On 02/12/2010 09:17 PM, Permjacov Evgeniy wrote:
The data integrity checks is well-known problem. A common soluting is use of 'checksums'. Most of them , however, are built in quite obfuscated manner (like md5) that results in ugly and error-prone implementations (see reference implementation for same md5).
So, the question is: is there a checksum, that is easy to implement over stream of bytes and may work as good checksum and is good in sence that creation of messages with same checksum that given message has is very hard problem (at least 2^128 tries) ?
The reason is that I wish a good checksum to be implemented im my stream-oriented library.
Designing something that detects accidental alterations reliably is quite easy. Designing something that detects malicious alterations reliably is absurdly hard. (Last time I checked, MD5, SHA-1 and SHA-256 are all fairly similar in design, and all have either had serious weaknesses found or actually been broken.) Cryptographic hash functions are like ciphers; their designs are almost always quite complicated, in order to make it harder to analyse (and thereby crack) the algorithm. So, depending on exactly which properties you do or don't need, the problem is either quite easy or absurdly hard.