So in this scenario there are several programs that exist that can open and read a binary file, but my program must be the final arbitrator in creating and writing to these files.
In this program I am writing, I would like to detect if the file has been tampered with outside of my program's control. It is important that the other programs can still read the file, but that my program can refuse to open it on grounds it was edited outwith my program.
My solution is to distribute the file(s) with a list of checksums. If the corresponding checksum from the checksum list doesn't match the accompanying file, or the list does not exist, then that file is rejected.
My solution would be to calculate the hash using the following method:
sha256(HIDDEN_SALT + FILE_CONTENTS)
The HIDDEN_SALT
being the key property that ensures outside sources couldn't spoof the hash.
In this situation, as the salt is applied to multiple files (1000+), would it be easy to crack by working backwards from the checksum(s) it was applied to? (Consider they have both the checksum and the file.) Would there be a better solution to this problem?