LOGBOOK

HELP

Quiz Entry - updated: 2026.07.05

What is a hash function, and what three properties does a good cryptographic hash have?

A hash function is a one-way mathematical mangler — it takes any input and produces a fixed-size, deterministic, irreversible fingerprint.

Login: look up the user's salt, compute hash(typed+salt), compare to the stored hash, grant or reject.

* Password-storage login check: recompute the salted hash and compare. *

A hash function mapping several inputs to fixed-length digest outputs.

* A hash maps any input to a fixed-length digest. — Jorge Stolfi, Public domain, via Wikimedia Commons. *

The three core properties:

  1. One-way (Einwegfunktion): Easy to compute hash from input, computationally infeasible to recover input from hash. You can hash Hello185f8db32... instantly, but going backwards requires brute force.

  2. Uniqueness / Avalanche (Einzigartigkeit): Every distinct input produces a distinct output, and tiny changes cause completely different hashes:

    • Hello185f8db32271fe25f561a6fc938b2e264306ec304eda518007d1764826381969
    • hello2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824
  3. Fixed length (Feste Länge): Output size is constant regardless of input. SHA-256 always produces 256 bits, whether the input is a single character or a 10GB file.

Why this is perfect for password storage:

  • Server stores hash(password), not the password itself
  • On login: compute hash(typed_password) and compare
  • If the database leaks → attacker has hashes, not passwords
  • One-wayness means they must brute-force to recover them

Try it: https://emn178.github.io/online-tools/sha256.html — experiment with the avalanche effect.

Go deeper:

From Quiz: INTROL / Password Cracking | Updated: Jul 05, 2026