> To ensure that there is no change in database between
> subsequent official turnoffs and turn ons my client
> is demanding "checksum of the database" to be
> implemented.

You will be looking for a message digest (hash) or digital
signature function. With the various checksum algorithms
(including 16 or 32 bit CRCs) it is quite feasible to brute
force a change to produce the same checksum result.

MD5 is not bad but no longer considered highly secure

SHA1 hit the news recently because it was found to not
as secure as desired. AFAIK it is still practically
very secure, but maximum security users are now
looking for alternative.

See these articles for info:
http://www.schneier.com/essay-074.html
http://www.schneier.com/blog/archives/2005/02/cryptanalysis_o.html

Options still considered very secure include the longer
versions of SHA: SHA-224, SHA-256, SHA-384, and SHA-512.
Plus there are various others that do not yet have _known_
(or at least not proven) weaknesses.

You will find various utilities on the net available for
producing these types of hash results.


Another way of dealing with this is the use of encryption and
digital signatures. Generally such signatures are generated
using the one of the hash functions described above (or
similar), but it is all packaged up nicely for public key
encryption facilities. So you get the combination of allowing
strong encryption when desired PLUS you can use the integrated
signature features.

One reputable place to look at the details of this would be:
http://www.gnupg.org/


--
Geoff Worboys
Telesis Computing