Robert Elder Software Inc.
  • Home
  • Store
  • Blog
  • Contact
  • Home
  • Store
  • Blog
  • Contact
  • #linux
  • |
  • #commandline
  • |
  • #softwareengineering
  • |
  • #embeddedsystems
  • |
  • #compilers
  • ...
  • View All >>

Intro To 'sum' Command In Linux

2024-01-10 - By Robert Elder

     I use the 'sum' command to compute the 16-bit checksum of a file:

sum hello-world.txt
00721     6

     or a stream:

echo -n "Hello World!" | sum
02760     1

     The 'sum' command is one of the oldest checksum commands, dating back to the first version of Unix, from 1971:

Sum Command In Unix

BSD Checksum

     Given the following files:

ls -latr
-rw-rw-r-- 1 robert robert 56455 Dec 27 20:09 cat.jpg
-rw-rw-r-- 1 robert robert 45378 Dec 27 20:09 data.txt
-rw-rw-r-- 1 robert robert  8975 Dec 27 20:09 music.wav

     If I run the 'sum' command with only file arguments:

sum data.txt cat.jpg music.wav
35643    45 data.txt
50920    56 cat.jpg
23048     9 music.wav

     or with the '-r' flag, I'll see the 16-bit checksum for each file:

sum -r data.txt cat.jpg music.wav
35643    45 data.txt
50920    56 cat.jpg
23048     9 music.wav

     The checksum is followed by a number indicating how many 1 KiB data blocks the checksum algorithm encountered.

     This output corresponds to the 'BSD sum algorithm'.

System V Checksum

     If I run the 'sum' command again with the '-s' flag, I'll see different checksum values, followed by the number of 512 byte blocks:

sum -s data.txt cat.jpg music.wav
3682 89 data.txt
56238 111 cat.jpg
34930 18 music.wav

     This output corresponds to the 'System V' sum algorithm.

Completely Obsolete

     Both of these algorithms are completely useless form a security perspective, and their continued existence is only for legacy use cases.  As a demonstration of this fact, you can easily write a script that will use brute-force to find some interesting hash collisions. If you really want to confuse people, you could use this to find examples where the 'sum' command produces a checksum value on a string of text that is the same value as the mathematical sum of integers described in the text string itself:

#!/bin/bash

while true; do
        #echo "Iteration"
        a=$RANDOM
        b=$RANDOM
        actual=$(($a+$b))
        h=$(echo $a + $b | sum | sed 's/ .*//g')
        if [ "$actual" = "$h" ]; then
                echo "#  $a + $b = $actual"
                echo "echo $a + $b | sum"
        #else
        #       echo "'$actual' != '$h'"
        fi
done

     The resulting output will look something like this:

#  19661 + 13129 = 32790
echo 19661 + 13129 | sum
#  23450 + 4514 = 27964
echo 23450 + 4514 | sum
#  16900 + 15425 = 32325
echo 16900 + 15425 | sum
#  11249 + 28323 = 39572
echo 11249 + 28323 | sum
#  9443 + 25068 = 34511
echo 9443 + 25068 | sum

     And if you run these 'sum' commands, you'll see output similar to the following:

#  19661 + 13129 = 32790
32790     1

#  23450 + 4514 = 27964
27964     1

#  16900 + 15425 = 32325
32325     1

#  11249 + 28323 = 39572
39572     1

#  9443 + 25068 = 34511
34511     1

     This makes it appear as though the 'sum' command might actually be giving you the mathematical sum, but it's really just finding hash collisions.

     The GNU Core Utils implementation of the BSD sum algorithm can be found here, and the System V sum algorithm is found just below it in the same file.

     And that's why the 'sum' command is my favourite Linux command.

Intro To 'stty' Command In Linux
Intro To 'stty' Command In Linux
Published 2023-10-04
Terminal Block Mining Simulation Game
$1.00 CAD
Terminal Block Mining Simulation Game
Intro To 'nproc' Command In Linux
Intro To 'nproc' Command In Linux
Published 2023-07-15
Intro To 'comm' Command In Linux
Intro To 'comm' Command In Linux
Published 2023-09-06
How To Force The 'true' Command To Return 'false'
How To Force The 'true' Command To Return 'false'
Published 2023-07-09
A Surprisingly Common Mistake Involving Wildcards & The Find Command
A Surprisingly Common Mistake Involving Wildcards & The Find Command
Published 2020-01-21
A Guide to Recording 660FPS Video On A $6 Raspberry Pi Camera
A Guide to Recording 660FPS Video On A $6 Raspberry Pi Camera
Published 2019-08-01
Intro To 'chroot' Command In Linux
Intro To 'chroot' Command In Linux
Published 2023-06-23
Join My Mailing List
Privacy Policy
Why Bother Subscribing?
  • Free Software/Engineering Content. I publish all of my educational content publicly for free so everybody can make use of it.  Why bother signing up for a paid 'course', when you can just sign up for this email list?
  • Read about cool new products that I'm building. How do I make money? Glad you asked!  You'll get some emails with examples of things that I sell.  You might even get some business ideas of your own :)
  • People actually like this email list. I know that sounds crazy, because who actually subscribes to email lists these days, right?  Well, some do, and if you end up not liking it, I give you permission to unsubscribe and mark it as spam.
© 2025 Robert Elder Software Inc.
SocialSocialSocialSocialSocialSocialSocial
Privacy Policy      Store Policies      Terms of Use