SHA-256
What is SHA-256?
SHA-256A 256-bit cryptographic hash function from the SHA-2 family, widely used for digital signatures, TLS, blockchains, and integrity verification.
SHA-256 is a member of the SHA-2 family standardized by NIST in FIPS 180-4, producing a 256-bit (32-byte) digest from inputs of up to 2^64 bits. It uses a Merkle-Damgård construction with a Davies-Meyer-style compression function operating on 512-bit blocks across 64 rounds. SHA-256 underpins TLS 1.2/1.3, X.509 certificates, Bitcoin proof-of-work, code signing and HMAC-SHA-256. It remains cryptographically strong with no practical collision or preimage attacks better than the generic 2^128 / 2^256 bounds, although for password hashing it should be wrapped in a slow KDF (Argon2, scrypt, PBKDF2).
● Examples
- 01
Bitcoin uses double SHA-256 for block hashing and proof-of-work.
- 02
Modern X.509 certificates are signed with SHA-256 (signature algorithm sha256WithRSAEncryption).
● Frequently asked questions
What is SHA-256?
A 256-bit cryptographic hash function from the SHA-2 family, widely used for digital signatures, TLS, blockchains, and integrity verification. It belongs to the Cryptography category of cybersecurity.
What does SHA-256 mean?
A 256-bit cryptographic hash function from the SHA-2 family, widely used for digital signatures, TLS, blockchains, and integrity verification.
How do you defend against SHA-256?
Defences for SHA-256 typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for SHA-256?
Common alternative names include: SHA-2 (256-bit), FIPS 180-4 SHA-256.