How can zero byte files generate a hash value?

Solution 1:

Hash algorithms read the input and process it, no matter if there's data at all. This is a valid and wanted behaviour and is even used to verify if a certain implementation is correct. This leads to "null-hashes" for all major algorithms.

To sum it up: da39a3ee5e6b4b0d3255bfef95601890afd80709 is the sha1-hash for an empty file everywhere, the same is true with the null-hashes of other alrogrithms.

Solution 2:

All hash algorithms in Quick Hash are Merkle–Damgård constructions. As such, they pad the message to a multiple of the block size.

Quick Hash's algorithms achieve this by appending a 1 bit, as many 0 bits as needed, and finally the message length.

This allows hashing messages of arbitrary length, including zero-length messages.

Solution 3:

(Add-on to Dennis and fixer1234's answer?)

Succinctly:

$ shasum -a 256 /dev/null e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 /dev/null

All 0-byte files will have the same checksum.

$ shasum -a 512 /dev/null cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e /dev/null

$ shasum /dev/null da39a3ee5e6b4b0d3255bfef95601890afd80709 /dev/null

$ md5 /dev/null MD5 (/dev/null) = d41d8cd98f00b204e9800998ecf8427e (note: MD5 is broken; it's not a 'secure hash'. This is documented in the MD5 entry in Wikipedia.)

Thus, for example, if you're trying to verify the innocuousness of files at virustotal.com with one of the secure hash values listed here, e.g. da39a3ee5e6b4b0d3255bfef95601890afd80709 then you can be confident that the file was indeed 0 bytes (or was a folder, which virustotal, confusingly, hashes as if it's a 0-byte file.)