Hashing¶
Hashing is the process of running data through a hash function, to produce a fixed-size value called a hash, or digest.
A good hash function is fast, deterministic, and spreads its output evenly, so that different inputs rarely produce the same hash, an event called a collision.
Hashing serves several distinct purposes applications:
Integrity checks and checksums, with fast algorithms like
crc32ormd5, to detect accidental corruption.Lookup structures, where hashing a key gives its position in a hash table, the internal structure behind PHP arrays.
Password storage, with slow, salted algorithms designed to resist brute-force attacks, such as
bcryptorargon2, via thepassword_hash()function.Cryptographic fingerprints, with algorithms like the
SHAfamily, to sign or verify data.
Hashing is one-way: a hash cannot be reversed to recover the original data. This distinguishes it from encryption, which is meant to be decrypted with a key.
<?php
// fast, non-cryptographic hashing, for a lookup or checksum
echo hash('crc32b', 'The quick brown fox jumped over the lazy dog.');
// cryptographic hashing, for a fingerprint
echo hash('sha256', 'The quick brown fox jumped over the lazy dog.');
// slow, salted hashing, for password storage
echo password_hash('correct horse battery staple', PASSWORD_BCRYPT);
?>
See also Everything you need to know about hashing in PHP.
Related : Hash, hash() Function, Cryptographic Hash, Hash Table, Message Digest, Checksum, Cryptography, Password API, Hash Comparisons, Crack, Deterministic, Weak Cryptography