How Hashing Algorithm Used in Cryptography?
Last Updated :
23 Jul, 2025
A Hash Function (H) takes a variable-length block of data and returns a hash value of a fixed size. A good hash function has a property that when it is applied to a large number of inputs, the outputs will be evenly distributed and appear random. Generally, the primary purpose of a hash function is to maintain data integrity. Any change to any bits or bits in the results will result in a change in the hash code, with a high probability.
The type of hash function that is needed for security purposes is called a cryptographic hash function.
A cryptographic hash function (or cryptographic hash algorithm) is an algorithm that is not computationally efficient (no attack is more efficient than brute force) when it is used to find either:
- A data object which maps to a predefined hash result
- Two data objects that map to the hash result in collision-free property.
Because of these properties, a hash function is often used to check whether data has changed.
Block Diagram of Cryptographic: Hash Function; h = H(M)Working on Hashing Algorithms in Cryptography
Now that we have a basic idea of what a hash function is in cryptography, let's break down the internal mechanics.
The first act of the hashing algorithm is to divide the large input data into blocks of equal size. Further, the algorithm applies the hashing process to the data blocks one by one.
Though one block is hashed separately, all the blocks are related to each other. The output hash value for the first data block is taken as an input value and is summed up with the second data block. Similarly, the hashed output of the second block is summed up with the third block, and the summed-up input value is again hashed. And this process goes on and on until you get the final hash output, which is the summed-up value of all the blocks that were involved.
Therefore, tampering with the data of any block will change its hash value. As its hash value goes into the feeding of blocks following it, all the hash values are changed. This is how even the smallest change in the input data is detectable, as it changes the entire hash value.
Alice is a vendor whose business supplies stationery to Bob's office on credit. She sends Bob an invoice with an inventory list, billing amount, and her bank account details a month later. She applies her digital signature to the document and hashes it before sending it to Bob. However, Todd, who's a hacker, intercepts the document while it's in transit and replaces Alice's bank account details with his.
When Bob receives the letter, his computer calculates the hash value of the document and finds that it's different from the original hash value. Bob's computer immediately raises a flag, warning him that something is fishy with the document and he shouldn't trust it.
Without the hashed document, Bob would easily have trusted the content of the document because he was acquainted with Alice and the transaction details in the document were genuine. However, since the hash values did not match, Bob was aware of the change. Now, he contacts Alice by phone and shares with her the information in the document he received. Alice confirms that her bank account is different than what is written in the document.
That's how a hashing function saves Alice and Bob from financial fraud. Now imagine this scenario with your own business and how it could.
Primary Terminologies
Preimage: Let’s say we have a hash value (hash value h = h(x)). We say that x is the first image of h. Let’s call x a data block, whose hash function (using the function H) is h. Because H is a multiple-fold mapping, there will always be some number of preimages for any hash value h.
Collision: If x\neq y and H(x) = H(y), we’ll have a collision. Since we’re dealing with hash functions, it’s obvious that collisions are not desirable.
Popular Hash Functions
Hash functions play an important role in computing, providing versatile capabilities like: Quick retrieval of data, Secure protection of information (cryptography), Ensuring data remains unaltered (integrity verification). Some commonly used hash functions are
Message Digest 5 (MD5)
MD5 is a specific message digest algorithm, a type of cryptographic hash function. It takes an input of any length (a message) and produces a fixed-length (128-bit) hash value, which acts like a unique fingerprint for the message.
MD5 was widely used from the early 1990s onwards for various purposes, including:
- File Check: Making sure a file got from the web was not changed while transferring. MD5 was used to make a code for the first file and compare it to the code of the received file.
- Password Storage: MD5 was sometimes used to store passwords on servers. However, it was never recommended to store passwords directly in plain text. Instead, the password was hashed using MD5, and the hash value was stored. This meant that even if a security breach occurred, the actual passwords wouldn't be compromised.
Secure Hash Function (SHA)
SHA stands for Safe Hash Algorithm. It's a group of codes for keeping data safe made by NIST. These codes convert any size input into a fixed code, called a hash value or message digest.
There are different SHA types, each with varied lengths and security features:
- SHA-1: The first SHA code, making a 160-bit hash. It's now unsafe because of flaws and is no longer used.
