MD5/SHA Hash Algorithms Explained: Complete Guide

Published: June 7, 2026 · 13 min read

What is Hashing?

A hash function is a mathematical algorithm that converts input data of any size into a fixed-size output called a hash value, hash digest, or simply hash. The same input will always produce the same hash, but even a tiny change in input produces an entirely different hash.

Think of it like a digital fingerprint. Just as a fingerprint uniquely identifies a person, a hash uniquely identifies data. But unlike fingerprints, hashes are deterministic—run the same data through the same hash function and you always get the same result.

Hash Example

Input: "Hello, World!"
MD5:    65a8e27d8879283831b664bd8b7f0ad4
SHA-256: 315f5bdb76d078c43b8ac0064e4a0164612b1fce07721709f58325a0e9aa1a0e

Input: "Hello, World" (missing exclamation)
MD5:    6d35540d7a766d7c8fe1da6c0f1545d3
SHA-256: 374708fff1b4c1862602c594a97fe1ac0aaa7f45e8c3e0c3c8f9a7f2f36d4cd7

Notice how removing a single character produces a completely different hash—this is called the avalanche effect.

Properties of Cryptographic Hash Functions

For a hash function to be cryptographically secure, it must have these essential properties:

1. Deterministic

The same input always produces the same hash output. There's no randomness in hashing the same data twice.

hash("password") = 5f4dcc3b5aa765d61d8327deb882cf99 (always)
hash("password") = 5f4dcc3b5aa765d61d8327deb882cf99 (always)

2. Quick Computation

Hashing should be fast. Even for large files, modern hash functions can process megabytes per second on standard hardware.

# Hashing a 1GB file takes milliseconds
sha256sum large-file.iso
# 45a3ef... large-file.iso

3. Pre-Image Resistance

Given a hash output, it should be computationally infeasible to find the original input. You can't "reverse" a hash.

Given: 5f4dcc3b5aa765d61d8327deb882cf99
Hard:  Find input that produces this hash
Answer: "password" (but you can't derive this from the hash)

4. Small Changes = Big Differences

The avalanche effect ensures that even tiny input changes produce completely different hashes. This prevents predicting patterns.

hash("Dog") = f7a9dc4e24eb5e2043dedfe5d4c0e3b3
hash("dog") = 06d901263e3e16d8ef4fc72c5b83e0b8

5. Collision Resistance

A collision occurs when two different inputs produce the same hash. Strong hash functions make finding collisions computationally infeasible.

hash("file1.pdf") = abc123...
hash("file2.pdf") = def456...

Ideally: no two different files should produce the same hash

6. Puzzle Friendliness

In proof-of-work systems (like Bitcoin mining), finding an input that produces a hash with specific prefix should be difficult but verifiable.

Find input where hash starts with "0000..."
Difficulty: Need to try many inputs
Easy: Verify the solution

MD5: The Legacy Algorithm

MD5 (Message Digest Algorithm 5) was designed by Ronald Rivest in 1991. For years, it was the most widely used hash function, but cryptanalytic advances have rendered it insecure for security purposes.

MD5 Characteristics

• Output size: 128 bits (32 hexadecimal characters)
• Speed: Very fast—good for non-security uses
• Security status: NOT recommended for any security purpose

MD5 Vulnerabilities

MD5 is susceptible to several attacks:

• Collision attacks: Can find two different inputs with same hash
• Chosen-prefix attacks: Can create malicious files with same hash as legitimate ones
• Rainbow tables: Pre-computed hash lookup tables for password cracking

# MD5 is useful only for:
# 1. Checksums for non-security data integrity
# 2. Generating short identifiers
# 3. Legacy compatibility

# NOT for:
# - Password storage
# - Digital signatures
# - SSL/TLS certificates
# - Any security-sensitive application

md5sum important-file.zip
# a1b2c3d4e5f6... important-file.zip

When MD5 Is Still OK

MD5 remains acceptable for non-cryptographic purposes like quick integrity checks where speed matters more than security:

# File comparison (did the download complete correctly?)
md5sum large-file.iso
# Compare with published checksum

# Non-critical checksums
# Database IDs, cache keys

SHA-1: Deprecated but Common

Secure Hash Algorithm 1 (SHA-1) was developed by the NSA and published in 1995. It produces a 160-bit hash and was widely used in security protocols until vulnerabilities were discovered.

