Hash Functions
A cryptographic hash function is a deterministic, one-way function that maps arbitrary input to a fixed-length output (the digest).
Required properties
- Deterministic — same input, same output.
- Pre-image resistance — given a digest, infeasible to find any input that produces it.
- Second pre-image resistance — given an input, infeasible to find a different input with the same digest.
- Collision resistance — infeasible to find any two inputs with the same digest.
- Avalanche — small input changes produce large output changes.
Current landscape
| Function | Output | Status | Where used |
|---|---|---|---|
| MD5 | 128 | Broken (collisions) | Legacy checksums only — never security. |
| SHA-1 | 160 | Broken (collisions, 2017) | Old Git history; do not use for new work. |
| SHA-256 | 256 | Secure | TLS certificates, Git (new), Bitcoin, JWT. |
| SHA-384 / SHA-512 | 384 / 512 | Secure | Higher-bit security profiles; 64-bit-optimized. |
| SHA-3 (Keccak) | 224–512 | Secure | NIST-standardized alternative; different design. |
| BLAKE2 / BLAKE3 | any | Secure | Very fast software hash, parallel-friendly. |
Use the right tool
| Task | Use |
|---|---|
| Integrity / content addressing | SHA-256, BLAKE3 |
| Digital signatures (input) | SHA-256+ |
| Message authentication | HMAC-SHA-256, BLAKE2/3 keyed |
| Password storage | Argon2id, scrypt, bcrypt — not SHA |
| Key derivation | HKDF-SHA-256, PBKDF2 (legacy) |
| Random ID | UUIDv4 — not a hash at all |
!
Don't store passwords with bare SHA. SHA functions are fast — modern GPUs can compute billions of SHA-256 hashes per second. Password storage needs a deliberately slow, memory-hard function: Argon2id (preferred), scrypt, or bcrypt, always with a per-user salt.