Verify, if my Electrum setup File is original

[Mbidox]

Hello,

I have downloaded the file https://download.electrum.org/2.8.2/electrum-2.8.2-setup.exe

To be shure, that I have now the original file on my harddisc, I want to verify this file.

So I have downloaded and installed the following programme: https://www.gpg4win.org/index.html

I started cmd.exe and typed in:
sha256sum.exe "c:\...\electrum-2.8.2-setup.exe"

So what I got is: e65d13ee145956ae169ca912ac6eaca73b0a8ccb1a71b4fbfdfa314e9054987f

So if I am right, I have now to compare this number with a number on the homepage. Where can I find this number? I didn't find it.

[HCP]

Unfortunately no... they are not just providing SHA256 checksums of the downloads. The downloads have been signed using OpenPGP and you need to check the PGP Signature...

On the download page is the "signature" file... ends in .asc and matches the download... https://download.electrum.org/2.8.2/electrum-2.8.2-setup.exe.asc

Put the .asc file in the same place as the setup.exe

If you installed that gpg4win app, you will need to load up the "Kleopatra" app, create yourself an OpenPGP keypair, then "Lookup Certificates on Server" and find ThomasV's certificate (search thomasv@electrum.org) and import the certificate with the fingerprint matching the link on the download page (https://pgp.mit.edu/pks/lookup?op=vindex&search=0x2BD5824B7F9470E6)...

Then you go "File -> Decrypt/Verify Files..."

Select the .asc file and click Decrypt/Verify. After whirring away for a few seconds you should get a result saying that the file could not be completely verified... click show details and you should see something like:

"Signed on 2017-03-22 06:42 by thomasv@electrum.org (Key ID: 0x7F9470E6)."

That Key ID should match the end of the ThomasV fingerprint: 0x2BD5824B7F9470E6


And to answer your next question... no, I don't know why they used such a clunky overly complicated procedure to enable people to confirm file integrity... It would pretty much stop any "normal" user from even bothering to check. 

[Mbidox]

@HCP Thank you very much for your good description.

I will go through the process as soon I was able to bring Kleopatra to run.
(During the installation process of gpg4win there was an error. I ignored it. But when I try to start Kleopatra, Kleopatra will not start.)

[pooya87]

And to answer your next question... no, I don't know why they used such a clunky overly complicated procedure to enable people to confirm file integrity... It would pretty much stop any "normal" user from even bothering to check. 

it's a long thing about difference between integrity of a file and authenticity and hash collisions and a lot more headache that i once read.

with a simple checksum you can only verify the integrity of the file, meaning to make sure it was downloaded correctly and not a half damaged file. and this is only useful for many years ago when everything was old and downloading could cause file to get F'ed up. the modern browsers or download managers and server giving the file don't let that happen. also this way you can not verify the authenticity meaning if the file you downloaded was really created by Thomas or not. a hacker can easily change the file and the checksum available both on same place (also i think there is a hash collision risk)

with the modern way, meaning checking the PGP key, you are doing both the authenticity and integrity checks at the same time. so you make sure the file was downloaded OK and you are downloading what Thomas created. there is no way for a hacker to change both the file and the signature, the sig won't verify with the key you get from sig servers.

[sportis]

Few weeks ago I had faced the same problem with you but fortunately the forum have the answer. You can follow a step by step guide from HI-TEC99 here. You will find a post of mine that I confirm that this way worked flawlessly for me.

[MixMAx123]

I do not understand why the hash (SHA-256) is not placed in the signature.
SHA-256 is considered absolutely safe! Man can not change a file that has exactly the same SHA-256 hash as the original file !!! That is fact and was the technology!

The current method of verification is so complicated that almost nobody will use it! Even for me it is too complicated and I did not manage it.
What use is this type of verification if no human being can use it?
And what speaks against the hash in addition to the signature?

[MixMAx123]

with a simple checksum you can only verify the integrity of the file, meaning to make sure it was downloaded correctly and not a half damaged file. and this is only useful for many years ago when everything was old and downloading could cause file to get F'ed up. the modern browsers or download managers and server giving the file don't let that happen. also this way you can not verify the authenticity meaning if the file you downloaded was really created by Thomas or not. a hacker can easily change the file and the checksum available both on same place (also i think there is a hash collision risk)

Sorry but that can not be true!
If you only change one bit of a file, the hash will not work!
SHA-256 is considered safe! If they found a collision, SHA-256 would be broken! And the world would not be the same tomorrow!
If you believe in dehashing from (SHA-256), you should not use Bitcoin!

