Hash Generator
Complete Hash Functions Guide
1. What are Hash Functions
Hash functions are one-way functions that convert arbitrary-size data into fixed-size values. They have the avalanche effect where even a slight change in input produces a completely different hash, and the same input always produces the same output. MD5 generates 128-bit, SHA-1 generates 160-bit, and SHA-256 generates 256-bit hashes. Since hashes are one-way functions that cannot be decrypted, they are ideal for verifying integrity while hiding original data. Widely used in file download verification, password storage, blockchain, digital signatures, and more.
2. MD5 vs SHA Algorithm Comparison
MD5 is a 128-bit hash developed in 1991, very fast but vulnerable to collision attacks. Serious security vulnerabilities discovered in 2004 make it unsuitable for cryptographic purposes, only used for file checksums. SHA-1 is a 160-bit hash safer than MD5, but Google's 2017 announcement of actual collision cases led to its discontinuation. SHA-256 is from the SHA-2 family, generating 256-bit hashes and currently the most widely used standard. Bitcoin also uses SHA-256. SHA-512 provides higher security with 512 bits but is slower. New systems should use SHA-256 or higher.
3. Hash Security and Vulnerabilities
Hash functions have three main security requirements. First, preimage resistance: it should be difficult to find the original from the hash value. Second, second preimage resistance: it should be difficult to find another input that produces the same hash. Third, collision resistance: it should be difficult to find two different inputs that produce the same hash. MD5 and SHA-1 have broken collision resistance, allowing attackers to intentionally create the same hash. Rainbow table attacks use pre-computed hash tables for reverse tracking, but adding salt can defend against this.
4. File Integrity Verification
File hashes are the most effective way to verify downloaded files haven't been tampered with. Software distribution sites provide official hash values with files. Users calculate the file hash after download and compare it with the official value. Even a single bit difference produces a completely different hash, immediately detecting tampering. Essential for Linux ISO images, open-source software, blockchain transactions, etc. Git also generates SHA-1 hashes for each commit to ensure code integrity. Hash can detect damage from network errors during large file transfers.
5. Password Hashing Best Practices
Never store passwords in plain text in databases. They should be converted to hashes, but simple MD5 or SHA-256 is inadequate. They are vulnerable to rainbow table attacks. You must add salt. Salt is a random string added to the password, making the same password produce different hashes. Furthermore, use slow hash functions like bcrypt, scrypt, or Argon2. These intentionally slow down computation to make brute force attacks difficult. OWASP recommends Argon2 as the top priority for password hashing.
6. Rainbow Tables and Salt
Rainbow tables are massive databases of pre-computed hash values. They store hashes of millions of common passwords in advance and match them against stolen hashes to find original passwords. For example, MD5 of "password123" is always "482c811da5d5b4bc6d497ffa98491e38", so it can be found immediately in the table. Salt defends against this. Adding a unique random string for each user makes the same password produce different hashes. Hashing "password123" + "x8k2m9" produces a value not in rainbow tables. Salt can be stored in plain text in the DB, and each password must use a different salt to be effective.