A cryptographic checksum is used to verify that digital information has not been altered. It is especially important for assuring that data were not corrupted or altered during transport and for authenticating data such as digital signatures and passwords. ^[1] The checksum may also be referred to as a hash. The hash is created by applying an algorithm to the original data that creates a mathematical value of a fixed size. The original data will always create the same hash (ie, the same value) but it is practically impossible to reverse engineer the hash to determine the exact contents of the original data. ^[2] Any change in the original data will generate a different hash (ie, a different checksum). Checksums can be used when transporting messages. A message is sent with a checksum. The receiving computer also computes the checksum, which should match the checksum sent with the original message. Theoretically, any change in the data would generate a different checksum and the verification step performed by the receiving computer would produce a different checksum, indicating the data were corrupt or altered.^[3]

The ideal cryptographic hash function has four main properties:

It is easy to compute the hash value for any given message
It is infeasible to generate a message from its hash
It is infeasible to modify a message without changing the hash
It is infeasible to find two different messages with the same hash. ^[4]

Degree of Difficulty

In cryptographic practice, “difficult” generally means “almost certainly beyond the reach of any adversary who must be prevented from breaking the system for as long as the security of the system is deemed important”. The meaning of the term is therefore somewhat dependent on the application, since the effort that a malicious agent may put into the task is usually proportional to his expected gain. However, since the needed effort usually grows very quickly with the digest length, even a thousand-fold advantage in processing power can be neutralized by adding a few dozen bits to the latter.

References

↑ http://oxfordindex.oup.com/view/10.1093/oi/authority.20110803095651597
↑ http://en.wikipedia.org/wiki/Hash_function
↑ http://en.wikipedia.org/wiki/Cryptographic_hash_function
↑ Schneier, Bruce. Cryptanalysis of MD5 and SHA: Time for a New Standard. Computerworld. https://www.schneier.com/essays/archives/2004/08/cryptanalysis_of_md5.html

[1] ttp://oxfordindex.oup.com/view/10.1093/oi/authority.20110803095651597

[2] ttp://en.wikipedia.org/wiki/Hash_function

[3] ttp://en.wikipedia.org/wiki/Cryptographic_hash_function

[Schneier-2004-4] Schneier, Bruce. Cryptanalysis of MD5 and SHA: Time for a New Standard. Computerworld. https://www.schneier.com/essays/archives/2004/08/cryptanalysis_of_md5.html

[1]

[2]

[3]

[4]

Cryptographic Checksum

Degree of Difficulty

References

Navigation menu

Personal tools

Namespaces

Variants

Views

Actions

Search

Navigation

Tools