Hash

A hash is the output of a hash function that converts any input data (text, file, password, string, binary object) into a fixed sequence of characters. Hashing is used for verifying data integrity, securely storing passwords, enabling digital signatures, supporting distributed systems, and powering many network and server mechanisms.

A key property of a hash is the impossibility of reconstructing the original data from the resulting value, as well as high sensitivity to any changes in the input: even a one-character modification completely changes the output.

How a hash function works

A hash function accepts a message of variable length and processes it block by block using mathematical and logical operations. The result is a hash of fixed size. For example, SHA-256 always produces a 256-bit (64-character) hash regardless of the size of the original data.

Hashing is irreversible: the function is not designed for backward transformation. It is also computationally infeasible to find another input that produces the same hash (the collision problem) if the function is considered cryptographically secure.

Cyber Security Services

Key properties of hashes

Determinism. The same input always produces the same output.
Sensitivity to changes. A minimal modification of the input radically changes the hash.
Irreversibility. It is impossible to restore the original data from a hash.
Collision resistance. Two different messages should not result in the same hash.
High performance. Algorithms are optimized for fast computation.

Types of hash functions

Cryptographic. Used for security: SHA-2, SHA-3, BLAKE2, Whirlpool. They are resistant to brute force and collisions.
Non-cryptographic. Used for data indexing, hash tables, distributed computing: CRC32, MurmurHash, CityHash. They are fast but unsuitable for protecting sensitive information.
Salted hashes. A password is combined with a random string (salt) before hashing. This protects against dictionary attacks and rainbow tables.

Where hashing is used

Hashes are used in operating systems, network protocols, databases, blockchains, cloud services, logging systems, and DevOps tools.

For example:

when registering a user password, the system stores only the hash and not the password itself;
in digital signatures, a hash is used to verify the integrity of a message;
Git stores file versions using their hashes;
a blockchain links blocks together via the hash of the previous block;
CDNs and browsers check whether a file has changed by comparing its hash;
hash tables use hashes for fast data lookup.

Benefits

Hashing provides data security without storing originals, speeds up lookup and integrity verification, reduces infrastructure load, and increases system reliability. It prevents unauthorized recovery of original information, and collision resistance protects against tampering.

FAQ

Can data be recovered from a hash?

No. Hash functions are designed to be irreversible, so restoring the original message is impossible.

How is a hash different from encryption?

Encryption can be decrypted with a key; hashing does not support reverse transformation.

What is a salt in hashing?

A salt is a random string added to a password before hashing to protect against brute-force and rainbow-table attacks.

Why do different algorithms produce hashes of different lengths?

Output length depends on the algorithm: SHA-1 is 160 bits, SHA-256 is 256 bits, SHA-3-512 is 512 bits.

Can MD5 be used?

MD5 and SHA-1 are considered insecure due to discovered collisions and are not recommended for critical systems.

🠔 Back to glossary