In modem data processing and communication systems, it is often desirable to transfer data between separate and often disparate devices. A common problem arises in such systems when a collection of data transferred from a source device is altered in some way before reaching its destination. The alteration may have various possible causes, including environmental noise, defective or noisy communication transmission lines, a defective data channel, or malicious tampering.
To guard against alteration, error checking mechanisms have been used to verify the correctness of bits received at the receiving device. These mechanisms often included the use of checksums. Checksums involved computing a digital signature for blocks of data to be transmitted. As a block of data was sent over the bus, circuitry at the source device computed a quasi-unique string of data called an "expected signature". A similar signature was computed at the receiving device called an "error detection signature". The error detection signature was compared with the expected signature to determine whether the original collection of data had been altered.
In the past, simple checksum codes were used in error checking mechanisms. A system employing the use of a simple checksum code performed an algorithm such as an exclusive-OR operation between each sequential byte within the collection of data. The checksum was defined as the net resultant binary quantity obtained from these repetitive exclusive-OR operations. A system employing the use of a simple checksum code may have also performed an algorithm such as a summing operation between each sequential byte within the collection of data. The checksum was defined as the net resultant binary quantity obtained from the sum of the bytes in the collection of data.
The use of simple checksum codes had the drawback of not providing the adequate security computer systems required for error detection. For example, the simple checksum code performing exclusive-OR operations had inherent pattern sensitivity for short burst errors randomly distributed throughout the collection of data. Thus, use of an exclusive-OR operation between sequential bytes within the collection of data rendered it possible for errors to cancel one another, and therefore not be detected. Similarly, the simple checksum code performing summing operations was easy to break. A malicious party wishing to insert corrupted data into the collection of data could have easily calculated the expected signature and altered the appropriate bits such that the error detection signature would match. This problem existed for digital checksum signatures which were short as well as long.
Thus, an improved method and apparatus for generating digital checksum signatures where the signatures are difficult to break is needed. It is also desirable to be able to use the digital check signatures to identify the version number of the collection of data and when changes have been made to the collection of data.