Re: CRC 32 vs CRC 64 vs CRC 128 vs MD5

From: Paul Schlyter (pausch_at_saaf.se)
Date: 07/20/03


Date: Sun, 20 Jul 2003 07:52:55 +0000 (UTC)

In article <s%oSa.91242$sY2.43624@rwcrnsc51.ops.asp.att.net>,
zhengyu <zhengyu@comcast.net> wrote:
 
> I got a few questions on one way hashing function.
>
> I was investigating CRC32 and found that it wasn't particularly good
> at doing signatures. Then I looked at CRC64, it was much collision-
> safer and computationally it is much better than MD5, now, if I do
> CRC128, would it be just as safe as MD5?? If so CRC128 is probably
> a lot more computationally efficient than MD5.
 
While properly designed CRC's are good at detecting random errors in
the data (due to e.g. line noise), the CRC is useless as a secure
indicator of intentional manipulation of the data. And this is
because it's not hard at all to modify the data to produce any CRC
you desire (e.g. the same CRC as the original data, to try to
disguise your data manipulation).
 
Therefore, even a 2048-bit CRC would be cryptographically much less
secure than a 128-bit MD5.
 
There is a reason cryptographically strong hashes such as MD5 or SHA
require much more computation than a simple CRC.
 

-- 
----------------------------------------------------------------
Paul Schlyter,  Grev Turegatan 40,  SE-114 38 Stockholm,  SWEDEN
e-mail:  pausch at stockholm dot bostream dot se
WWW:     http://www.stjarnhimlen.se/

         http://home.tiscali.se/pausch/