Message Digest

Updated: 2019-01-23

Cryptographic hash function, or Message Digest

  • transform a sequence of bits into a fixed sequence of bits.
  • a one-way, non-invertible function

Input and output:

  • input data: message(any string)
  • output: message digest(the hash value).


  • SHA-1(1995): 160-bit (20-byte). Deprecated. All major browsers stopped accepting SHA-1 SSL certificates by 2017.
  • SHA-2(2001): a family of six hash functions, SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, SHA-512/256(numbers are num of bits).
  • SHA-3(2015): SHA3-224, SHA3-256, SHA3-384, SHA3-512, SHAKE128, SHAKE256
  • MD5: 128bit, used as a checksum to verify data integrity, but only against unintentional corruption.


  • SHA-224 and SHA-256 share the same specification, but use different initial hash values, and the final hash value is truncated to 224 bits for SHA-224.
  • similar to SHA-512, SHA-384, SHA-512/224 and SHA-512/256, except that the final hash value is truncated to 224 bits for SHA-512/224, 256 bits for SHA- 512/256 or 384 bits for SHA-384.
  • SHA-256 is faster on 32-bit hardware


>>> hashlib.md5(b"hello").hexdigest()


jshell> import

jshell> MessageDigest md = MessageDigest.getInstance("MD5")
md ==> MD5 Message Digest from SUN, <initialized>

Get digest as byte array:

jshell> byte[] a = md.digest("hello".getBytes())
a ==> byte[16] { 93, 65, 64, 42, -68, 75, 42, 118, -71, ...  -111, 16, 23, -59, -110 }

Convert the byte array to Hex String:

jshell> IntStream.range(0, a.length).mapToObj(i -> String.format("%02X", a[i])).collect(Collectors.joining())
$40 ==> "5D41402ABC4B2A76B9719D911017C592"