Why does gzip use CRC instead of a general hash algorithm?

Question

What is the difference between a Digital Signature and a codeword?

CONTEXT: I've been having to do a decent amount of work with gzipped files recently. One interesting thing I found while reading the Python zlib documentation is the claim that CRC should not be used as a general hash algorithm. This made me wonder, what's the point of a CRC if it's not a general hash algorithm? Isn't the point to check equality?

Answer 1

The CRC in zip files is mainly used to make sure that the file is not damaged during storage or transit. It is not used to provide authenticity or protect against files being changed by an attacker. So the cryptographic safety is not required.

Cryptographic hashes do provide the same or better protection against integrity failures. They are however more computational intensive and they require a larger output. If the output of the hash is reduced too much then CRC may actually provide better detection of (random) changes.

As the CRC value does not protect against deliberate changes - it isn't difficult to find files that would generate the same CRC value - it is not suitable for digital signatures. For that you do need a cryptographic hash.

Note that a cryptographic hash is not a signature. For signatures you need a digital signature application such as PGP. Digital signatures (generally) consist of a hash that is then processed using information from a private key (verified by the public key at the receiver).

---

Note: sometimes the word "signature" to mean "fingerprint". For fingerprints a cryptographic hash - mostly MD5 or SHA-1 is still used. But that's a rather far fetched and - in my opinion - incorrect use of the word "signature".