BSD checksum explained

The BSD checksum algorithm was a commonly used, legacy checksum algorithm. It has been implemented in old BSD and is also available through the sum command line utility.

This algorithm is useless from a security perspective, and is weaker than the CRC-32 cksum for error detection.[1]

Computation of the BSD checksum

Below is the relevant part of the GNU sum source code (GPL licensed). It computes a 16-bit checksum by adding up all bytes (8-bit words) of the input data stream. In order to avoid many of the weaknesses of simply adding the data, the checksum accumulator is circular rotated to the right by one bit at each step before the new char is added.int bsdChecksumFromFile(FILE *fp) /* The file handle for input data */

Description of the algorithm

As mentioned above, this algorithm computes a checksum by segmenting the data and adding it to an accumulator that is circular right shifted between each summation. To keep the accumulator within return value bounds, bit-masking with 1's is done.

Example: Calculating a 4-bit checksum using 4-bit sized segments (big-endian)
Input: 101110001110 -> three segments: 1011, 1000, 1110.Iteration 1: segment: 1011 checksum: 0000 bitmask: 1111a) Apply circular shift to the checksum: 0000 -> 0000b) Add checksum and segment together, apply bitmask onto the obtained result: 0000 + 1011 = 1011 -> 1011 & 1111 = 1011Iteration 2: segment: 1000 checksum: 1011 bitmask: 1111a) Apply circular shift to the checksum: 1011 -> 1101b) Add checksum and segment together, apply bitmask onto the obtained result: 1101 + 1000 = 10101 -> 10101 & 1111 = 0101Iteration 3: segment: 1110 checksum: 0101 bitmask: 1111a) Apply circular shift to the checksum: 0101 -> 1010b) Add checksum and segment together, apply bitmask onto the obtained result: 1010 + 1110 = 11000 -> 11000 & 1111 = 1000Final checksum: 1000

Sources

Notes and References

  1. — manual pages from GNU coreutils