TCP Checksum: The Fault in the Stars

TCP Checksum could be deemed as one of the weakest non-cryptographic checksums, and yet it continues to be there, undisputed. Sometimes edge-systems even have it turned off for performance reasons, counting on the application checksums for integrity; while other systems like gateways and servers have them offloaded to the network interface card (NIC), mostly because the functionality exists. The question is, does it really serve any purpose in today’s date? It does, very little.

RFC 793:

The checksum field is the 16 bit one’s complement of the one’s complement sum of all 16-bit words in the header and text. If a segment contains an odd number of header and text octets to be checksummed, the last octet is padded on the right with zeros to form a 16-bit word for checksum purposes. The pad is not transmitted as part of the segment. While computing the checksum, the checksum field itself is replaced with zeros.

Continue reading “TCP Checksum: The Fault in the Stars”