Cryptographic Hash Comparison
Hash algorithms side-by-side — output size, security status, and recommended uses.
Reference
Algorithms
| Algorithm | Output | Status | Use for |
|---|---|---|---|
| MD5 | 128 bit | ❌ Broken | Non-security checksums only |
| SHA-1 | 160 bit | ❌ Broken | Legacy — avoid |
| SHA-256 | 256 bit | ✓ Secure | General-purpose signing, integrity |
| SHA-384 | 384 bit | ✓ Secure | Longer than 256 where required |
| SHA-512 | 512 bit | ✓ Secure | Faster than SHA-256 on 64-bit CPUs |
| SHA-3 (224/256/384/512) | vary | ✓ Secure | Keccak sponge — distinct from SHA-2 |
| BLAKE2b / BLAKE2s | 1–512 bit | ✓ Secure, fast | Git object hashing, general purpose |
| BLAKE3 | Arbitrary | ✓ Secure, very fast | Parallel integrity, streaming |
| CRC-32 | 32 bit | ❌ Not cryptographic | Error detection only |
| xxHash | 32/64/128 bit | ❌ Not cryptographic | Fast non-crypto checksums |
Password hashes (slow on purpose)
| Algorithm | Tunable | Notes |
|---|---|---|
| bcrypt | cost (log-rounds) | Wide support, max 72-byte input. |
| scrypt | N, r, p (memory-hard) | Memory-hard defence against GPU/ASIC. |
| Argon2id | time, memory, parallelism | PHC winner — preferred for new systems. |
| PBKDF2 | iterations | FIPS-approved but not memory-hard. |
Notes
- Use HMAC-SHA-256 (not bare SHA-256) for message authentication with a secret key.
- Use bcrypt/Argon2id (not SHA-256) for password storage.
- Prefer AEAD (AES-GCM, ChaCha20-Poly1305) for encryption — hashes alone don't provide confidentiality.
Last updated: