Hash Generator

All algorithms exposed here are cryptographic hash functions in the Merkle–Damgård or sponge family. They are designed to satisfy three properties: pre-image resistance (given a digest, you cannot find the input), second-pre-image resistance (given input A, you cannot find a different B that hashes to the same digest), and collision resistance (you cannot find any two distinct inputs with the same digest). When you read that MD5 is "broken", what is actually broken is collision resistance — the other two properties still hold for almost all practical inputs.

This means MD5 and SHA-1 are still acceptable for non-adversarial integrity checks (download verification from a trusted mirror, deduplication, cache keys) but unacceptable for anything where an attacker chooses the input: certificates, signatures, content-addressable security boundaries.

A good hash flips roughly half the output bits for any single-bit input change. Compare the SHA-256 digests of two inputs that differ in one character:

eutils.pro
eutils.prO

eutils.pro → 3f0d9b1e5b... (digest 1)
eutils.prO → c8a47e22f3... (completely different)

• SHA-256 — default for everything in 2024+. Fast on modern CPUs (hardware-accelerated on x86 since 2016 and on ARM since v8.2-A), 256-bit output is wide enough that birthday collisions are infeasible.
• SHA-512 — same family, larger state, often faster than SHA-256 on 64-bit hardware because the inner block processes 1024-bit chunks. Use when you want a wider digest without changing algorithm family.
• SHA-3 (Keccak) — different construction (sponge), not vulnerable to length-extension attacks. Slower than SHA-2 in software, faster in hardware. Choose when you need length-extension resistance without using HMAC.
• SHA-1 — only for legacy compatibility (git object IDs, old TLS certificates you are reading, not signing). Demonstrated collision since SHAttered in 2017.
• MD5 — only for non-security uses: checksumming downloads, cache keys, dedup. Chosen-prefix collisions are routine. Never use for passwords or signatures.

• You downloaded an installer and want to verify it against the vendor's published SHA-256 checksum without installing extra software.
• You are debugging why two "identical" JSON payloads produce different signatures — a quick hash comparison reveals trailing whitespace or BOMs you missed.
• You need to produce a stable cache key from a string and want the digest in hex, base64, or base64url with one click.
• You are validating that a backup tarball survived an FTP upload by comparing its SHA-256 to the original.

• It will not hash passwords for storage. Use Argon2id, scrypt, or bcrypt — they are slow on purpose. Hashing a password with SHA-256 lets an attacker try billions of guesses per second per GPU.
• It will not produce HMACs. An HMAC needs a secret key and a defined construction; this tool produces plain hashes. For HMAC-SHA-256 use a dedicated library or the Web Crypto API's SubtleCrypto.sign("HMAC", ...).
• It will not check digital signatures. A signature is hash + private-key operation; verifying it needs the public key and signature algorithm metadata that a plain hasher does not see.