Still need checksum in application protocol when tcp/ip already has it?

Question

I am designing an application protocol, and i am wondering if i still need include checksum in the protocol since tcp/ip already has checksum. what's your opinion?

score 3 · Answer 1 · answered Sep 12 '09 at 07:54

3

The BitTorrent protocol has a heavy amount of additional error correction and detection layered on top of TCP, so clearly the protocol designers saw the need for it.

answered Sep 12 '09 at 07:54

skaffman

398,947
96
818
769

score 2 · Accepted Answer · answered Sep 12 '09 at 09:03

The TCP checksum is quite weak, so you probably want an application level one if you are at all worried about reliability.

In particular the TCP checksum is not a secure hash, and there is no signature, so if you're worried about malicious changes then you need to add the security yourself.

score 0 · Answer 3 · answered Nov 21 '10 at 14:51

To add to the other answers, you should probably look into Message Authentication Codes. MACs are a more robust way to detect errors than a simple TCP checksum.

If you want something robust, take a look at [HMAC][2]. HMAC provides both error detection and authentication (via shared keys).

If you want something quick and dirty, why not use sha1 hashes?

Still need checksum in application protocol when tcp/ip already has it?

3 Answers3