How many times did you run the test? sha1 should be faster then sha256 in theory. They use the same block size but sha1 is a simpler algorithm. I did some quick testing and for me sha1 was always faster.
Your results could be more about testing differences due to caching or other activities. If you want to bench them for some reason you might consider taking the average of multiple tests.
That being said, the differences are pretty minimal since most of the time is probably io reading the iso.
A lot of the benchmarks people do are actually testing IO rather than anything else. For example, build a kernel on a 5400rpm 2.5" HDD and it will take far longer than building in RAM, no matter what CPU you’re using.
CONFIG_CRYPTO_SHA256_SSSE3:
SHA-256 secure hash standard (DFIPS 180-2) implemented
using Supplemental SSE3 (SSSE3) instructions, or Advanced Vector
Extensions version 1 (AVX1), or Advanced Vector Extensions
version 2 (AVX2) instructions, or SHA-NI (SHA Extensions New
Instructions) when available.
I have one partition mounted /ISOs with many current ISOs.
sha256sum appears to be faster than does md5sum, or sha1sum.
By the way, I did copy the endeavourOS to /tmp, which is a ram partition.
I was just pointing out an anomalie, and I am not saying that md5sum is inadequate. It definitely is definitely more than adequate to use to verify that no downloaded corruption occurred.
I was purely timing the verious sha*sum algorithms against md5sum.