SHA256 Hash

SHA-256 (Secure Hash Algorithm 256-bit) is a cryptographic hash function standardized by NIST in 2001 as part of the SHA-2 family. It produces a 256-bit (32-byte) digest, represented as a 64-character hexadecimal string. SHA-256’s design improves on SHA-1 by using 64-round compression, 32-bit words, and constants derived from the square roots of the first eight prime numbers. It offers strong collision and preimage resistance with no known practical attacks, making it the default choice for secure hashing.

SHA-256 processes data in 512-bit blocks, padding the message to a multiple of 512 bits, including a 64-bit length field. Its internal state consists of eight 32-bit registers initialized to fixed constants. The message schedule expands each block into 64 32-bit words, which are then mixed with the state through bitwise functions (Ch, Maj, Σ0, Σ1, σ0, σ1) and addition of round constants derived from the fractional parts of cube roots of primes.

No practical collisions or second-preimage attacks are known against SHA-256. It’s widely used in TLS certificates (SHA-256 fingerprints), digital signatures (ECDSA, RSA), blockchain (Bitcoin’s proof-of-work), password hashing (via HMAC or KDFs), and file integrity verification. SHA-256 strikes a balance between performance and security on both 32-bit and 64-bit platforms.

1. **Padding**: Append ‘1’ bit, zero bits, and 64-bit length. 2. **Initialization**: Eight 32-bit registers with fixed primes. 3. **Message Schedule**: Expand 16 input words to 64 via σ functions. 4. **Compression**: 64 rounds mixing state, schedule words, and constants with Σ functions and majority/choice operations. 5. **Output**: Add registers back to state and produce the final 256-bit digest.

Optimized C implementations can hash over 200 MB/s on modern CPUs. Hardware support (SHA extensions) further accelerates SHA-256 by orders of magnitude. In JavaScript, TypedArrays and Web Crypto APIs provide fast throughput without blocking the main thread.

— For password storage, combine SHA-256 with a salt and a slow KDF like PBKDF2, bcrypt, or Argon2. — For message authentication, use HMAC-SHA256 with a secret key. — Validate implementations against FIPS 180-4 test vectors.

`hello` → `2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824`