Cyclic Redundancy Check - CRCs and Data Integrity

CRCs and Data Integrity

CRCs are specifically designed to protect against common types of errors on communication channels, where they can provide quick and reasonable assurance of the integrity of messages delivered. However, they are not suitable for protecting against intentional alteration of data.

Firstly, as there is no authentication, an attacker can edit a message and recompute the CRC without the substitution being detected. When stored alongside the data, CRCs and cryptographic hash functions by themselves do not protect against intentional modification of data. Any application that requires protection against such attacks must use cryptographic authentication mechanisms, such as message authentication codes or digital signatures (which are commonly based on cryptographic hash functions).

Secondly, unlike cryptographic hash functions, CRC is an easily reversible function, which makes it unsuitable for use in digital signatures.

Thirdly, CRC is a linear function with a property that CRC(X XOR Y) = CRC(X) XOR CRC(Y); as a result, even if the CRC is encrypted with a stream cipher (or mode of block cipher which effectively turns it into stream cipher, such as OFB or CFB), both message and associated CRC can be manipulated without knowledge of encryption key; this was one of the well-known design flaws of the Wired Equivalent Privacy (WEP) protocol.