies some files after upload (files in the document section are specially processed, and some archive files are converted to ZIP for compatibility). The checksum line always refers to the final official submission ZIP as stored for that item, not necessarily to a copy you built locally before upload.

Your own independent checksum (e.g. deadline proof)

For workflows where you must send a separate checksum to a supervisor or coordinator before the deadline (as in the Submission Guide), you should use SHA2 checksums, specifically sha512 (to keep things simple). Alternatively you can use SHA3 or an OpenPGP file signature with your key published to the OpenPGP key servers. For other algorithms, check with the project coordinator first.

Creating BLAKE3 checksums (PATS archive line)

  • Linux / macOS: install b3sum (package name may be b3sum or build from source). Compare the hex output to the BLAKE3: field in PATS's line.
  • Windows: use a BLAKE3-capable tool or WSL with b3sum.

Creating SHA2 checksums (optional / coordinator workflow)

  • Linux shell commands: shasum, openssl, sha512sum
  • Mac OS terminal commands: shasum, openssl
  • Windows command prompt: certUtil

Creating SHA1 checksums (legacy PATS lines only)

  • Linux shell commands: sha1sum, openssl
  • Mac OS terminal commands: openssl
  • Windows command prompt: certUtil

Do not use SHA1 for new independent cryptographic proofs — use SHA-512 or BLAKE3. PATS may still display SHA1 only on old stored records during migration.

Creating MD5 checksums (legacy PATS lines only)

  • Linux shell commands: md5sum
  • Mac OS terminal commands: md5
  • Windows command prompt: certUtil

Do not use MD5 for new independent cryptographic proofs. PATS may still display MD5 only on old stored records during migration.

checksums.txt · Last modified: 2026/04/08 02:54 by scmfcl

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Noncommercial-Share Alike 4.0 International