Cryptographic Hashing
Cryptographic hashing is the process of using a one-way mathematical function to convert input data of any size into a fixed-length output (digest) that is deterministic, collision-resistant, and computationally irreversible.
A cryptographic hash function takes an arbitrary amount of input data and produces a fixed-size output, typically 256 or 512 bits. The key properties of a secure hash function are: pre-image resistance (given a hash, it is infeasible to find the original input), second pre-image resistance (given an input, it is infeasible to find a different input with the same hash), and collision resistance (it is infeasible to find any two inputs that produce the same hash).
Widely used hash functions include SHA-256 and SHA-3 from the SHA family, and BLAKE2/BLAKE3 for high-performance applications. Older algorithms like MD5 and SHA-1 are considered cryptographically broken for security purposes and should not be used where collision resistance matters.
Hashing has many critical applications in security. It is used for verifying data integrity (file checksums, software downloads), password storage (using specialised hashing algorithms like bcrypt, scrypt, or Argon2 that incorporate salting and key stretching), digital signatures (signing the hash of a message rather than the message itself), and blockchain technology. For password hashing specifically, general-purpose hash functions like SHA-256 are inappropriate because they are designed to be fast. Instead, dedicated password hashing functions intentionally slow down computation to make brute-force attacks impractical. Always use a unique, random salt per password to prevent rainbow table attacks.