- SHA-2: A family of improved SHA algorithms with various output lengths:
- SHA-224 (224 bits)
- SHA-256 (256 bits - most common)
- SHA-384 (384 bits)
- SHA-512 (512 bits)
- SHA-3: A completely redesigned hash function introduced after weaknesses were found in SHA-2. It offers improved security but isn't as widely used yet.
SHAs have a number of applications in digital security:
- Data Integrity: Checking if data is changed. Even small change means different hash value.
- E-Signatures: Verify documents. It uses private key, hash to sign data. Receiver checks signature using sender's public key, re-computed hash.
- Password Protection: Passwords are encrypted before saved. If there's a breach, only hash is compromised, not passwords.
- Software Check: Verify downloaded file is unchanged. Often, hash is given by distributor to check file's authenticity.
Applications
Message Authentication
Message Authentication is the process or service used for making sure that a message is authentic. It also means assuring that the received data is the same as the one sent—that is, not tampered with to delete, insert, or replay. In most cases, authentication will also ensure that the alleged sender is who he claims he is.
More precisely, the hash function is referred to as a message digest when hash functions are applied for verifying a message.
Digital Signatures
In the case of a digital signature, the hash value of a message is encrypted using the private key owned by the person sending it out so that no one else can change what they have said without being detected easily by those looking for it also within seconds by those scanning across different networks particularly corporate or government intranets. With this information at hand, hackers always attempt hacking passwords and other security codes so that torrent downloaders from this work freely without facing any restrictions they may not be able to avoid under lawful circumstances.
A hash code is used to provide a digital signature as:
a. The hash code is encrypted with public-key encryption using the sender's private key. This provides authentication, but it also provides a digital signature because only the sender can have produced the encrypted hash code. In fact, this is what the digital signature technique is all about.
b. If you want both confidentiality and a digital signature, then you can encrypt the message plus the private-key encrypted hash code using a symmetrical secret key. This is a common technique.
Create a single-pass password
One of the most common uses of hash functions is the creation of a single pass password file. A single pass password file is a scheme where the operating system holds the hash value of a user’s password rather than the actual password itself.In other words, it’s the hash value that the operating system stores. That’s why a hacker can’t get the real password from that file. When you type a password into your computer, the system uses the hash value to check if you typed the right password. Many systems use this method to protect passwords.
Intrusion detection and virus
Hash functions can also be used to detect intrusions and viruses. For each file on your system, store H(F) and keep the hash values safe (for example, on a protected CD-R). You can later check if a file is changed by recreating H(F). For example, an intruder would have to modify F without altering H(F).
Pseudorandom number generator (PRNG)
You can use a cryptographic hash function to create a PRF or a PRNG. One of the most common uses for a hash based PRF is to generate symmetric keys.
Security Requirements for Cryptographic Hash Functions
Requirement
| Description
|
---|
Variable input size
| H can be applied to a block of data of any size.
|
Fixed output size
| H produces a fixed-length output.
|
Efficiency
| H(x) is relatively easy to compute for any given x, making both hardware and software implementations practical
|
Preimage resistant (one-way property)
| For any given hash value , it is computationally infeasible to find u such that H(y) = h
|
Second preimage resistant (weak collision resistant)
| For any given block x, it is computationally infeasible to find y\neq x with H(y)=H(x) .
|
Collision resistant (strong collision resistant)
| It is computationally infeasible to find any pair (x , y) such that H(x) = H(y).
|
Pseudorandomness
| Output of H meets standard tests for pseudorandomness.
|
- The first three characteristics are necessary for the practical use of a hashfunction.
- The fourth characteristic is preimage resistant. It is easy to generate a code for a message but almost impossible for a message to be generated for a code. This property is important when the authentication technique is to use a secret value, where the secret value is not to be sent. If the hash function does not have one way, the secret value can easily be discovered by an attacker. For example, if the attacker is able to observe or intercept the transmission, they can get the message M. They can also get the hash code h = H(S||M). They can then invert the hash function S||M = H-1(MDM) and get SAB || M. Since they now have both M and SAB || M, it is trivial to recover SAB.
