A message digest is being used to verify that a message is the intended one.
By how much would bundling a hash digest with contents to form the message increase the difficulty of collision and preimage attacks against the message?
For example, to encode:
message = data . hash1(data)
message_hash = hash2(message)
To verify message using message_hash:
check(hash2(message) == message_hash)
data = message[:-digest_size]
check(hash1(data) == message[-digest_size:])
hash1 and hash2 could be completely different types of hash functions.
My reasoning for this was that any attack would have to break both hash functions – faking the outer digest would require constructing a message with a valid inner hash.
If the outer hash algorithm is broken, the inner hash could help, but you have to consider how likely that scenario is with a well respected algorithm.
If the outer hash is so small that a brute force attack is feasible, the inner hash wouldn’t help much at all. Instead of finding a message with the same hash, the attacker would have to find a message plus inner hash with the same outer hash, which pretty much amounts to the same thing.
So make the hash as large as you can, and concentrate on making sure there are no back doors in the rest of your system. 64 bits is probably just about OK unless you are anticipating a government or major corporation taking an interest in breaking your hash.