# How Hashing Algorithms work?

A hashing algorithm is loosely defined as a one-way algorithm that produces a fixed-length output no matter what size the input variable is. Hashing algorithms are used for integrity assurance. They are based on some type of one-way hashing function. This blog post helps us understanding How Hashing Algorithms work?

Consider the following analogy of a hashing algorithm. You get a standard blender, three small

oranges, and three big oranges. You put all the oranges in the blender and make juice out of them. When you pour it into a cup, you get one glass of juice. If your neighbor were to get the same blender, three small oranges, and three big oranges and do the same process, they would also get one glass of juice.

oranges, and three big oranges. You put all the oranges in the blender and make juice out of them. When you pour it into a cup, you get one glass of juice. If your neighbor were to get the same blender, three small oranges, and three big oranges and do the same process, they would also get one glass of juice.

A hashing algorithm takes any input and massages it until it gets a fixed-length output. As long as you use the same input (the oranges) and the same algorithm (blend oranges after putting them into the blender), you always get the same output. You can never reverse-engineer the answer to get the original input, just as you can’t put together the orange juice to determine that three big and three small oranges went into the blender to make the glass of juice.

Two common hashing algorithms are MD5, which gives you a fixed-length 128-bit output, and

SHA-1, which gives you a fixed-length 160-bit output.

SHA-1, which gives you a fixed-length 160-bit output.

MD5 is considered OK for today’s environments, but SHA-1 is preferred because it is less likely to result in a collision.

## Properties of Hash Algorithms

1. You cannot reproduce the original data/string from a provided
hash output. It means that reverse process is not feasible. This is very
helpful as a hacker cannot derive the original string by just knowing
the hash output.

2. Hash outputs of two different strings will always be different. There is also called hash collision resistance. Even if the hacker manages to find the input string and corresponding hash output, if he tries substitute the input string with his malware, the hash output for the manipulated will be considerably different.

3. Any small change done to the clear-text input results in a large change to the hash output. In below image there is a small change of first character in the string and corresponding hash output for each string is considerably different.

2. Hash outputs of two different strings will always be different. There is also called hash collision resistance. Even if the hacker manages to find the input string and corresponding hash output, if he tries substitute the input string with his malware, the hash output for the manipulated will be considerably different.

3. Any small change done to the clear-text input results in a large change to the hash output. In below image there is a small change of first character in the string and corresponding hash output for each string is considerably different.

## These are the qualities you want to look for in a good hashing algorithm

- It has high resistance to cryptographic attack.
- Any change to the clear-text input results in a large change to the encrypted output.
- The probability of collision (two different inputs giving the same output) is low.