Hash Generator
Generate MD5, SHA1, SHA256, SHA512 hashes and HMAC variants
Quick Examples
Enter text to generate hashes
Hash Algorithms
Standard Hashes
- MD5: 128-bit, fast but not secure
- SHA1: 160-bit, deprecated for security
- SHA256: 256-bit, secure and recommended
- SHA512: 512-bit, highest security
HMAC
Hash-based Message Authentication Code (HMAC) uses a secret key to provide both data integrity and authentication. It prevents tampering and verifies the message source.
Complete Hash Generator Guide
Hash Generator is a core tool for cryptography and data security, used to convert data of any length into a fixed-length unique "fingerprint". This tool supports multiple hash algorithms including MD5, SHA-1, SHA-256, SHA-512, and HMAC (Hash-based Message Authentication Code) variants. Hash functions are widely used in password storage, data integrity verification, digital signatures, blockchain, and more. Understanding the characteristics and applicable scenarios of different hash algorithms is crucial for building secure application systems.
1如何使用 / How to Use
Step 1: Select Hash Mode
Select "Hash" mode to generate standard hash values, or select "HMAC" mode to generate keyed message authentication codes. HMAC mode requires an additional secret key, providing higher security and authentication capabilities.
Step 2: Input Text
Enter or paste the text to hash in the input box. Supports text of any length and Unicode characters (including Chinese). You can also upload text files or click quick example buttons to load preset text.
Step 3: Input Secret Key (HMAC Mode)
If HMAC mode is selected, enter the secret key in the key input box. The key can be any string, used to generate message authentication codes. The same text and key combination always produces the same HMAC value.
Step 4: Auto-Generate Hashes
The tool automatically generates all supported hash values as you type (with a 300ms delay). The right side displays results from all four algorithms (MD5, SHA-1, SHA-256, SHA-512) simultaneously for easy comparison and selection.
Step 5: Copy Hash Values
Each hash result has a copy button next to it. Click to copy that hash value to clipboard. After copying, the button shows "Copied" confirmation, returning to normal after 2 seconds.
Step 6: View Hash Length
The character length is displayed below each hash result. MD5 is 32 characters, SHA-1 is 40 characters, SHA-256 is 64 characters, SHA-512 is 128 characters. This helps verify hash integrity.
2实际应用场景 / Use Cases
1Password Storage
Never store passwords in plain text. Use SHA-256 or SHA-512 to hash passwords before storing in the database. When users log in, perform the same hash operation on the entered password, then compare with the hash value in the database. It is recommended to use salting technique for further security. Note: For password storage, specialized password hashing algorithms (like bcrypt, Argon2) are more secure than general hash algorithms.
2File Integrity Verification
After downloading a file, calculate the file's hash value and compare with the official hash value to verify if the file has been tampered with or corrupted. Software publishers typically provide SHA-256 or MD5 checksums. If hash values match, the file is intact and unmodified. This is especially important for downloading critical software, system images, etc.
3API Signature Verification
Use HMAC to generate API request signatures, ensuring requests come from trusted sources and are not tampered with. Client uses secret key to generate HMAC for request parameters, server verifies signature using the same key. This is standard security practice for many APIs (like AWS, payment gateways). HMAC provides both authentication and data integrity protection.
4Data Deduplication
In big data processing, use hash values to quickly identify duplicate data. Generate hash values for each piece of data; identical hash values indicate duplicate data. This is much faster than byte-by-byte comparison. Commonly used in file system deduplication, database indexing, cache systems, etc.
5Blockchain and Cryptocurrency
Hash functions are at the core of blockchain technology. Each block contains the hash of the previous block, forming an immutable chain. Bitcoin uses SHA-256 for proof-of-work (mining). Ethereum addresses are also generated through public key hashing. Understanding hash functions is crucial for understanding blockchain technology.
6Digital Signatures
Digital signature process first hashes the message, then encrypts the hash value with private key. Receiver decrypts signature with public key to get hash value, then hashes message for comparison. This ensures message comes from claimed sender and is unmodified. SSL/TLS certificates, code signing, etc. all use this technique.
使用技巧与最佳实践 / Tips & Best Practices
Choose the Right Algorithm
MD5 and SHA-1 have been proven to have collision vulnerabilities and should not be used in security-critical scenarios. For new projects, SHA-256 or SHA-512 is recommended. SHA-256 strikes a good balance between security and performance, being the most commonly used choice. SHA-512 provides higher security but is slightly slower to compute.
Hashing Is Irreversible
Hashing is a one-way function; theoretically, original data cannot be derived from hash values. However, for simple passwords, attackers can use rainbow tables (pre-computed hash value databases) for cracking. Therefore, password hashing must use salting and specialized slow hash algorithms (like bcrypt).
HMAC Key Management
HMAC security entirely depends on key confidentiality. Keys should be sufficiently long (at least 16 bytes) and randomly generated. Do not hardcode keys in code; use environment variables or key management services. Regular key rotation can improve security.
Understand Hash Collisions
Hash collision occurs when two different inputs produce the same hash value. While theoretically possible, in strong hash algorithms like SHA-256, collision probability is extremely low (1 in 2^128). MD5 and SHA-1 have been proven to allow artificial collision creation, making them no longer secure.
Verify Hash Integrity
When using hashes to verify file integrity, ensure official hash values are obtained from trusted channels. Attackers may tamper with both files and hash values. It is best to obtain hash values through HTTPS or digital signatures to ensure authenticity.
常见问题 / Frequently Asked Questions
技术说明 / Technical Details
This tool uses Web Crypto API for hash calculations, a native cryptographic interface provided by browsers, offering excellent performance and reliable security. **Hash Algorithm Implementation**: - MD5: Implemented using CryptoJS library, produces 128-bit hash values - SHA-1: Uses SubtleCrypto.digest("SHA-1"), produces 160-bit hash values - SHA-256: Uses SubtleCrypto.digest("SHA-256"), produces 256-bit hash values - SHA-512: Uses SubtleCrypto.digest("SHA-512"), produces 512-bit hash values **HMAC Implementation**: HMAC uses SubtleCrypto.sign() method, combining key and message to generate authentication codes. Keys are first imported via importKey(), then used for signing operations. **Text Encoding**: All input text is first converted to UTF-8 byte sequences via TextEncoder, ensuring correct handling of multi-byte characters like Chinese. Hash calculation occurs at byte level, output results are converted to hexadecimal strings. **Real-time Calculation**: Uses debounce technique (300ms delay), automatically triggering hash calculation after user stops typing, avoiding frequent calculations that affect performance. Tech stack: React + TypeScript + Web Crypto API + CryptoJS, ensuring high performance, type safety, and browser compatibility.
🔒 隐私保护承诺 / Privacy Protection
所有处理都在您的浏览器本地完成,数据不会上传到任何服务器。您的隐私和数据安全是我们的首要任务。
All processing is done locally in your browser. No data is uploaded to any server. Your privacy and data security are our top priorities.