Adler32 and MD4 for checksums

Question

Which algorithm does provide safer "speedy checksums"? Choose only from MD4 and Adler32.

Answer 1

I'd use both of them for checksums. As both are "relatively speedy", you can't be more safe than use both - ancient - options.

However, if you are looking for the safest option -- I'd say MD4.

Quote:

In the original SWID requirements, the acceptable collision rate was determined at 1 in 10 million. The degree of uniqueness here is important, but it does not have to be as robust as MD4's claim of 2^64 operations before a collision may occur.

Source: MD4-SWID.pdf

For short messages, Adler32 has a weakness to be aware of:

Jonathan Stone discovered in 2001 that Adler-32 has a weakness for very short messages. He wrote "Briefly, the problem is that, for very short packets, Adler32 is guaranteed to give poor coverage of the available bits. Don't take my word for it, ask Mark Adler. :-)" The problem is that sum A does not wrap for short messages. The maximum value of A for a 128-byte message is 32640, which is below the value 65521 used by the modulo operation. An extended explanation can be found in RFC 3309, which mandates the use of CRC32 instead of Adler-32 for SCTP, the Stream Control Transmission Protocol.

and:

Running Adler, CRC32 and both on several sets of 1 million randomly generated url-like strings ranging from 16 to 128 characters in length, Adler produced duplicates in ~1% of cases; CRC32 produced ~0.2%; and in several runs the combination of both found just 2 duplicates (circa. 0.002% but not enough samples to be judged representative).

Source: Hashing urls with Adler32

Considering the chances of a collision are high [especially] with short messages using Alder32, MD4 has my vote.