What should you use to verify evidence and thus ensure its integrity?

Verifying evidence integrity relies on a cryptographic hash function. You generate a digest (hash) of the original evidence and store it. Later, you recompute the hash on the copy or on the evidence after transport/storage; if the two digests match, the data hasn’t changed. The reason this works is that good hash algorithms produce a fixed-size output that changes dramatically with any tiny modification—a property known as the avalanche effect—so any alteration yields a different digest. Encryption protects confidentiality, not integrity by itself. Checksums can detect simple errors but aren’t cryptographically strong and can be bypassed or collided. Digital signatures can add authenticity by binding data to a signer, but for the straightforward task of verifying that evidence hasn’t been altered, the hash alone is the most reliable and efficient method (often used in conjunction with signing the hash to prove provenance).