SHA-1 Characteristics

• Output size: 160 bits (40 hexadecimal characters)
• Speed: Fast, slightly slower than MD5
• Security status: Deprecated for security uses

SHA-1 Deprecation Timeline

2005   - First collision research published
2011   - NIST deprecates SHA-1 for digital signatures
2014   - Chrome marks SHA-1 certificates as insecure
2017   - SHAttered attack: First real SHA-1 collision
2021   - Major browsers reject SHA-1 certificates

SHAttered Attack

In 2017, researchers demonstrated a practical SHA-1 collision by creating two PDF files with the same hash but different content:

Collision files (demonstrated):
- SHAttered-attack.pdf (contract)
- SHAttered-attack-2.pdf (截然不同的合同)

Both hash to: 26ab0d... (same SHA-1)

Where SHA-1 Still Exists

# Legacy systems you might encounter:
# - Old Git commits (still uses SHA-1 internally)
# - Some legacy APIs
# - Old SSL/TLS certificates
# - VCS revision identifiers

# For new development: NEVER use SHA-1

SHA-2 Family: The Current Standard

SHA-2 (Secure Hash Algorithm 2) is a family of six hash functions designed by the NSA and standardized by NIST. It remains secure and is the recommended standard for most applications.

SHA-2 Variants

SHA-256 in Practice

# SHA-256 is the workhorse of modern cryptography
# Used in: TLS/SSL, SSH, PGP, Bitcoin, document signing

sha256sum important-document.pdf
# a7f3c8d2e1b4... important-document.pdf

# Verify downloaded file
sha256sum downloaded-file.iso
# Compare with published hash

HMAC-SHA2

HMAC (Hash-based Message Authentication Code) adds a secret key to hashing, providing both integrity and authentication:

HMAC-SHA256(key, message) = secure authentication code

# Used in:
# - API authentication (AWS, Stripe, etc.)
# - Cookie integrity
# - Message authentication

SHA-3: The Latest Standard

SHA-3 (Secure Hash Algorithm 3) was standardized in 2015 using a different underlying algorithm (Keccak) than SHA-2. It's not a replacement for SHA-2 but an alternative offering different properties.

SHA-3 Characteristics

• Different algorithm: Based on sponge construction, not MD-style compression
• Performance: Can be slower than SHA-2 on some hardware
• Security margin: Designed with large security margin against future attacks
• Future-proof: Different design means if SHA-2 is broken, SHA-3 remains secure

SHA-3 Variants

SHA3-224   - 224-bit output
SHA3-256   - 256-bit output
SHA3-384   - 384-bit output
SHA3-512   - 512-bit output

SHAKE128   - Variable length, 128-bit security
SHAKE256   - Variable length, 256-bit security

When to Use SHA-3

# SHA-3 is appropriate when:
# - You want defense in depth (different algorithm)
# - Future-proofing against cryptanalytic advances
# - Regulatory requirements specify SHA-3
# - Long-term security is paramount

# SHA-256 is still fine for most uses
# The cryptographic community considers both secure

Algorithm Comparison

Practical Applications

1. File Integrity Verification

# Download software? Always verify the hash!
sha256sum downloaded-installer.exe

# Compare with published hash from vendor
# If different: file corrupted or tampered with

2. Password Storage

# NEVER store passwords directly—even hashed
# Use specialized algorithms like bcrypt, scrypt, or Argon2

# Example with bcrypt
import bcrypt

password = "user_password"
hashed = bcrypt.hashpw(password.encode(), bcrypt.gensalt())
# Store: hashed

# Verify
bcrypt.checkpw(password.encode(), hashed)

3. Digital Signatures

# Signing a document
signature = sign(private_key, sha256(document))

# Verifying
hash_matches = sha256(received_document) == expected_hash
signature_valid = verify(public_key, signature, document_hash)

4. Blockchain and Proof of Work

# Bitcoin uses SHA-256 double hashing
# Miners find nonce such that:
hash = SHA256(SHA256(block_data + nonce))
# Result starts with many zeros (difficulty target)

5. API Authentication

# HMAC-based authentication
signature = HMAC-SHA256(secret_key, request_data)
# Send: request + signature
# Server verifies using shared secret

6. Git Version Control

# Git uses SHA-1 for commit and object identifiers
git log --format="%H %s"
# a1b2c3d4e5f6789012345678901234567890abcd Initial commit
# 1234567890abcdef1234567890abcdef12345678 Add feature X

# Content-addressed: same content = same hash

Security Guidance

What to Use

• SHA-256: Default choice for most applications
• SHA-384/SHA-512: When higher security margin is needed
• bcrypt/scrypt/Argon2: For password hashing specifically
• HMAC-SHA256: For message authentication

What NOT to Use

• MD5: Completely broken for security purposes
• SHA-1: Deprecated, collision attacks demonstrated
• Plain hash for passwords: Use bcrypt/scrypt/Argon2 instead
• MD5/SHA-1 for certificates: Modern browsers reject these

Implementation Best Practices

# DO:
# - Use well-tested cryptographic libraries
# - Let experts handle the implementation
# - Use HTTPS to protect hash transmission
# - Salt passwords before hashing
# - Verify file hashes against trusted sources

# DON'T:
# - Implement your own hash function
# - Use MD5 or SHA-1 for anything security-related
# - Trust hashes from untrusted sources
# - Forget that hashes can be spoofed if transmitted insecurely

Generate and verify hashes instantly with the JieBang MD5/Hash Generator tool.