مولّد Hash
احسب بصمات التجزئة (MD5، SHA-1، SHA-256/384/512) و HMAC. يدعم النص والملفات.
Enter multiple lines to compute one hash per line using the same algorithm.
Examples and real-life use cases
- Verify file integrity by comparing checksums (e.g., SHA‑256).
- Generate HMAC signatures for webhook testing.
- Compute quick hashes for deduplication or cache keys.
FAQ
- Is MD5 secure?
- MD5 is considered broken for collision resistance; use SHA‑256 or better for security.
- Where is hashing done?
- All hashing and HMAC are performed locally in your browser.
Hash generator: complete guide (MD5, SHA, HMAC)
Hash functions condense an input (text or file) into a fixed‑size fingerprint. They are ubiquitous: integrity checks, signatures, indexing, deduplication, password storage (with salt + KDF), and more. This article explains how they work, available algorithms (MD5, SHA‑1, SHA‑256/384/512, SHA‑3), HMAC, and important limitations.
How does it work?
A hash is a one‑way transform: it’s easy to compute the digest from the data, but (practically) impossible to reconstruct the original input from the digest.
Good hash functions are fast, exhibit strong avalanche (bit diffusion), and resist collisions (two distinct inputs producing the same digest).
Digests have a fixed length (e.g., SHA‑256 = 256 bits) and are typically encoded in hexadecimal (or Base64).
Warning
MD5 and SHA‑1 must not be used for security. For password storage, do not use a simple hash: prefer dedicated KDFs (bcrypt/argon2/scrypt) with salt and work factor.
Algorithms and recommended uses
- MD5 — obsolete for security (practical collisions), acceptable for non‑security checksums or local deduplication.
- SHA‑1 — also obsolete for security (collisions demonstrated). Avoid for signatures/critical integrity.
- SHA‑256/384/512 — robust standards (SHA‑2). SHA‑256 is the default choice to favor.
- SHA‑3 — newer family based on Keccak; rarely needed in browsers but relevant in advanced cryptography contexts.
- HMAC (with SHA‑2/3) — to authenticate a message with a shared secret (webhooks, API signatures).
Digest length (bits) — larger ⇒ fewer collisions
Algorithm comparison summary
| Algorithm | Digest size | Speed (≈) | Current security | Use case |
|---|---|---|---|---|
| MD5 | 128 bits | Very fast | Broken (collisions) | Non‑security checksum, local deduplication |
| SHA‑1 | 160 bits | Fast | Broken (collisions) | Legacy compat, to be replaced |
| SHA‑256 | 256 bits | Fast | Recommended | Integrity, signatures, password storage (with salt + KDF) |
| SHA‑384 | 384 bits | Medium | Recommended | Stricter compliance policies |
| SHA‑512 | 512 bits | Medium | Recommended | Authentication, long fingerprints, archives |
HMAC: authenticate a message
HMAC (Hash‑based Message Authentication Code) combines a hash with a secret key to guarantee message integrity and authenticity.
Conceptual formula: HMAC = hash((K ⊕ opad) ∥ hash((K ⊕ ipad) ∥ message)), where K is the key (block‑sized via padding/truncation).
In practice, use HMAC‑SHA‑256 (or higher) and handle keys safely (sufficient length, server‑side storage, rotation).
Real‑world examples
- Compare a downloaded file’s checksum with the publisher’s checksum (integrity).
- Sign a Stripe/GitHub webhook using HMAC‑SHA‑256 and verify the signature on the receiver.
- Generate stable cache keys (content hash) to auto‑invalidate on change.
Educational content only. Choose the algorithm that matches your security policy and compliance requirements.