WHMurray@DOCKMASTER.NCSC.MIL (02/10/90)
>To make the question a little more specific, of the checksum routines >available today, which would you select. This is slightly a less, rather than more, specific question. Your original question suggested that strength would be the basis of my choice. In fact, crypto theory teaches that knowledge of strength is very expensive. I would prefer to make my selection based upon knowledge that comes a little cheaper. The answer will be influenced by application and environment. However, in general: If I were an employee of the U. S. Government, I would choose the DES. It is available and the authorities have told me that it is strong enough for their purposes. In other cases, I would choose from among CRC, DES, and RSA. We know their strength with sufficient confidence, it is sufficient for most applications, and they are available. In the absence of more knowledge about the application and environment, deeper analysis is not warranted. William Hugh Murray, Fellow, Information System Security, Ernst & Young 2000 National City Center Cleveland, Ohio 44114 21 Locust Avenue, Suite 2D, New Canaan, Connecticut 06840