What is a Hash Function
A hash function takes any input — a single byte or an entire file — and produces a fixed-size output called a hash, digest, or fingerprint. The same input always produces the same output. Different inputs produce different outputs (with astronomically high probability). And you cannot reverse the process to recover the original input from the hash.
How it works
A cryptographic hash function has three properties that make it useful for security:
- Deterministic — the same input always produces the same hash. Hash "hello" a million times and you get the same result every time.
- One-way — given a hash, there is no feasible way to compute the original input. You cannot "unhash" data.
- Collision-resistant — it is computationally infeasible to find two different inputs that produce the same hash.
The output is always the same length regardless of input size. SHA-256 produces 256 bits whether you hash a single character or a 10 GB file. Change one bit of the input and the output changes completely — this is called the avalanche effect.
Hash functions are not encryption. Encryption is reversible (with a key). Hashing is not reversible at all. You use encryption when you need the data back. You use hashing when you need to verify data without storing or transmitting the original.
Why it matters
Hash functions are everywhere in computing. Git identifies every commit, tree, and blob by its SHA-1 hash. Password systems store hashes instead of plaintext passwords. Digital signatures hash a message before signing it. File integrity checks compare hashes to detect tampering or corruption. Blockchains chain blocks together using hashes. Every time you verify that data has not been altered, a hash function is doing the work.
See How Hashing Works for the full walkthrough.