Hashing

Hashing is the process of running data through a hash function, to produce a fixed-size value called a hash, or digest.

A good hash function is fast, deterministic, and spreads its output evenly, so that different inputs rarely produce the same hash, an event called a collision.

Hashing serves several distinct purposes applications:

  • Integrity checks and checksums, with fast algorithms like crc32 or md5, to detect accidental corruption.

  • Lookup structures, where hashing a key gives its position in a hash table, the internal structure behind PHP arrays.

  • Password storage, with slow, salted algorithms designed to resist brute-force attacks, such as bcrypt or argon2, via the password_hash() function.

  • Cryptographic fingerprints, with algorithms like the SHA family, to sign or verify data.

Hashing is one-way: a hash cannot be reversed to recover the original data. This distinguishes it from encryption, which is meant to be decrypted with a key.

<?php

    // fast, non-cryptographic hashing, for a lookup or checksum
    echo hash('crc32b', 'The quick brown fox jumped over the lazy dog.');

    // cryptographic hashing, for a fingerprint
    echo hash('sha256', 'The quick brown fox jumped over the lazy dog.');

    // slow, salted hashing, for password storage
    echo password_hash('correct horse battery staple', PASSWORD_BCRYPT);

?>

Documentation

See also Everything you need to know about hashing in PHP.

Related : Hash, hash() Function, Cryptographic Hash, Hash Table, Message Digest, Checksum, Cryptography, Password API, Hash Comparisons, Crack, Deterministic, Weak Cryptography