Hash Generator

A cryptographic hash function converts data of any size into a fixed-length string of bits called a hash or digest. The same input always produces the same output, but the original data cannot be recovered from the hash alone (one-way property). Even a single-character change in the input produces a completely different hash — a property known as the avalanche effect. These characteristics make hash functions essential for data integrity verification, secure password storage, digital signatures, and many other security applications.

Algorithm Comparison and Use Cases

MD5 produces a 128-bit hash and is fast, but collision attacks have been demonstrated so it should not be used for security purposes. It remains useful for checksums, cache keys, and non-security deduplication. SHA-1 produces a 160-bit hash and is now deprecated for security use, though Git still uses it internally. SHA-256, part of the SHA-2 family, is the current standard for most security applications — TLS certificates, JWTs, and blockchains all rely on it. SHA-512 offers higher collision resistance with a 512-bit output and is used where maximum security is required.

HMAC (Keyed Hash)

HMAC (Hash-based Message Authentication Code) combines a secret key with a hash function to produce a message authentication code. Unlike a plain hash, HMAC verifies both data integrity and the identity of the sender (since only parties with the secret key can produce a valid HMAC). It is widely used for API request signing (AWS Signature v4, GitHub Webhook signatures), JWT verification, and secure cookie generation.

Common Use Cases

Verify downloaded file integrity against a published SHA-256 checksum, validate API webhook signatures using HMAC-SHA256, check how a password is stored in a database hash, detect changes to database records, and learn how Git commit hashes work. Hash generation is a fundamental skill for security engineering, DevOps, backend web development, and security compliance workflows.