[e2e] Re: [Tsvwg] Really End-to-end or CRC vs everything else?
Craig Partridge
craig at aland.bbn.com
Mon Jun 11 13:48:51 PDT 2001
In message <5.1.0.14.2.20010611143202.0462bec0 at mail.reed.com>, "David P. Reed"
writes:
>>Third, is that I wonder if you took in the result from my dissertation
>>which Craig reported a couple of days ago? Over the space of all
>>possible errors, md5 detects the exact same fraction of errors as MD4,
>>or as a 128-bit CRC, or a 128-bit sum, or even a 128-bit constant.
>>Given that, what is the *error-detection* rationale for using MD5--
>>as opposed (per the earlier disscussion) chooisng a cheaper function,
>>which gives us the same Shannon information?
>
>I did, but it does not make sense. Detecting the same fraction is not the
>same as having a good probability of detecting the errors that happen in
>fact. The constant function is particularly bad on this front. But by
>using a keyed class of cryptographically based functions, you increase the
>potential set of errors that will be detected eventually if they are repeated.
I think you've missed the point. In a prior note, you suggested a line of
thinking of assume an adversary. Implicitly, that's an error model.
So what if traffic doesn't match that error model -- that is to say, errors
are not ones an adversary would pick -- then the checksum chosen is the
wrong one.
Craig
More information about the end2end-interest
mailing list