securityhashanti-cheat

Is xxh64 hash suitable for file integrity check?


Is the xxh64 hash suitable for file integrity checks? I have a game and inside this game I want to check some files integrity before loading (1mb+) to battle cheats. I know that this xxh64 is not suitable for crypto, but is it suitable for my purpose? So for instance if I have some file and I know this file exact size and xxh64 hash, how easy is to create fake file of same exact size and xxh64 hash? And even if I find collision file with same size and xxh64 hash it will be completely garbage, not suitable to use inside game (like texture, sound, animation etc.).


Solution

  • One of the main features of a cryptographically secure hash function -- probably the main feature -- is "preimage resistance", the property of making it computationally infeasible to find an input with a given hash. Preimage resistance is basically what you're looking for, and it is not a feature of xxHash.

    More details on xxHash's weakness to preimaging are given in this question. But the short answer: No, it's unsuitable. (It's also unnecessary. Modern processors are crazy fast at computing, say, SHA-256. There is no possible way that that will be the bottleneck of your gigantic data.)