Checksums, MACs, and Signatures

A Checksum

Examples: CRC-32, MD5, SHA3.

Use a checksum when you want to protect data from accidental corruption.

Checksums are deterministic and don’t rely on secrets. An adversary who can make guesses about the kinds of data you send can spoof a checksum. So checksums aren’t useful against adversaries. Trying to use them for security is a famous class of cryptographic mistakes; for instance, it’s why we use SSH2 rather than SSH1.


Examples: HMAC-SHA2, keyed SHA3, Poly1305, GCM’s GHASH construction.

Use a MAC any time you’re protecting

A Signature

Which do I need?