Hash

A cryptographic hash function is a mathematical algorithm that takes an arbitrary amount of input data and produces a fixed-size output string, called a hash, digest, or checksum. The same input always produces the same output, but even the tiniest change to the input—flipping a single bit—produces a completely different hash.

Hash functions are one-way: given a hash value, there is no practical way to reverse-engineer the original input. This property, combined with collision resistance (the difficulty of finding two different inputs that produce the same hash), makes cryptographic hashes essential to modern security infrastructure.

Hash functions are used everywhere: verifying file integrity after downloads, storing passwords securely, creating digital signatures, building blockchain ledgers, and ensuring data hasn't been tampered with in transit. If you've ever seen a string of hexadecimal characters next to a software download link, that's a hash.

A cryptographic hash function must satisfy several critical properties to be considered secure:

Deterministic. The same input always produces the exact same output. This is what allows you to verify data integrity—hash the data again and compare.

Fixed-length output. Regardless of whether the input is 1 byte or 1 terabyte, the output is always the same length. SHA-256 always produces 256 bits (64 hex characters), and SHA-512 always produces 512 bits (128 hex characters).

Collision resistant. It should be computationally infeasible to find two different inputs that produce the same hash. For SHA-256, the probability of an accidental collision is approximately 1 in 2¹²⁸, a number so large it's practically zero.

Pre-image resistant (one-way). Given a hash output, it should be infeasible to determine the original input. This is what makes hashes suitable for password storage—even if the hash database is breached, attackers cannot reverse the hashes to recover passwords.

Avalanche effect. A tiny change in the input (even a single bit) should cause a drastic, unpredictable change in the output. This prevents attackers from gradually "zeroing in" on the input by observing how the hash changes.

Both SHA-256 and SHA-512 belong to the SHA-2 (Secure Hash Algorithm 2) family, designed by the NSA and published by NIST. They share the same underlying Merkle–Damgård construction but differ in internal parameters:

SHA-256 operates on 32-bit words, uses 64 rounds of compression, and produces a 256-bit (32-byte) digest. It's the most widely used hash algorithm today, employed in TLS certificates, Bitcoin mining, Git commit hashes, and most general-purpose integrity checks.

SHA-512 operates on 64-bit words, uses 80 rounds, and produces a 512-bit (64-byte) digest. On 64-bit processors, SHA-512 is often faster than SHA-256 because it processes data in larger chunks that align with the CPU's native word size. It's preferred when you need a longer hash or extra security margin.

For most applications, SHA-256 provides more than sufficient security. SHA-512 is a good choice when working on 64-bit systems where its speed advantage matters, or when your security policy mandates the longest available hash.

File integrity verification. Software distributors publish SHA-256 checksums alongside downloads. After downloading, you hash the file locally and compare—if the hashes match, the file wasn't corrupted or tampered with during transfer.

Password storage. Storing passwords in plain text is a catastrophic security risk. Instead, applications store the hash of the password. When a user logs in, the application hashes the submitted password and compares it to the stored hash. The actual password is never stored.

Digital signatures. Rather than signing an entire large document, digital signature algorithms (RSA, ECDSA, EdDSA) hash the document first and sign the hash. This is faster and produces a fixed-size signature regardless of document length.

Blockchain and cryptocurrency. Bitcoin and most blockchains rely on SHA-256 for mining (proof-of-work), linking blocks together, and creating Merkle trees that efficiently verify transaction integrity.

Data deduplication. Cloud storage and backup systems hash file blocks to detect duplicates. If two blocks produce the same hash, they're (almost certainly) identical, and only one copy needs to be stored.

MD5 (128-bit output) was one of the most popular hash functions for decades, but practical collision attacks were demonstrated in 2004. Researchers showed they could create two different files with the same MD5 hash in seconds. Today, MD5 should never be used for security purposes—only for non-security checksums where collision attacks aren't a concern (e.g., cache keys).

SHA-1 (160-bit output) was the de facto standard before SHA-2. In 2017, Google's SHAttered project demonstrated the first practical SHA-1 collision by producing two different PDF files with identical SHA-1 hashes. Major browsers and certificate authorities have since stopped trusting SHA-1 certificates, and Git is migrating away from SHA-1 to SHA-256.

The lesson: cryptographic security erodes over time as computing power increases and new attack techniques emerge. Always use current, recommended algorithms. Today that means SHA-256 or SHA-512 for general hashing, and specialized algorithms like Argon2 or bcrypt for password hashing.

Salting. A salt is a random value added to a password before hashing. Without salting, identical passwords produce identical hashes, which allows attackers to use precomputed rainbow tables to crack them en masse. With a unique salt per user, even identical passwords produce different hashes, forcing attackers to crack each one individually.

For password storage, don't use plain SHA-256. Use a purpose-built password hashing function like Argon2, bcrypt, or scrypt. These algorithms are intentionally slow (configurable work factor) to make brute-force attacks impractical, and they handle salting automatically.

HMAC (Hash-based Message Authentication Code) combines a hash function with a secret key to provide both integrity and authenticity. HMAC-SHA256 is widely used for API request signing (AWS Signature V4, Stripe webhooks), JWT signatures, and message authentication in TLS.

The key difference: a plain hash verifies integrity (the data hasn't changed), while an HMAC verifies both integrity and authenticity (the data came from someone who knows the secret key).

Hashing is one piece of the cryptography and encoding puzzle. These tools handle related tasks:

• Password Generator — Generate strong, random passwords that resist brute-force and dictionary attacks even when hashed.
• Base64 Encode/Decode — Encode binary hash digests into text-safe Base64 format for transport in JSON, headers, or URLs.