0

While going through IP header checksum i.e. 1's complement of 1's complement sum of 16 bits data, I can't help but think that how come this method can detect error/alteration in data. For example, computer A sends a packet with data (12 and 7) and computer B receives the packet but with data altered (13 and 6). Hence in the receiver, checksum still match however data is altered. Could you please help me to understand if I am missing something in this topic?

Thank you.

NeilB
  • 347
  • 2
  • 16

1 Answers1

0

Is IP header checksum a full proof method of error detection?

No.

The IP header checksum's purpose is to enable detection of a damaged IP header. It does not protect against manipulation or damage to the data field (which often has its own checksum).

For protection against manipulation a cryptographic method is required.

Zac67
  • 2,761
  • 1
  • 10
  • 21
  • Thank you. But can it really detect the damage 100 percent of the time? It is a 16 bit checksum so it can happen that different ip header values resulting into same checksum. Is it not? – NeilB Jan 07 '19 at 12:48
  • 1
    The checksum method is not fool-proof (nothing *really* is) - mulitple error bits in the header *might* cancel out against each other and make the checksum match in spite of the damage. There's *a good chance* any damage is detected as the data/checksum size ratio isn't that bad, but a simple checksum isn't near 100% reliable. However, it is implied that extensive packet damage isn't limited to the header alone and is more likely detected for the data field. – Zac67 Jan 07 '19 at 13:16