- The fifth property – second preimage resistant – ensures that you can’t find a different message with the exact same hash value. This property stops forgery when you’re using encrypted hash code. If this property wasn’t true, attackers would be able to do the following: First, they’d observe or intercept the message plus the encrypted hash code. Second, they would get the unencrypted hash from the message. Third, they would generate an alternate message with the identical hash code.
- A weak hash function satisfies the first fifth properties.
- If the sixth property (collision resistant) is also met, then the hash function is called a strong one. Strong hash functions protect against an attack where one side creates a message for the other side to sign.
- The last requirement – pseudorandomization – has not traditionally been mentioned as a requirement for cryptographic hash functions, but is rather implicit. Because cryptographic hash functions are often used to derive keys and generate pseudorandom numbers, and because in message integrity applications, these three resistant properties are dependent on the hash function’s output being random, it’s logical to verify that a given hash function actually produces random output.
Drawback
Just like other technologies and processes, the hash functions in cryptography aren't perfect either. There are a few key issues that are worth mentioning.
- There had been incidences in the past while popular algorithms like MD5 and SHA-1 had been returning the same hash value for different data. Hence, the quality of collision-resistance was compromised.
- There's a technology called "rainbow tables" that hackers use to try to crack unsalted hash values. That's why salting before hashing is so important to secure password storage.
- There are some software services and hardware tools—known as "hash cracking rigs"—that are used by hackers, security researchers, and sometimes even government entities to crack the hashed passwords.
Conclusion
Hashing is a very handy cryptographic tool for information technology when it comes to verification: checking digital signatures, file integrity, or data, password integrity, and many more. Cryptographic hash functions are not perfect, but they are a pretty good checksum and authentication mechanism. It is one of the methods of storing passwords securely when a salting technique is in place, in a manner that is just impractical for cybercriminals to even try to invert it to something they can use.
Similar Reads
Computer Network Tutorial A Computer Network is a system where two or more devices are linked together to share data, resources and information. These networks can range from simple setups, like connecting two devices in your home, to massive global systems, like the Internet. Below are some uses of computer networksSharing
6 min read
Computer Network Basics
Basics of Computer NetworkingA computer network is a collection of interconnected devices that share resources and information. These devices can include computers, servers, printers, and other hardware. Networks allow for the efficient exchange of data, enabling various applications such as email, file sharing, and internet br
10 min read
Types of Computer NetworksA computer network is a system that connects many independent computers to share information (data) and resources. The integration of computers and other different devices allows users to communicate more easily. It is a collection of two or more computer systems that are linked together. A network
7 min read
Introduction to InternetComputers and their structures are tough to approach, and it is made even extra tough when you want to recognize phrases associated with the difficulty this is already utilized in regular English, Network, and the net will appear to be absolutely wonderful from one some other, however, they may seem
10 min read
Types of Network TopologyNetwork topology refers to the arrangement of different elements like nodes, links, or devices in a computer network. Common types of network topology include bus, star, ring, mesh, and tree topologies, each with its advantages and disadvantages. In this article, we will discuss different types of n
11 min read
Network DevicesNetwork devices are physical devices that allow hardware on a computer network to communicate and interact with each other. Network devices like hubs, repeaters, bridges, switches, routers, gateways, and brouter help manage and direct data flow in a network. They ensure efficient communication betwe
9 min read
What is OSI Model? - Layers of OSI ModelThe OSI (Open Systems Interconnection) Model is a set of rules that explains how different computer systems communicate over a network. OSI Model was developed by the International Organization for Standardization (ISO). The OSI Model consists of 7 layers and each layer has specific functions and re
13 min read
TCP/IP ModelThe TCP/IP model is a framework that is used to model the communication in a network. It is mainly a collection of network protocols and organization of these protocols in different layers for modeling the network.It has four layers, Application, Transport, Network/Internet and Network Access.While
7 min read
Difference Between OSI Model and TCP/IP ModelData communication is a process or act in which we can send or receive data. Understanding the fundamental structures of networking is crucial for anyone working with computer systems and communication. For data communication two models are available, the OSI (Open Systems Interconnection) Model, an
