I'm hoping to find a well tested 64-bit algorithm.

I read somewhere a while ago, (but now cannot find:(), that any truncation of a 128 bit algorithm like MD5 does not stand up well to linear distribution tests--and a linear distribution is my priority. I can't think of any way to verify this assertion?

Fast would be good, but it's a secondary consideration.

On the face of it the xor of two random bits should have the same distribution as the original bits unless the bits are related in some fashion. I guess the trick is determining whether there is any coupling between the pairs of bits that would be xor'd together.

---

Perl reduces RSI - it saves typing

determining whether there is any coupling between the pairs of bits that would be xor'd together

I read in that same text that in a good digest function, each bit of the input should affect approximately half of the bits of the output. (I think) the implication was that if this ideal is achieved, and the distribution of the affected bits for each bit of input is sufficiently unpredictable, then the digest is 'secure' meaning unpredictable. But the problem with many of the digests that have been shown to be weak, is that the ideal is not achieved, making certain patterns of outputs for given inputs discernable.

I read that to mean that there is coupling between the upper and lower halves of any digest. Good or bad?

---

Examine what is said, not who speaks -- Silence betokens consent -- Love the truth but pardon error.

"Science is about questioning the status quo. Questioning authority".

In the absence of evidence, opinion is indistinguishable from prejudice.

"Too many [] have been sedated by an oppressive environment of political correctness and risk aversion."