Shared assemblies must have a strong name. A strong name consists of the assembly's name, version and culture metadata, plus a cryptographic public key and a digital signature. Because it is sufficiently unlikely that two different assemblies will have the same strong name, Microsoft considers a strong name to be a unique identifier of an assembly. Two properties of digital signatures support this position:
Digital signatures are associated with a hash code generated from the contents of the assembly; this hash code acts as a "fingerprint" for the assembly contents, and it is very difficult to find two assemblies with the same fingerprint.
Cryptographic key pairs, used to create the digital signature, are created randomly.
The randomness of key pairs, and the uniqueness of the fingerprint provided by the digital hash code and signature, means that a strong name, for all practical purposes, provides a unique identification for an assembly. See Chapter 13 for details of digital hash codes and Chapter 16 for details of digital signatures.
The chapters in the Cryptography section of this book provide information about assessing the cryptographic meaning of words and phrases such as "unique" and "very difficult."
The uniqueness of a strong name allows the .NET Framework to verify the contents of an assembly to protect against tampering; the hash code generated from the assembly contents means that changing even a single MSIL statement will invalidate the digital signature, ...