What is cryptographic hashing?
A cryptographic hash function takes an input of any length — a single character, a gigabyte file, an entire database — and produces a fixed-size output called a digest or hash. The function has three critical properties:
- Deterministic — the same input always produces the same output, every time, on every machine.
- One-way — given a hash, it is computationally infeasible to reconstruct the original input. There is no "reverse hash" operation.
- Fixed output size — no matter how long or short your input, SHA-256 always produces a 64-character hex string. SHA-512 always produces 128 characters.
The avalanche effect
Changing even a single character in the input produces a completely different hash — this is called the avalanche effect. There is no correlation between similar inputs and their outputs:
SHA-256("hello")
= 2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824
SHA-256("Hello") ← only the 'h' changed to 'H'
= 185f8db32921bd46d35c2020c68b1e7ccfab6c7b70eb8c2c4c6cef3889d6d5a9These two hashes share no visible similarity despite the inputs differing by one bit. This property is what makes hashes useful as fingerprints — any modification to the input, no matter how small, produces a detectably different output.
Algorithm comparison
| Algorithm | Output length | Speed | Security | Recommended use |
|---|---|---|---|---|
| MD5 | 128 bits (32 hex) | Very fast | Broken (collisions known) | Checksums, cache keys (non-security) |
| SHA-1 | 160 bits (40 hex) | Fast | Broken (collisions demonstrated) | Legacy systems only; Git commit IDs |
| SHA-256 | 256 bits (64 hex) | Fast | Strong | File integrity, digital signatures, APIs |
| SHA-384 | 384 bits (96 hex) | Fast | Strong | TLS certificates, compliance contexts |
| SHA-512 | 512 bits (128 hex) | Fast | Strong | High-security checksums, archival |
Common use cases
File integrity verification
Software publishers compute a SHA-256 hash of their release files and publish it alongside the download. After downloading, you compute the hash locally and compare. If they match, the file is authentic and unmodified. This catches both corruption during download and tampering by a compromised mirror.
# Verify a file on macOS
shasum -a 256 downloaded-file.dmg
# Verify on Linux
sha256sum downloaded-file.tar.gz
# Verify on Windows (PowerShell)
Get-FileHash downloaded-file.exe -Algorithm SHA256API request signing
Many APIs use HMAC-SHA256 to sign requests: the client combines the request data with a secret key, hashes the result, and includes the hash in the request header. The server recomputes the hash and rejects requests where the signature does not match — proving the request came from a client with the secret key and that the body was not modified in transit.
Git commit IDs
Every Git commit, tree, blob, and tag is identified by its SHA-1 hash (Git is migrating to SHA-256 in newer versions). The hash is computed from the object's contents, which means the identifier changes if the content changes — guaranteeing that identical IDs mean identical content.
What about passwords?
Raw SHA hashes — even SHA-512 — are not suitable for storing passwords. These algorithms are designed to be fast, which is exactly the wrong property for password storage. A modern GPU can compute billions of SHA-256 hashes per second, making brute-force attacks practical against a stolen hash database.
For passwords, use a purpose-built slow hash: bcrypt, scrypt, or Argon2id. These include a built-in salt, have tunable cost parameters, and are designed to be computationally expensive. Most modern web frameworks have bcrypt or Argon2 support built in.
What is a hash collision?
A collision occurs when two different inputs produce the same hash output. In theory, collisions must exist for any hash function because the output space is finite (there are only 2256 possible SHA-256 hashes) while the input space is infinite. In practice, a good hash function makes collisions computationally infeasible to find.
MD5 and SHA-1 are considered broken because researchers have demonstrated practical collision attacks — it is possible to craft two different files that produce the same MD5 or SHA-1 hash. This matters for digital signatures (an attacker could substitute a malicious file with the same hash) but not for checksums where you control both files. For any new security-sensitive work, use SHA-256 or higher.
Privacy
All hashing is performed locally in your browser using the crypto-js library. Your input text never leaves your device.