Announcing to backup keys as QR codes on paper

Peter Lebbing peter at
Mon Feb 27 13:30:13 CET 2017

On 27/02/17 11:50, Gerd v. Egidy wrote:
> echo -n "line content to check" | md5sum | cut -c -6

Yes, that should work just as well in practice, I think. 24 bits of
checksum is slightly weaker than 32, but I don't think it matters.

> But I think a collision at the first 3 bytes is less likely with MD5 than one 
> with CRC. The MD5 sum changes drastically if just one bit flips.

I doubt CRC-32 would be worse than 32 bits of MD5, since CRC-32 is
designed to catch accidental errors[1]. I don't know how a CRC-32
truncated to 24 bits would behave. A truncated MD5 should be fine for
detecting accidental errors, though.

So I think the three initial bytes of an MD5 would work well to detect
typing errors.



[1] Although it's probably better at physical noise in the transfer of
individual bits than typing mistakes in base64 data.

I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20170227/4ca4aaf0/attachment.sig>

More information about the Gnupg-users mailing list