4 min read
Physical Layer
Physical Layer in OSI ModelThe physical Layer is the bottom-most layer in the Open System Interconnection (OSI) Model which is a physical and electrical representation of the system. It consists of various network components such as power plugs, connectors, receivers, cable types, etc. The physical layer sends data bits from
4 min read
Types of Network TopologyNetwork topology refers to the arrangement of different elements like nodes, links, or devices in a computer network. Common types of network topology include bus, star, ring, mesh, and tree topologies, each with its advantages and disadvantages. In this article, we will discuss different types of n
11 min read
Transmission Modes in Computer Networks (Simplex, Half-Duplex and Full-Duplex)Transmission modes also known as communication modes, are methods of transferring data between devices on buses and networks designed to facilitate communication. They are classified into three types: Simplex Mode, Half-Duplex Mode, and Full-Duplex Mode. In this article, we will discuss Transmission
6 min read
Types of Transmission MediaTransmission media is the physical medium through which data is transmitted from one device to another within a network. These media can be wired or wireless. The choice of medium depends on factors like distance, speed, and interference. In this article, we will discuss the transmission media. In t
9 min read
Data Link Layer
Data Link Layer in OSI ModelThe data link layer is the second layer from the bottom in the OSI (Open System Interconnection) network architecture model. Responsible for the node-to-node delivery of data within the same local network. Major role is to ensure error-free transmission of information. Also responsible for encoding,
4 min read
What is Switching?Switching is the process of transferring data packets from one device to another in a network, or from one network to another, using specific devices called switches. A computer user experiences switching all the time for example, accessing the Internet from your computer device, whenever a user req
5 min read
Virtual LAN (VLAN)Virtual LAN (VLAN) is a concept in which we can divide the devices logically on layer 2 (data link layer). Generally, layer 3 devices divide the broadcast domain but the broadcast domain can be divided by switches using the concept of VLAN. A broadcast domain is a network segment in which if a devic
7 min read
Framing in Data Link LayerFrames are the units of digital transmission, particularly in computer networks and telecommunications. Frames are comparable to the packets of energy called photons in the case of light energy. Frame is continuously used in Time Division Multiplexing process. Framing is a point-to-point connection
6 min read
Error Control in Data Link LayerData-link layer uses the techniques of error control simply to ensure and confirm that all the data frames or packets, i.e. bit streams of data, are transmitted or transferred from sender to receiver with certain accuracy. Using or providing error control at this data link layer is an optimization,
4 min read
Flow Control in Data Link LayerFlow control is design issue at Data Link Layer. It is a technique that generally observes the proper flow of data from sender to receiver. It is very essential because it is possible for sender to transmit data or information at very fast rate and hence receiver can receive this information and pro
4 min read
Piggybacking in Computer NetworksPiggybacking is the technique of delaying outgoing acknowledgment temporarily and attaching it to the next data packet. When a data frame arrives, the receiver waits and does not send the control frame (acknowledgment) back immediately. The receiver waits until its network layer moves to the next da
5 min read
Network Layer
Network Layer in OSI ModelThe Network Layer is the 5th Layer from the top and the 3rd layer from the Bottom of the OSI Model. It is one of the most important layers which plays a key role in data transmission. The main job of this layer is to maintain the quality of the data and pass and transmit it from its source to its de
5 min read
Introduction of Classful IP AddressingClassful IP addressing is an obsolete method for allocating IP addresses and dividing the available IP address space across networks. It was used from 1981 to 1993 until the introduction of CIDR (Based on Prefixes rather than classes). Classful method categorizes IP addresses into five classes (A, B
10 min read
Classless Addressing in IP AddressingThe Network address identifies a network on the internet. Using this, we can find a range of addresses in the network and total possible number of hosts in the network. Mask is a 32-bit binary number that gives the network address in the address block when AND operation is bitwise applied on the mas
7 min read
What is an IP Address?Imagine every device on the internet as a house. For you to send a letter to a friend living in one of these houses, you need their home address. In the digital world, this home address is what we call an IP (Internet Protocol) Address. It's a unique string of numbers separated by periods (IPv4) or
14 min read
IPv4 Datagram HeaderIP stands for Internet Protocol and v4 stands for Version Four (IPv4). IPv4 was the primary version brought into action for production within the ARPANET in 1983. IP version four addresses are 32-bit integers which will be expressed in decimal notation. In this article, we will discuss about IPv4 da
