What is CRC-32?
CRC-32 (Cyclic Redundancy Check, 32-bit) is a fast checksum algorithm used to detect accidental changes in data. It produces a 32-bit value (8 hex characters) based on polynomial division of the input data. Commonly implemented in hardware and software for error-checking in networks, storage devices, and file formats.
How CRC-32 works
- Initialize a 32-bit register to all 1s (0xFFFFFFFF).
- Process each byte by XOR-ing with the register’s top byte and indexing into a precomputed lookup table.
- Shift the register 8 bits and XOR with the table value.
- Repeat until all bytes are processed.
- Finalize by inverting the register (bitwise NOT) to obtain the CRC-32 value.
Common applications
- ZIP, gzip, PNG and other file formats for integrity checks
- Ethernet, PPP and other network protocols
- Storage devices like HDD, SSD and RAID controllers
- Archive verification and download integrity checks
Example checksums
| Input | CRC-32 |
|---|---|
Hello, World! | 1c291ca3 |
password | 477dff2a |
123456789 | cbf43926 |
| (empty) | 00000000 |
CRC-32 vs. other checksums and hashes
| Algorithm | Output | Collision Resistance | Speed |
|---|---|---|---|
| CRC-32 | 32 bits | ❌ Low | ⚡ Very fast |
| MD5 | 128 bits | ❌ Broken | ⚡ Fast |
| SHA-1 | 160 bits | ❌ Compromised | ⚡ Fast |
| SHA-256 | 256 bits | ✅ Secure | 🚀 Moderate |
| BLAKE3 | 256 bits | ✅ Very secure | ⚡ Blazing |
Frequently Asked Questions
Is CRC-32 secure for cryptographic use?
No. CRC-32 is designed for error detection, not for security. It’s vulnerable to intentional collisions.
Why use CRC-32 instead of a cryptographic hash?
CRC-32 is much faster and sufficient for detecting accidental errors, but it should not be used for security-critical applications.
How can I verify a file download?
Generate the CRC-32 checksum of the downloaded file and compare it with the published value to ensure integrity.