[Coin-Keeper]

with a simple checksum you can only verify the integrity of the file, meaning to make sure it was downloaded correctly and not a half damaged file. and this is only useful for many years ago when everything was old and downloading could cause file to get F'ed up. the modern browsers or download managers and server giving the file don't let that happen. also this way you can not verify the authenticity meaning if the file you downloaded was really created by Thomas or not. a hacker can easily change the file and the checksum available both on same place (also i think there is a hash collision risk)

Sorry but that can not be true!
If you only change one bit of a file, the hash will not work!
SHA-256 is considered safe! If they found a collision, SHA-256 would be broken! And the world would not be the same tomorrow!
If you believe in dehashing from (SHA-256), you should not use Bitcoin!

I just answered this:  https://bitcointalk.org/index.php?topic=2489301.msg25515158#msg25515158

[pooya87]

with a simple checksum you can only verify the integrity of the file, meaning to make sure it was downloaded correctly and not a half damaged file. and this is only useful for many years ago when everything was old and downloading could cause file to get F'ed up. the modern browsers or download managers and server giving the file don't let that happen. also this way you can not verify the authenticity meaning if the file you downloaded was really created by Thomas or not. a hacker can easily change the file and the checksum available both on same place (also i think there is a hash collision risk)

Sorry but that can not be true!
If you only change one bit of a file, the hash will not work!
SHA-256 is considered safe! If they found a collision, SHA-256 would be broken! And the world would not be the same tomorrow!
If you believe in dehashing from (SHA-256), you should not use Bitcoin!

you misunderstood the process and the reasons for the process.
it is the difference between checking the "integrity" of a file and checking the "authenticity" of a file.
with hashes like SHA or MD5 you just check the integrity.
with signatures like PGP you check both integrity and authenticity.

let me give you an example.
lets say you go to Electrum.org and download Electrum.exe and hash from same place. how can you be sure Electrum.org was not hacked 10 minutes ago and the .exe file and its hash does not belong to the hacker? it happens a lot. and it is actually a common thing. an attacker replaces the .exe and its hash with his own files. the hash is 100% correct because it is the hash of the fake .exe and you have no way of telling the difference.

but when we are talking about PGP signature. the key is unique (pub key: 0x7F9470E6) even if the attacker replaces the .exe he has no way of reproducing a valid signature (the .asc files beside the download file) that can be verified by this pub key because he doesn't have the private key.

[MixMAx123]

If the hash (SHA-256) is in the signature, I can check the signature.
If true, the hash is correct and exe can not be fake.
With SHA-256, the integrity as well as the authenticity can be tested!
Therefore, the hash in the signature!

Please put the hash in the signature!



Edit:

- "with hashes like SHA or MD5 you just check the integrity."
With a SHA-256 I can also test the authenticity. If it is sure that the hash is real.

- "with signatures like PGP you check both integrity and authenticity."
If the hash is in the PGP signature, I'll check the authenticity as well

- "lets say you go to Electrum.org and download Electrum.exe and hash from same place. how can you be sure Electrum.org was not hacked 10 minutes ago and the .exe file and its hash does not belong to the hacker?"
If the hash is in the PGP signature, I first check the authenticity of the signature, then I can check the authenticity of the file with the included hash.

- " an attacker replaces the .exe and its hash with his own files. the hash is 100% correct because it is the hash of the fake .exe and you have no way of telling the difference."
An attacker can not fake a PGP signature with a contained hash! That will not do! The hash should not be open on the website, but in the signature!

[pooya87]

- "with hashes like SHA or MD5 you just check the integrity."
With a SHA-256 I can also test the authenticity. If it is sure that the hash is real.

only if you receive the SHA256 hash from some other source. lets say you contact ThomasV on some other channel, like visiting him at his home and receiving hashes of the files he created.
any other way can be manipulated and simply faked. again it is not about giving you legit hash for the fake file. it gives you correct hash of the fake file and you have no way of knowing if it is ThomasV who put it there or a hacker.

- "lets say you go to Electrum.org and download Electrum.exe and hash from same place. how can you be sure Electrum.org was not hacked 10 minutes ago and the .exe file and its hash does not belong to the hacker?"
If the hash is in the PGP signature, I first check the authenticity of the signature, then I can check the authenticity of the file with the included hash.

if you check the signature then there is no need to have/check the hashes.

- " an attacker replaces the .exe and its hash with his own files. the hash is 100% correct because it is the hash of the fake .exe and you have no way of telling the difference."
An attacker can not fake a PGP signature with a contained hash! That will not do! The hash should not be open on the website, but in the signature!

if you have PGP you DO NOT need hashes.
and as someone said in the other topic, hashes will give users a false sense of security and since many users are lazy they will only check the hash and not PGP and think it is OK now. we will soon see victims who now say they have checked the "signature" but it was a malware but in reality they skipped the sig. check.

[Coin-Keeper]

Thanks Pooya87,

I don't know how either of us could make this more clear.  For some reason there are lots of users that get "stuck in the mud" with PGP verifications.  I don't worry quite as much as I used to since I use hardware wallets exclusively now.  Still, I want to know my files are legit!