CryptographyMedium
Hashing
A one-way cryptographic function that transforms data into a fixed-length string for integrity verification and secure storage
Skill Paths:
Cryptography FundamentalsData ProtectionSecure DevelopmentSecurity Fundamentals
Job Paths:
CryptographerSecurity EngineerApplication Security EngineerDevSecOps Engineer
Relevant Certifications:
CISSPCompTIA Security+CEHSANS GSEC
Content
What is Hashing?
Hashing is a one-way cryptographic function that transforms input data of any size into a fixed-size string, called a hash or digest. Unlike encryption, hashing is irreversible - you cannot retrieve the original data from the hash value.
Key Properties
- Deterministic – Same input always produces the same output
- Irreversible – Cannot derive original data from the hash
- Collision-resistant – Extremely difficult to find two inputs that produce the same hash
- Avalanche Effect – Small changes in input produce completely different outputs
Common Hash Functions
- SHA-256 – Widely used, 256-bit output
- SHA-3 – Latest SHA standard, more secure
- BLAKE2 – Fast and secure alternative
- bcrypt – Specifically designed for password hashing
- Argon2 – Winner of password hashing competition
Applications
- Password Storage – Store hashed passwords, not plaintext
- Data Integrity – Verify files haven't been tampered with
- Digital Signatures – Part of the signing process
- Blockchain – Used in cryptocurrency and distributed ledgers
Best Practices
- Use strong, modern algorithms (SHA-256, SHA-3, BLAKE2)
- Always salt passwords before hashing
- Avoid deprecated algorithms (MD5, SHA-1)
- Don't use hashing for encryption - it's not reversible
- Use specialized functions like bcrypt for password hashing
Quick Facts
Severity Level
7/10
Output
Fixed-length digest
Common Use
Password storage, data verification
Popular Algorithms
SHA-256, SHA-3, BLAKE2
Example
File download page includes SHA-256 hash for verification
Related Terms