Hash-Generator

Generieren Sie SHA-Hashes für Text und Dateien zur Integritätsprüfung

What Are Cryptographic Hash Functions?

A cryptographic hash function is a one-way mathematical algorithm that transforms arbitrary-length input data into a fixed-length output called a digest (or hash). The process is deterministic — the same input always produces the same output — yet practically irreversible: given only the digest, there is no computationally feasible way to reconstruct the original input. This one-way property is what distinguishes hash functions from encryption, which is designed to be reversed with a key. Hash functions serve as digital fingerprints, enabling integrity verification, password storage, digital signatures, and content-addressable storage systems.

The SHA Algorithm Family

The Secure Hash Algorithm (SHA) family, published by NIST in FIPS 180-4, defines the most widely deployed cryptographic hash functions in use today. This tool supports four members of the family:

  • SHA-1 (160-bit digest): Produces a 40-character hex string. Once the standard for TLS certificates and Git commits, SHA-1 is now considered cryptographically broken — Google demonstrated a practical collision in 2017 (SHAttered). Use only for legacy compatibility and non-security contexts like content addressing in Git.
  • SHA-256 (256-bit digest): The default choice for most modern applications. Used in TLS 1.3, Bitcoin proof-of-work, AWS request signing (Signature Version 4), Docker content-addressable storage, and Subresource Integrity (SRI) attributes in HTML.
  • SHA-384 (384-bit digest): A truncated variant of SHA-512 that provides a higher security margin. Preferred in government and financial systems that require 192-bit security strength per NIST SP 800-57 guidelines.
  • SHA-512 (512-bit digest): Produces a 128-character hex string. Faster than SHA-256 on 64-bit processors because it operates on 64-bit words internally. Used in SSH fingerprints, Ed25519 signatures, and high-assurance document signing.

All SHA-2 variants (SHA-256, SHA-384, SHA-512) share the same Merkle-Damgård construction and remain secure with no practical collision attacks as of 2024. The choice between them depends on the required security margin and performance characteristics of the target platform.

Key Properties: Collision Resistance and Avalanche Effect

Cryptographic hash functions are defined by three security properties that make them suitable for integrity verification and authentication protocols:

  • Pre-image resistance (one-way): Given a hash value h, it is computationally infeasible to find any input m such that hash(m) = h. This property ensures that hashes cannot be reversed to recover the original data, making them safe for password storage and commitment schemes.
  • Second pre-image resistance: Given an input m1, it is infeasible to find a different input m2 that produces the same hash. This prevents attackers from substituting a malicious file that matches a known-good hash.
  • Collision resistance: It is infeasible to find any two distinct inputs m1 and m2 where hash(m1) = hash(m2). For SHA-256, finding a collision requires approximately 2128 operations (birthday attack bound), which is beyond the reach of any current or foreseeable computing technology.

The avalanche effect is an additional desirable property: changing a single bit in the input produces a completely different digest with approximately 50% of output bits flipped. For example, hashing "hello" and "hellp" with SHA-256 produces entirely unrelated outputs, making it impossible to infer relationships between similar inputs from their hashes. This property prevents differential analysis attacks and ensures uniform distribution of hash values across the output space.

Hash Use Cases: Integrity and Fingerprinting

Developers encounter cryptographic hashes across nearly every layer of the software stack:

  • File integrity verification: Package managers (npm, pip, cargo) store SHA-256 checksums in lockfiles. Downloading a package and comparing its hash against the lockfile detects tampering or corruption during transfer.
  • Subresource Integrity (SRI): HTML <script> and <link> tags can include an integrity attribute with a Base64-encoded SHA-256/384/512 hash. Browsers refuse to execute the resource if the hash does not match, preventing CDN compromises from injecting malicious code.
  • Content-addressable storage: Git uses SHA-1 (migrating to SHA-256) to address every blob, tree, and commit. Docker uses SHA-256 digests to identify layers. This model guarantees that identical content always maps to the same identifier.
  • API request signing: AWS Signature Version 4 hashes the request body with SHA-256 before signing, ensuring that the payload cannot be modified in transit without invalidating the signature.
  • Password hashing: While raw SHA-256 is too fast for password storage (vulnerable to brute force), it serves as the underlying primitive in dedicated password hashing algorithms like PBKDF2-SHA256 which apply key stretching via many iterations.

Hash Functions vs Encryption

A common misconception is that hashing and encryption serve the same purpose. They are fundamentally different operations with different guarantees:

  • Hashing is one-way: There is no key, no decryption, and no way to recover the original input from the digest. The output is always a fixed length regardless of input size.
  • Encryption is two-way: A key is used to transform plaintext into ciphertext, and the same (or a paired) key reverses the operation. The output length grows with the input.

Use hashing when you need to verify that data has not been altered (integrity) without needing to recover the original. Use encryption when you need to protect confidentiality while preserving the ability to read the data later. These two primitives are often combined — for example, TLS uses encryption for confidentiality and HMAC (hash-based message authentication code) for integrity.

Code Examples

Hashing text with the Web Crypto API (SubtleCrypto.digest)

// Hash a string using SHA-256 via the Web Crypto API
async function sha256(message) {
  // Encode the string as UTF-8 bytes
  const msgBuffer = new TextEncoder().encode(message);

  // Compute the hash using SubtleCrypto.digest()
  const hashBuffer = await crypto.subtle.digest('SHA-256', msgBuffer);

  // Convert the ArrayBuffer to a hex string
  const hashArray = Array.from(new Uint8Array(hashBuffer));
  const hashHex = hashArray
    .map(byte => byte.toString(16).padStart(2, '0'))
    .join('');

  return hashHex;
}

// Usage — works in browsers and Node.js 18+
const digest = await sha256('Hello, world!');
// → "315f5bdb76d078c43b8ac0064e4a0164612b1fce77c869345bfc94c75894edd3"

// Other algorithms: 'SHA-1', 'SHA-384', 'SHA-512'
const sha512Digest = await crypto.subtle.digest(
  'SHA-512',
  new TextEncoder().encode('Hello, world!')
);

Verifying file integrity with SRI hashes

<!-- Subresource Integrity: browser verifies the hash before executing -->
<script
  src="https://cdn.example.com/library@3.2.1/lib.min.js"
  integrity="sha384-oqVuAfXRKap7fdgcCY5uykM6+R9GqQ8K/uxy9rx7HNQlGYl1kPzQho1wx4JwY8w"
  crossorigin="anonymous">
</script>

<!-- Generate SRI hash: openssl dgst -sha384 -binary lib.min.js | openssl base64 -A -->

Standards & Specifications

Häufig Gestellte Fragen

What is a hash?

A hash is a fixed-size string generated from input data using a cryptographic algorithm. The same input always produces the same hash, but even a tiny change in input creates a completely different hash. Hashes are one-way—you can't reverse them to get the original data.

Which hash algorithm should I use?

For security purposes, use SHA-256 or higher (SHA-384, SHA-512). SHA-1 is considered weak and should be avoided for security. For checksums and non-security uses, any algorithm works, but SHA-256 is a good default choice.

Can I use hashes for passwords?

While hashing is part of password security, simple hashing isn't enough. Passwords should use specialized algorithms like bcrypt, scrypt, or Argon2 that include salting and are designed to be slow. Never use plain SHA hashes for passwords.

Is my data sent to a server?

No, all hash generation happens in your browser using the Web Crypto API. Your data never leaves your device. This ensures complete privacy and security for sensitive information.