A hash is a mathematical formula that takes a collection of digital data, like a file or password, and calculates a number from it. A good hash algorithm has three important properties:
- It’s one-way. You can calculate the hash from the data, but you can’t recover the original data from the hash.
- It’s unique. The odds of any two files or passwords generating the exact same hash are infinitesimal.
- It’s unpredictable. That means that it’s basically impossible (technically just “infeasible”) to come up with a file that would produce a specific hash value.
For example, a hash generated from a digital document can be used to verify that the digital document isn’t later tampered with. If the document is modified in any way, the hash generated from the modified document will be different than the originally calculated hash. By comparing the hash of the original document with a hash of the current document, it’s possible to say that the document has been altered or not. This is used as an important part of digital signatures.
Hashes are occasionally referred to as checksums or digests.
Examples of common hash algorithms include MD5, SHA1, and SHA256.
As an example of a hash, the MD5 hash of the word “password” is 5f4dcc3b5aa765d61d8327deb882cf99. Hashes are typically represented in hexadecimal. As a decimal number, that would be 39 digits long… so you can see why we use hex.