What is a cryptographic hash function
A cryptographic hash function takes an input of arbitrary size and produces a fixed-size output (the hash or digest). SHA-256 produces a 256-bit (32-byte) output, represented as 64 hexadecimal characters. The function is deterministic (same input → same output), one-way (computationally infeasible to reverse), and avalanche-sensitive (a 1-bit change in input completely changes the output).
Fundamental properties
- Determinism: same input always produces the same hash
- One-way: given the hash, finding the input is computationally infeasible
- Avalanche effect: a single bit change in input changes ~50% of output bits
- Collision resistance: extremely difficult to find two different inputs with the same hash
SHA-256 vs MD5
MD5 produces 128-bit hashes and was found to be vulnerable to collision attacks in 2004 — two different files can have the same MD5 hash. SHA-1 (160-bit) was similarly compromised in 2017 (SHAttered attack). SHA-256 is still considered secure for all current practical purposes and is part of the SHA-2 family standardised by NIST.
Main use cases
- File integrity: verifying a downloaded file has not been tampered with (checksum)
- Digital signatures: hash the document, then sign the hash (DSA, RSA, ECDSA)
- SSL/TLS certificates: SHA-256 is used for certificate signatures
- Blockchain: Bitcoin and Ethereum use SHA-256 / Keccak-256 for block hashing
- HMAC: Hash-based Message Authentication Code for request authentication (AWS, GitHub webhooks)
Hash for passwords: do not use raw SHA-256
SHA-256 is too fast to hash passwords: an attacker with a modern GPU can try billions of hashes per second (brute force / rainbow table). For passwords always use slow, salted algorithms: bcrypt (work factor ≥ 12), Argon2id, or scrypt. These are specifically designed to make brute force economically impractical.