What Is a Hash Function? SHA-256, MD5, and Why It Matters
A hash function takes any piece of data — a password, a file, an entire movie — and produces a short, fixed-length string of characters called a hash or digest. It's a one-way fingerprint: easy to compute forward, practically impossible to reverse. Hashing is the quiet engine behind password storage, file integrity, digital signatures, and blockchain.
Hashing vs. Encryption: A Critical Distinction
Before going further, it's essential to separate hashing from encryption. They are fundamentally different operations used for different purposes, and confusing the two causes real security failures.
Encryption is a two-way process. You encrypt data with a key, and you can decrypt it back to the original with the appropriate key. The purpose is to keep data confidential while allowing authorized parties to read it later.
Hashing is a one-way process. You run data through a hash function and get a fixed-size output — the hash. There is no key, and there is no official way to reverse the process. The purpose is verification, not confidentiality. You can confirm that two pieces of data are identical by checking if their hashes match, without needing to see the original data at all.
A classic mistake developers make is "encrypting" passwords. Encryption implies there is a key that could unlock those passwords — meaning someone who obtains both the encrypted database and the key can read every user's password in plain text. Proper password storage uses hashing, not encryption.
Four Core Properties of Cryptographic Hash Functions
Not every function that produces a fixed-length output is a good cryptographic hash function. The ones used in security must satisfy four properties:
- Deterministic: The same input always produces the same output. Hash("hello") will always be the same string, regardless of when or where you compute it.
- One-way (preimage resistance): Given a hash output, it should be computationally infeasible to find any input that produces that output. You cannot reverse a hash.
- Collision resistance: It should be practically impossible to find two different inputs that produce the same hash output. If an attacker can craft a document that hashes to the same value as a legitimate signed document, they can forge signatures.
- Avalanche effect: A tiny change in the input — even one bit — should produce a completely different hash output. Change "hello" to "Hello" and the SHA-256 hash is entirely different.
SHA-256: The Current Gold Standard
SHA-256 (Secure Hash Algorithm 256-bit) is part of the SHA-2 family, designed by the NSA and published by NIST in 2001. It takes any input and produces a 256-bit (32-byte) output, typically displayed as 64 hexadecimal characters.
SHA-256("hello") = 2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824
SHA-256 is used everywhere: Bitcoin uses it to secure its blockchain and mining process. HTTPS certificates use it to create digital signatures. Software vendors publish SHA-256 hashes of their installers so you can verify the download hasn't been tampered with. Password hashing libraries like bcrypt often use SHA-2 internally as a component.
As of 2025, SHA-256 has no known practical vulnerabilities. No collisions have been found, and brute-force reversal is computationally impossible for any meaningful input.
MD5: Broken, But Still Everywhere
MD5 (Message-Digest Algorithm 5) was designed in 1991 and produces a 128-bit (16-byte) hash, displayed as 32 hexadecimal characters. For years it was the dominant hash algorithm, and its fingerprints are still all over legacy systems.
The problem: MD5 is cryptographically broken. Researchers demonstrated practical collision attacks as early as 2004. By 2008, researchers showed they could forge SSL certificates by exploiting MD5 collisions. By 2012, the Flame malware used MD5 collisions to forge a Microsoft code-signing certificate.
Finding two inputs that produce the same MD5 hash can be done in seconds on modern hardware. This completely destroys collision resistance, which is the property that makes hash-based verification trustworthy.
MD5 should never be used for any security-sensitive purpose. It is acceptable for non-security checksums (checking if a file transferred without corruption, where an attacker is not involved), but even then SHA-256 is preferable because it costs nothing extra.
SHA-1: Also Deprecated
SHA-1 produces a 160-bit hash and was widely used until 2017, when Google's Project Zero team demonstrated the first practical SHA-1 collision (the "SHAttered" attack). Major browsers stopped accepting SHA-1 TLS certificates in 2017, and software signing gradually moved away from it. Like MD5, SHA-1 is now considered broken for security purposes. Use SHA-256 or SHA-3 instead.
Real-World Uses of Hash Functions
Password Storage
Websites should never store your password in plain text. Instead, when you create a password, the server hashes it and stores only the hash. When you log in, the server hashes what you type and compares it to the stored hash. If they match, you're authenticated — and the server never needed to store or know your actual password.
Modern password hashing uses algorithms specifically designed to be slow, like bcrypt, Argon2, or scrypt. These are built on top of cryptographic hash functions but intentionally add computational cost to slow down attackers running millions of guesses per second.
File Integrity Verification
When you download software, the developer often publishes a SHA-256 hash of the file. After downloading, you run the same hash function on the file you received. If the hash matches, the file is identical to what the developer published — bit for bit. If someone tampered with the file in transit, the hash will not match.
Digital Signatures
Digital signatures combine hashing with asymmetric encryption. When you sign a document, your software hashes the document and then encrypts that hash with your private key. Anyone with your public key can decrypt the hash and compare it to a fresh hash of the document. If they match, the document is authentic and unmodified. Hashing makes this efficient: you only need to encrypt a 256-bit hash, not an entire document.
Blockchain and Cryptocurrency
Bitcoin and most other blockchains use SHA-256 extensively. Each block in the chain includes the hash of the previous block, creating a chain where altering any historical block changes all subsequent hashes, making tampering instantly detectable. Bitcoin's proof-of-work mining is essentially a competition to find an input that produces a SHA-256 hash with a specific number of leading zeros.
Rainbow Tables and Why Salting Matters
If you know the hash of "password123", you can pre-compute hashes for millions of common passwords and look them up in a table — a rainbow table. This lets attackers crack unsalted password hashes almost instantly, even without reversing the hash function.
The defense is salting: before hashing, a random unique value (the salt) is appended to each password. Even if two users have the same password, their hashes are completely different because their salts are different. Rainbow tables become useless because they would need to be recomputed for every possible salt value.
Proper password hashing functions like bcrypt and Argon2 handle salting automatically — which is another reason to use them instead of raw SHA-256 for passwords.
Generate a Hash
Try GlintKit's hash generator to compute SHA-256, MD5, SHA-1, and other hashes for any text or file instantly in your browser.
The Bottom Line
Hash functions are one of the most fundamental tools in computer security, used invisibly in almost every secure system you interact with daily. SHA-256 is the current standard for most applications and has no known practical weaknesses. MD5 and SHA-1 are broken and should not be used for security-sensitive tasks. Understanding the difference between hashing and encryption — and knowing when to use each — is essential for anyone building or evaluating secure systems.