[Haskell-cafe] Digests

Andrew Coppin andrewcoppin at btinternet.com
Thu Dec 2 22:39:02 CET 2010

On 02/12/2010 09:17 PM, Permjacov Evgeniy wrote:
> The data integrity checks is well-known problem. A common soluting is
> use of 'checksums'. Most of them , however, are built in quite
> obfuscated manner (like md5) that results in ugly and error-prone
> implementations (see reference implementation for same md5).
> So, the question is: is there a checksum, that is easy to implement over
> stream of bytes and may work as good checksum and is good in sence that
> creation of messages with same checksum that given message has is very
> hard problem (at least 2^128 tries) ?
> The reason is that I wish a good checksum to be implemented im my
> stream-oriented library.

Designing something that detects accidental alterations reliably is 
quite easy.

Designing something that detects malicious alterations reliably is 
absurdly hard.

(Last time I checked, MD5, SHA-1 and SHA-256 are all fairly similar in 
design, and all have either had serious weaknesses found or actually 
been broken.)

Cryptographic hash functions are like ciphers; their designs are almost 
always quite complicated, in order to make it harder to analyse (and 
thereby crack) the algorithm.

So, depending on exactly which properties you do or don't need, the 
problem is either quite easy or absurdly hard.

More information about the Haskell-Cafe mailing list