4 min read
Difference Between IPv4 and IPv6IPv4 and IPv6 are two versions of the system that gives devices a unique address on the internet, known as the Internet Protocol (IP). IP is like a set of rules that helps devices send and receive data online. Since the internet is made up of billions of connected devices, each one needs its own spe
7 min read
Difference between Private and Public IP addressesIP Address or Internet Protocol Address is a type of address that is required to communicate one computer with another computer for exchanging information, file, webpage, etc. Public and Private IP address are two important parts of device identity. In this article, we will see the differences betwe
6 min read
Introduction To SubnettingSubnetting is the process of dividing a large network into smaller networks called "subnets." Subnets provide each group of devices with their own space to communicate, which ultimately helps the network to work easily. This also boosts security and makes it easier to manage the network, as each sub
8 min read
What is Routing?The process of choosing a path across one or more networks is known as Network Routing. Nowadays, individuals are more connected on the internet and hence, the need to use Routing Communication is essential.Routing chooses the routes along which Internet Protocol (IP) packets get from their source t
10 min read
Network Layer ProtocolsNetwork Layer is responsible for the transmission of data or communication from one host to another host connected in a network. Rather than describing how data is transferred, it implements the technique for efficient transmission. In order to provide efficient communication protocols are used at t
9 min read
Transport Layer
Session Layer & Presentation Layer
Session Layer in OSI modelThe Session Layer is the 5th layer in the Open System Interconnection (OSI) model which plays an important role in controlling the dialogues (connections) between computers. This layer is responsible for setting up, coordinating, and terminating conversations, exchanges, and dialogues between the ap
6 min read
Presentation Layer in OSI modelPresentation Layer is the 6th layer in the Open System Interconnection (OSI) model. This layer is also known as Translation layer, as this layer serves as a data translator for the network. The data which this layer receives from the Application Layer is extracted and manipulated here as per the req
4 min read
Secure Socket Layer (SSL)SSL or Secure Sockets Layer, is an Internet security protocol that encrypts data to keep it safe. It was created by Netscape in 1995 to ensure privacy, authentication, and data integrity in online communications. SSL is the older version of what we now call TLS (Transport Layer Security).Websites us
10 min read
PPTP Full Form - Point-to-Point Tunneling ProtocolPPTP Stands for Point-to-Point Tunneling Protocol is a widely used networking protocol designed to create a secure private connection over a public network like the internet. It is Developed by Microsoft and other tech companies in the 1990s It is one of the first protocols used for Virtual Private
5 min read
Multipurpose Internet Mail Extension (MIME) ProtocolMIME (Multipurpose Internet Mail Extensions) is a standard used to extend the format of email messages, allowing them to include more than just text. It enables the transmission of multimedia content such as images, audio, video, and attachments, within email messages, as well as other types of cont
4 min read
Application Layer
Application Layer in OSI ModelThe Application Layer of OSI (Open System Interconnection) model, is the top layer in this model and takes care of network communication. The application layer provides the functionality to send and receive data from users. It acts as the interface between the user and the application. The applicati
5 min read
Client-Server ModelThe Client-Server Model is a distributed architecture where clients request services and servers provide them. Clients send requests to servers, which process them and return the results. Clients donât share resources among themselves but depend on the server. Common examples include email systems a
5 min read
World Wide Web (WWW)The World Wide Web (WWW), often called the Web, is a system of interconnected webpages and information that you can access using the Internet. It was created to help people share and find information easily, using links that connect different pages together. The Web allows us to browse websites, wat
6 min read
Introduction to Electronic MailIntroduction:Electronic mail, commonly known as email, is a method of exchanging messages over the internet. Here are the basics of email:An email address: This is a unique identifier for each user, typically in the format of [email protected] email client: This is a software program used to send,
4 min read
What is a Content Distribution Network and how does it work?Over the last few years, there has been a huge increase in the number of Internet users. YouTube alone has 2 Billion users worldwide, while Netflix has over 160 million users. Streaming content to such a wide demographic of users is no easy task. One can think that a straightforward approach to this
4 min read
