SHA-256 Hashing Guide: How Cryptographic Hash Functions Work
Learn how SHA-256 works, what makes cryptographic hash functions secure, common use cases, and how SHA-256 compares to MD5 and SHA-1.
SHA-256 Hashing Guide: How Cryptographic Hash Functions Work
SHA-256 is everywhere in modern computing: Git commits, TLS certificates, password storage, blockchain, file integrity verification. Understanding how cryptographic hash functions work — and why SHA-256 is still trusted while MD5 is not — is foundational knowledge for any developer working with security.
What Is a Cryptographic Hash Function?
A hash function maps input data of any size to a fixed-size output (the hash or digest). For a cryptographic hash function, four properties must hold:
- Deterministic: The same input always produces the same output.
- One-way (pre-image resistance): Given a hash, it should be computationally infeasible to find the input.
- Collision resistance: It should be computationally infeasible to find two different inputs that produce the same hash.
- Avalanche effect: A small change in the input (even one bit) produces a completely different hash.
SHA-256("hello") = 2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824
SHA-256("hello.") = 5a4f2a...completely different
SHA-256: Structure and Output
SHA-256 is part of the SHA-2 family, designed by the NSA and published by NIST in 2001. It produces a 256-bit (32-byte) digest, typically represented as 64 hexadecimal characters.
The algorithm processes input in 512-bit blocks through a series of bitwise operations, modular additions, and logical functions over 64 rounds. The internal state uses eight 32-bit words, initialized from the fractional parts of the square roots of the first eight prime numbers.
You don't need to implement it — but understanding that it's a complex mixing function is important for understanding its strength.
SHA-256 vs MD5 vs SHA-1
| Algorithm | Output Size | Status | Speed |
|---|---|---|---|
| MD5 | 128 bits | Broken — collision attacks demonstrated | Very fast |
| SHA-1 | 160 bits | Deprecated — collision found (SHAttered, 2017) | Fast |
| SHA-256 | 256 bits | Secure — no known practical attacks | Moderate |
| SHA-512 | 512 bits | Secure — faster on 64-bit systems than SHA-256 | Moderate |
| SHA-3 | Variable | Secure — different design (Keccak, not Merkle-Damgård) | Variable |
Never use MD5 or SHA-1 for security purposes. Both have demonstrated collision vulnerabilities — meaning two different files can produce the same hash. For file integrity and digital signatures, use SHA-256 or better.
Common Use Cases
File Integrity Verification
Before installing software, verify the download:
sha256sum ubuntu-24.04-desktop-amd64.iso
# Compare output to the hash published by Ubuntu
If the hash matches, the file is byte-identical to what the distributor published. If it doesn't match, the file was corrupted or tampered with.
Git Object Model
Git identifies every object (commit, tree, blob) by its SHA-1 hash (transitioning to SHA-256). A Git commit hash is a hash of the entire tree of files, parent commit hashes, author, and commit message — making it tamper-evident.
git log --oneline
# a3f92b1 Add authentication module
# 7e4c8d2 Fix null pointer in parser
Password Storage
Never store plaintext passwords. Hash them — but not with plain SHA-256. Use a password hashing function designed for this purpose:
import bcrypt
# Hashing
hashed = bcrypt.hashpw(password.encode(), bcrypt.gensalt())
# Verification
bcrypt.checkpw(password.encode(), hashed)
Why not plain SHA-256? It's too fast — attackers can hash billions of candidates per second. Bcrypt, Argon2, and scrypt are intentionally slow and add salt to prevent rainbow table attacks.
HMAC (Hash-based Message Authentication Code)
HMAC combines a hash function with a secret key to produce a message authentication code:
import hmac, hashlib
mac = hmac.new(secret_key, message, hashlib.sha256).hexdigest()
HMACs verify both message integrity (the content hasn't changed) and authenticity (the sender has the secret key). Used in JWT signatures (HS256), API request signing, and TLS.
TLS Certificates
Modern TLS certificates use SHA-256 in their signature algorithm (e.g., sha256WithRSAEncryption). The certificate's subject information is hashed, and the CA signs that hash.
Hash Your Data Securely
The Hash Generator on InfraHub computes SHA-256, SHA-512, MD5, and SHA-1 digests for text or file inputs — entirely in your browser using the Web Crypto API. Your data is never uploaded to any server.
Use it to verify file integrity, generate checksums for deployments, or quickly hash test values while building security-sensitive features.