[e2e] Re: [Tsvwg] Really End-to-end or CRC vs everything else?

Craig Partridge craig at aland.bbn.com
Mon Jun 11 13:48:51 PDT 2001


In message <5.1.0.14.2.20010611143202.0462bec0 at mail.reed.com>, "David P. Reed" 
writes:

>>Third, is that I wonder if you took in the result from my dissertation
>>which Craig reported a couple of days ago?  Over the space of all
>>possible errors, md5 detects the exact same fraction of errors as MD4,
>>or as a 128-bit CRC, or a 128-bit sum, or even a 128-bit constant.
>>Given that, what is the *error-detection* rationale for using MD5--
>>as opposed (per the earlier disscussion) chooisng a cheaper function,
>>which gives us the same Shannon information?
>
>I did, but it does not make sense.  Detecting the same fraction is not the 
>same as having a good probability of detecting the errors that happen in 
>fact.  The constant function is particularly bad on this front.  But by 
>using a keyed class of cryptographically based functions, you increase the 
>potential set of errors that will be detected eventually if they are repeated.

I think you've missed the point.  In a prior note, you suggested a line of
thinking of assume an adversary.  Implicitly, that's an error model.

So what if traffic doesn't match that error model -- that is to say, errors
are not ones an adversary would pick -- then the checksum chosen is the
wrong one.

Craig



More information about the end2end-interest mailing list