← Lessons

quiz vs the machine

Silver1110

Security

The Hashing SHA Family

How one way hash functions fingerprint data and why SHA-1 fell while SHA-256 stands.

4 min read · intro · beat Silver to climb

What a Hash Is

A cryptographic hash maps any input to a fixed size fingerprint. The same input always gives the same output, but the function is one way: you cannot reverse the digest back to the input.

Required Properties

  • Preimage resistance: given a digest, you cannot find an input that produces it.
  • Collision resistance: you cannot find two different inputs with the same digest.
  • A tiny change in input flips the output unpredictably.

The SHA Family

The Secure Hash Algorithm family has several generations. SHA-1 produces a 160 bit digest but is now broken, as researchers found practical collisions. The SHA-2 family, including SHA-256, remains strong and widely used. SHA-3 is a newer design built on different internals as a backup.

What Hashes Do Not Do

A bare hash is not a secret keeper and not suited to passwords on its own, because it is fast and unsalted. For integrity with a key you use a keyed construction instead.

Key idea

A cryptographic hash is a one way, collision resistant fingerprint of any input, and within the SHA family SHA-1 is broken while SHA-256 and SHA-3 remain trusted for verifying integrity.

Check yourself

Answer to earn rating on the learn ladder.

1. What does one way mean for a hash function?

2. Which SHA member is now considered broken?

3. Why is a bare hash poor for storing passwords?