A checksum is a small block of data derived from digital data to detect errors introduced during its transmission or storage, primarily verifying data integrity rather than authenticity. The procedure generating it, called a checksum algorithm, often ensures even minor input changes yield different outputs, as seen in cryptographic hash functions. Related to hash functions and fingerprints, checksums serve as cryptographic primitives in systems like HMAC. Special checksum forms include check digits and parity bits, used for small data blocks and incorporated into error-correcting codes that can detect and sometimes recover from errors.
Algorithms
Parity byte or parity word
The simplest checksum algorithm is the so-called longitudinal parity check, which breaks the data into "words" with a fixed number n of bits, and then computes the bitwise exclusive or (XOR) of all those words. The result is appended to the message as an extra word. In simpler terms, for n=1 this means adding a bit to the end of the data bits to guarantee that there is an even number of '1's. To check the integrity of a message, the receiver computes the bitwise exclusive or of all its words, including the checksum; if the result is not a word consisting of n zeros, the receiver knows a transmission error occurred.3
With this checksum, any transmission error which flips a single bit of the message, or an odd number of bits, will be detected as an incorrect checksum. However, an error that affects two bits will not be detected if those bits lie at the same position in two distinct words. Also swapping of two or more words will not be detected. If the affected bits are independently chosen at random, the probability of a two-bit error being undetected is 1/n.
Sum complement
A variant of the previous algorithm is to add all the "words" as unsigned binary numbers, discarding any overflow bits, and append the two's complement of the total as the checksum. To validate a message, the receiver adds all the words in the same manner, including the checksum; if the result is not a word full of zeros, an error must have occurred. This variant, too, detects any single-bit error, but the pro modular sum is used in SAE J1708.4
Position-dependent
The simple checksums described above fail to detect some common errors which affect many bits at once, such as changing the order of data words, or inserting or deleting words with all bits set to zero. The checksum algorithms most used in practice, such as Fletcher's checksum, Adler-32, and cyclic redundancy checks (CRCs), address these weaknesses by considering not only the value of each word but also its position in the sequence. This feature generally increases the cost of computing the checksum.
Fuzzy checksum
The idea of fuzzy checksum was developed for detection of email spam by building up cooperative databases from multiple ISPs of email suspected to be spam. The content of such spam may often vary in its details, which would render normal checksumming ineffective. By contrast, a "fuzzy checksum" reduces the body text to its characteristic minimum, then generates a checksum in the usual manner. This greatly increases the chances of slightly different spam emails producing the same checksum. The ISP spam detection software, such as SpamAssassin, of co-operating ISPs, submits checksums of all emails to the centralised service such as DCC. If the count of a submitted fuzzy checksum exceeds a certain threshold, the database notes that this probably indicates spam. ISP service users similarly generate a fuzzy checksum on each of their emails and request the service for a spam likelihood.5
General considerations
A message that is m bits long can be viewed as a corner of the m-dimensional hypercube. The effect of a checksum algorithm that yields an n-bit checksum is to map each m-bit message to a corner of a larger hypercube, with dimension m + n. The 2m + n corners of this hypercube represent all possible received messages. The valid received messages (those that have the correct checksum) comprise a smaller set, with only 2m corners.
A single-bit transmission error then corresponds to a displacement from a valid corner (the correct message and checksum) to one of the m adjacent corners. An error which affects k bits moves the message to a corner which is k steps removed from its correct corner. The goal of a good checksum algorithm is to spread the valid corners as far from each other as possible, to increase the likelihood "typical" transmission errors will end up in an invalid corner.
See also
General topic
- Algorithm
- Check digit
- Damm algorithm
- Data rot
- File verification
- Fletcher's checksum
- Frame check sequence
- cksum
- md5sum
- sha1sum
- Parchive
- Sum (Unix)
- SYSV checksum
- BSD checksum
- xxHash
Error correction
Hash functions
File systems
- Bcachefs, Btrfs, ReFS and ZFS – file systems that perform automatic file integrity checking using checksums
Related concepts
Further reading
- Koopman, Philip; Driscoll, Kevin; Hall, Brendan (March 2015). "Cyclic Redundancy Code and Checksum Algorithms to Ensure Critical Data Integrity" (PDF). Federal Aviation Administration. DOT/FAA/TC-14/49. Archived (PDF) from the original on 2015-05-18.
- Koopman, Philip (2023). "Large-Block Modular Addition Checksum Algorithms". arXiv:2302.13432 [cs.DS].
External links
The Wikibook Algorithm Implementation has a page on the topic of: Checksums- Additive Checksums (C) theory from Barr Group
- Practical Application of Cryptographic Checksums *A4 *US-Letter *US-Letter two-column
- Checksum Calculator
- Open source python based application with GUI used to verify downloads.
References
"Definition of CHECKSUM". Merriam-Webster. Archived from the original on 2022-03-10. Retrieved 2022-03-10. https://www.merriam-webster.com/dictionary/checksum ↩
Hoffman, Chris (30 September 2019). "What Is a Checksum (and Why Should You Care)?". How-To Geek. Archived from the original on 2022-03-09. Retrieved 2022-03-10. https://www.howtogeek.com/363735/what-is-a-checksum-and-why-should-you-care/ ↩
Fairhurst, Gorry (2014). "Checksums & Integrity Checks". Archived from the original on April 8, 2022. Retrieved March 11, 2022. https://erg.abdn.ac.uk/users/gorry/eg3576/checksums.html ↩
"SAE J1708". Kvaser.com. Archived from the original on 11 December 2013. https://web.archive.org/web/20131211152639/http://www.kvaser.com/zh/about-can/related-protocols-and-standards/50.html ↩
"IXhash". Apache. Archived from the original on 31 August 2020. Retrieved 7 January 2020. https://cwiki.apache.org/confluence/display/spamassassin/iXhash ↩