SHA256 is a cryptographic hash function. Its purpose is to take in an arbitrary length of bytes (the “message”), perform number crunching, and then produce 32 bytes that uniquely represents the original message (the “hash value”, or “digest”). A small change to the message, even toggling a single bit somewhere, results in a vastly different digest due to a property of cryptographic hash functions known as the “Avalanche Effect”.
While it is easy to calculate the hash code for any given message, it is considered to be infeasible for somebody to generate a message that results in a particular hash code. This makes SHA256 a one-way function. Likewise, it is considered infeasible at the moment to find two different messages that have the same hash code (known as a “collision”).
Note: This does not mean that collisions are impossible, though, because after all, the output is only 32 bytes for any length of input. So, being fed enough bytes will eventually result in a repeated hash code. Being infeasible in this case simply means that collisions are random events that cannot be used to create other collisions for other messages.
Because of these properties, hash functions like SHA256 are often used to verify that a message hasn’t been tampered with, or hasn’t become corrupted during transmission. It is also convenient to store the hashes of passwords in a database instead of the passwords themselves, so that in the event of a security breech, the secrets are not revealed.
Calculating a SHA256 hash code consists of multiple rounds of bitwise operations: and, or, xor, shifts, and rotates. Because there are no conditional branching operations in the algorithm, SHA256 can be implemented entirely in hardware. This is the basis behind FPGA and ASIC mining devices (a topic for a later blog post).
Try it yourself! Type a message to view the resulting SHA256 hash, and see how small changes to the input greatly impacts the results. Also, try to find a message that results in one or more leading zeros.SHA256 Sample