[Haskell-cafe] Digests

Serguey Zefirov sergueyz at gmail.com
Thu Dec 2 22:33:58 CET 2010

2010/12/3 Permjacov Evgeniy <permeakra at gmail.com>:
> The data integrity checks is well-known problem. A common soluting is
> use of 'checksums'. Most of them , however, are built in quite
> obfuscated manner (like md5) that results in ugly and error-prone
> implementations (see reference implementation for same md5).
> So, the question is: is there a checksum, that is easy to implement over
> stream of bytes and may work as good checksum and is good in sence that
> creation of messages with same checksum that given message has is very
> hard problem (at least 2^128 tries) ?

2^128 tries needed for hash size of 256 bits. See

Most of the time you can get away with usual block ciphers (and even
with weaker parameters). There is a scheme that transforms block
cipher into hash function:

RC5, for example, parametrized by number of encryption rounds. RC5
with 12 rounds has sufficiently good avalanche (spread of bit change)
so that you can use 12-round RC-5 instead of full death proof

More information about the Haskell-Cafe mailing list