Protocols in Application LayerThe Application Layer is the topmost layer in the Open System Interconnection (OSI) model. This layer provides several ways for manipulating the data which enables any type of user to access the network with ease. The Application Layer interface directly interacts with the application and provides c
7 min read
Advanced Topics
What is Network Security?Network security is defined as the activity created to protect the integrity of your network and data. Network security is the practice of protecting a computer network from unauthorized access, misuse, or attacks. It involves using tools, technologies, policies and procedures to ensure the confiden
9 min read
Computer Network | Quality of Service and MultimediaQuality of Service (QoS) is an important concept, particularly when working with multimedia applications. Multimedia applications, such as video conferencing, streaming services, and VoIP (Voice over IP), require certain bandwidth, latency, jitter, and packet loss parameters. QoS methods help ensure
7 min read
Authentication in Computer NetworkPrerequisite - Authentication and Authorization Authentication is the process of verifying the identity of a user or information. User authentication is the process of verifying the identity of a user when that user logs in to a computer system. There are different types of authentication systems wh
4 min read
Encryption, Its Algorithms And Its FutureEncryption plays a vital role in todayâs digital world, serving a major role in modern cyber security. It involves converting plain text into cipher text, ensuring that sensitive information remains secure from unauthorized access. By making data unreadable to unauthorized parties, encryption helps
10 min read
Introduction of Firewall in Computer NetworkA firewall is a network security device either hardware or software-based which monitors all incoming and outgoing traffic and based on a defined set of security rules it accepts, rejects, or drops that specific traffic. It acts like a security guard that helps keep your digital world safe from unwa
10 min read
MAC Filtering in Computer NetworkThere are two kinds of network Adapters. A wired adapter allows us to set up a connection to a modem or router via Ethernet in a computer whereas a wireless adapter identifies and connects to remote hot spots. Each adapter has a distinct label known as a MAC address which recognizes and authenticate
10 min read
Wi-Fi Standards ExplainedWi-Fi stands for Wireless Fidelity, and it is developed by an organization called IEEE (Institute of Electrical and Electronics Engineers) they set standards for the Wi-Fi system. Each Wi-Fi network standard has two parameters : Speed - This is the data transfer rate of the network measured in Mbps
4 min read
What is Bluetooth?Bluetooth is used for short-range wireless voice and data communication. It is a Wireless Personal Area Network (WPAN) technology and is used for data communications over smaller distances. This generation changed into being invented via Ericson in 1994. It operates within the unlicensed, business,
6 min read
Generations of wireless communicationWe have made very huge improvements in wireless communication and have expanded the capabilities of our wireless communication system. We all have seen various generations in our life. Let's discuss them one by one. 0th Generation: Pre-cell phone mobile telephony technology, such as radio telephones
2 min read
Cloud NetworkingCloud Networking is a service or science in which a companyâs networking procedure is hosted on a public or private cloud. Cloud Computing is source management in which more than one computing resources share an identical platform and customers are additionally enabled to get entry to these resource
11 min read
Practice
Top 50 Plus Networking Interview Questions and Answers for 2024Networking is defined as connected devices that may exchange data or information and share resources. A computer network connects computers to exchange data via a communication media. Computer networking is the most often asked question at leading organizations such Cisco, Accenture, Uber, Airbnb, G
15+ min read
Top 50 TCP/IP Interview Questions and Answers 2025Understanding TCP/IP is essential for anyone working in IT or networking. It's a fundamental part of how the internet and most networks operate. Whether you're just starting or you're looking to move up in your career, knowing TCP/IP inside and out can really give you an edge.In this interview prepa
15+ min read
Top 50 IP Addressing Interview Questions and AnswersIn todayâs digital age, every device connected to the internet relies on a unique identifier called an IP Address. If youâre aiming for a career in IT or networking, mastering the concept of IP addresses is crucial. In this engaging blog post, weâll explore the most commonly asked IP address intervi
15+ min read
Last Minute Notes for Computer NetworksComputer Networks is an important subject in the GATE Computer Science syllabus. It encompasses fundamental concepts like Network Models, Routing Algorithms, Congestion Control, TCP/IP Protocol Suite, and Network Security. These topics are essential for understanding how data is transmitted, managed
14 min read
Computer Network - Cheat SheetA computer network is an interconnected computing device that can exchange data and share resources. These connected devices use a set of rules called communication protocols to transfer information over physical or wireless technology. Modern networks offer more than just connectivity. Enterprises
15+ min read