Cryptographic Hash

Also known as: Hash function, Digest, Message digest, Checksum

A cryptographic hash function takes any input and produces a fixed-length pseudo-random output (the 'digest') that uniquely identifies the input — and is computationally infeasible to reverse, making hashes the foundation of integrity checks, content addressing, and password storage.

Overview

Common cryptographic hash functions include SHA-256 (256-bit output), SHA-384, SHA-512, and the legacy SHA-1 and MD5. Two cryptographic properties matter:

1. Preimage resistance: given a hash, it is computationally infeasible to find an input that produces it. 2. Collision resistance: it is computationally infeasible to find two different inputs that hash to the same output.

MD5 and SHA-1 are broken against the second property — practical collision attacks exist — so they are unsafe for any security purpose. SHA-256 is the safe default for general-purpose use.

For password storage, a plain cryptographic hash is not enough. Use a purpose-built password hashing function (Argon2, bcrypt, scrypt) that includes a salt and is deliberately slow.

Common questions about Cryptographic Hash

Is hashing the same as encryption?

No. Encryption is reversible with the right key; hashing is intentionally one-way. There is no 'decrypt' for a hash.

Should I use MD5?

Not for anything security-sensitive. Practical MD5 collision attacks have existed since 2004. Use MD5 only for legacy interoperability or as a non-cryptographic checksum.

What's a salt?

A salt is a random value added to the input before hashing a password. It prevents attackers from using precomputed rainbow tables and forces them to compute hashes per-user. Always use a unique salt per password.

Tools that work with Cryptographic Hash

Hash Generator

Compute SHA-256, SHA-1, SHA-512 and MD5 hashes in the browser.

Password Generator

Generate strong, cryptographically random passwords offline.

UUID Generator

Generate cryptographically random UUIDs (v4) in bulk.

UUID
A UUID (Universally Unique Identifier) is a 128-bit value, usually written as 32 hex digits in the canonical 8-4-4-4-12 grouping (e.g. '550e8400-e29b-41d4-a716-446655440000'), used as a globally unique ID that any computer can generate without coordination.