[Haskell-cafe] Digests
Andrew Coppin
andrewcoppin at btinternet.com
Thu Dec 2 22:39:02 CET 2010
On 02/12/2010 09:17 PM, Permjacov Evgeniy wrote:
> The data integrity checks is well-known problem. A common soluting is
> use of 'checksums'. Most of them , however, are built in quite
> obfuscated manner (like md5) that results in ugly and error-prone
> implementations (see reference implementation for same md5).
>
> So, the question is: is there a checksum, that is easy to implement over
> stream of bytes and may work as good checksum and is good in sence that
> creation of messages with same checksum that given message has is very
> hard problem (at least 2^128 tries) ?
>
> The reason is that I wish a good checksum to be implemented im my
> stream-oriented library.
Designing something that detects accidental alterations reliably is
quite easy.
Designing something that detects malicious alterations reliably is
absurdly hard.
(Last time I checked, MD5, SHA-1 and SHA-256 are all fairly similar in
design, and all have either had serious weaknesses found or actually
been broken.)
Cryptographic hash functions are like ciphers; their designs are almost
always quite complicated, in order to make it harder to analyse (and
thereby crack) the algorithm.
So, depending on exactly which properties you do or don't need, the
problem is either quite easy or absurdly hard.
More information about the Haskell-Cafe
mailing list