person Tute World Team

Hash Functions & Digital Signatures

How do you know a file you downloaded hasn't been tampered with? How does your bank know a transaction was approved by you, not an impostor? The answers are cryptographic hash functions and digital signatures — two of the most important tools in security.

What is a Cryptographic Hash Function?

A cryptographic hash function takes any input — a word, a file, an entire hard drive — and produces a fixed-size output called a hash, digest, or fingerprint.

"Hello" SHA-256 → 185f8db32921bd46d35...e9cd699
"Hello!" (added !) SHA-256 → 334d016f755cd6dc58c...

Three essential properties make hash functions cryptographically useful:

  • Deterministic: The same input always produces the same hash.
  • One-way (preimage resistant): You cannot reverse the hash to get the original input. Given the hash, you can't find the data.
  • Avalanche effect: Changing a single character completely scrambles the output — the two hashes above share zero visual similarity despite "Hello" vs "Hello!" being nearly identical.
  • Collision resistant: It's computationally infeasible to find two different inputs that produce the same hash.
Key insight: Hash functions are NOT encryption. You can't "decrypt" a hash. They're one-way transformations — like turning a document into its fingerprint. You use fingerprints to verify, not to recover the original.

SHA-256 and the SHA Family

The most widely used hash functions are in the SHA (Secure Hash Algorithm) family, standardized by NIST:

  • SHA-1 (160-bit): Deprecated. Practical collision attacks demonstrated in 2017 by Google's SHAttered project. Do not use.
  • SHA-256 (256-bit): Workhorse of modern security. Used in TLS, Bitcoin, SSL certificates, code signing, password storage (PBKDF2), and more.
  • SHA-384, SHA-512: Part of SHA-2. Larger output for higher security requirements. Used in some TLS cipher suites.
  • SHA-3 (Keccak): A completely different internal design from SHA-2. Selected by NIST as a backup standard. More resistant to length-extension attacks.
MD5 is dead: MD5 produces a 128-bit hash and was broken in 2004. It's trivial to generate MD5 collisions today. If you see MD5 used for security purposes anywhere in a codebase you work on, that's a critical vulnerability.

What Hash Functions Are Used For

File Integrity Verification

When you download software, the developer publishes its SHA-256 hash. After downloading, you hash the file yourself and compare. If the hashes match, the file is identical to what was published — it hasn't been corrupted or tampered with.

Password Storage

Websites store the hash of your password, not the password itself. When you log in, they hash what you type and compare to the stored hash. This way, a database breach exposes hashes, not plain passwords. (With salt — a random value — to prevent rainbow table attacks.)

Blockchain & Bitcoin

Each block in the Bitcoin blockchain contains the SHA-256 hash of the previous block. Changing any historical transaction would change its hash, break the chain, and require recomputing all subsequent hashes — computationally infeasible on the real network.

Digital Signatures

Rather than signing the entire document (slow for large files), you hash it first (fast), then sign the hash. The signature proves the hash is valid; the hash proves the document's integrity. More on this below.

Digital Signatures: Proving "I Signed This"

A digital signature is a mathematical proof that a specific person created or approved a specific piece of data — and that the data hasn't been modified since they signed it.

It's based on asymmetric cryptography, but used in reverse:

How signing works

  1. Alice computes the SHA-256 hash of the document
  2. Alice encrypts the hash with her private key → this is the digital signature
  3. Alice sends the document + the signature

How verification works

  1. Bob decrypts the signature using Alice's public key → gets the hash Alice computed
  2. Bob computes the SHA-256 hash of the received document
  3. If the two hashes match: the document is from Alice, and it's unmodified ✓
  4. If they don't match: either the document was tampered with, or the signature isn't from Alice ✗

Digital signatures provide:

  • Authentication: The message is from who it claims to be from
  • Integrity: The message hasn't been altered
  • Non-repudiation: Alice can't later claim she didn't send it — only her private key could have made that signature
Real-world uses: Code signing (your OS verifies app signatures before running them), email signing (S/MIME, PGP), TLS certificates, software updates, legal e-signatures, and cryptocurrency transactions.

Are Hash Functions Quantum-Safe?

Mostly yes — with a caveat. Grover's algorithm provides a quadratic speedup for searching, which effectively halves the security of hash functions. SHA-256 provides 256/2 = 128 bits of quantum security — still considered secure.

However, the digital signature algorithms based on RSA or ECC (like RSA-PSS, ECDSA) are not quantum-safe. Shor's algorithm breaks them entirely. This is why post-quantum signature algorithms (ML-DSA, SLH-DSA) exist — covered in Phase 4.

Frequently Asked Questions

What's a HMAC and how is it different from a hash?

A HMAC (Hash-based Message Authentication Code) combines a hash function with a secret key. Unlike a plain hash (anyone can compute), only someone with the secret key can generate a valid HMAC. This provides authentication — it proves the message came from someone with the key. HMACs are used in APIs (signing requests), cookies, and JWTs.

What is a "salt" in password hashing?

A salt is a random value added to the password before hashing. Without salts, two users with password "abc123" would have identical hashes — an attacker with a precomputed table of hashes (rainbow table) could crack both instantly. With salts, "abc123" + random_salt1 and "abc123" + random_salt2 produce completely different hashes, making precomputed attacks useless. Always use salted, slow hash functions like bcrypt or Argon2 for passwords.

← Asymmetric Encryption Next: TLS & PKI →

Frequently Asked Questions

What will I learn here?

This page covers the core concepts and techniques you need to understand the topic and progress confidently to the next lesson.

How should I use this page?

Start with the overview, then follow the section links to deepen your understanding. Use the table of contents on the right to jump to specific sections.

What should I read next?

Use the navigation below to continue to the next lesson or explore related topics.