Cryptographic Hash Functions in Blockchain (with Bash & Python Code) by@balapriya

Cryptographic Hash Functions in Blockchain (with Bash & Python Code)

Bala Priya C HackerNoon profile picture

Bala Priya C

A self-taught programmer, and a technical writer who authors tutorials, how-to guides, and more to help developers

Cryptographic Hash Functions are a class of hash functions that are cryptographically secure. From password authentication and integrity verification to blockchain—these functions are used in a multitude of applications.

In this tutorial, we'll start by reviewing the basics of blockchain, and the relevance of cryptographic hash functions in making a blockchain secure. We'll then go over what cryptographic hash functions are, and their properties.

Additionally, we'll also see how to write code to obtain hashes, in both Python and Bash.  

For all this and more, let's get started!

Table of Contents

  1. Blockchain Basics Revisited
  2. What is a Cryptographic Hash Function?
  3. Properties of Cryptographic Hash Functions
  4. Is 256-Bit Security Really Secure?
  5. How to Compute SHA256 Sum in Bash
  6. How to Obtain SHA256 Hash in Python

Blockchain Basics Revisited

Let's start our discussion by answering the question: "What's a Blockchain?"

A blockchain is an immutable, distributed ledger system. It's essentially a decentralized peer-to-peer network in which transactions can happen between peers without the involvement of a central authority.

Each block in a blockchain consists of the following:

  • data/details of the transaction
  • its hash
  • hash of the previous block

The first block is called the genesis block, and it's the only block that doesn't contain the previous block's hash.


A Simple Blockchain (Image by the author)

In a blockchain, the transactions are hashed using secure hashing algorithms. And here's where cryptographic hash functions enter the discussion.

Cryptographic hash functions are used to generate the hashes that uniquely identify the blocks.

Whenever the data in a particular block changes or is updated, the hash changes drastically. And because of this, the hash of the particular block should be updated, and the hash values in subsequent blocks should change as well.

This makes it next to impossible to tamper with the contents of a specific block. In some sense, the hashes not only uniquely identify the block but also facilitate immutability of the blockchain.

In addition, blockchains use consensus mechanisms such as Proof of Work and Proof of Stake to ensure that the transactions are indeed authentic, and are not by a malicious entity who is trying to tamper with the network.

Now that you've learned the relevance of cryptographic hash functions in blockchain, let's learn about them in greater detail in the subsequent sections.

What is a Cryptographic Hash Function?

A cryptographic hash function takes in an input message and maps it to a fixed length output, called the hash or the digest.


Cryptographic Hash Function (Image by the author)

Whatever be the length of the input—it could be a single character, a string, or even a large file—the output is always of fixed length, say N.

In the following illustration, we pass two different inputs 'blockchain' and 'hello' of different lengths to the



block accepts inputs and maps them to an output hash that is 160 bits long—or equivalently 40 hexadecimal digits long, as shown below.


Variable Length Message --> Fixed Length Hash (Image by the author)

Note: SHA stands for Secure Hashing Algorithm. Because of known security breaches in the past,

isn't recommended for sensitive use cases anymore. However, the
class of algorithms, namely, the
are still widely used.

Properties of Cryptographic Hash Functions

Cryptographic hash functions have a few properties that make them secure for cryptographic applications.

1. Deterministic

A cryptographic hash function is deterministic. This means no matter how many times you feed in a particular input, you'll get the same output hash.

2. Computationally Efficient

The output hash values should be quick to compute—both when hashing transactions and during verification.

So a cryptographic hash function should be computationally efficient, allowing us to obtain the output hash in a short time.

3. Pre-Image Resistant or Non-Invertible

This property is based on the concept of one-way functions.

Let's take an example. You have a function

f(x) = cube(x)
: the function
returns the cube of the number you feed in.

In this case, if the output is 27, you can conclude right away that the input is 3, which is the pre-image corresponding to the output 27. Therefore, such a function

is not pre-image resistant.

However, cryptographic hash functions should be pre-image resistant.

This means that you can input a message to the hashing algorithm, and obtain the hash. But it should be infeasible to obtain the input message by looking at the hash.

This is illustrated as shown below.


Pre-Image Resistance of Hash Functions (Image by the author)

4. Collision Resistant

A hash function should be resistant to collision.

But what is collision in the context of hash functions?

Is this the collision that we're talking about? 🤔


Not exactly!🙂

Well, let's parse what collision resistance actually means.

A collision is said to occur when two input messages

map to the same output hash. And collision resistance simply means it should be difficult to find two different messages
that map to the same hash.


Collision Resistance of Hash Functions (Image by the author)

5. Exhibits Avalanche Effect

Even a small change in the input should change the hash drastically.

In the example below, we only change a single character: 'b' to 'B'. And the output hash changes completely!


Output Hashes for 'blockchain' vs 'Blockchain' (Image by the author)

To sum up, a cryptographic hash function generates a fixed length hash that is deterministic yet random, and is cryptographically secure.

So far, you've learned what cryptographic hash functions are, and their properties. And we've mentioned that the

hashing function is widely used.

However, is a 256-bit hash really secure? Head over to the next section to find out.

Is 256-Bit Security Really Secure?

Suppose you have the desired output hash. Recall that a cryptographic hash function is deterministic. And it outputs the same hash for a specific input.

But it's also non-invertible. So the only way you can get back the input is by trying to generate the output hash at your end—through a series of random guesses.

If you can generate this output hash by randomly guessing inputs, you think it's possible to eventually break the hash, yes?

Well, it's not that simple!


algorithm outputs a 256-bit hash, or equivalently 64 hexadecimal digits. And a 256-bit hash is a sequence of 256 bits—each of which is either a 0 or a 1.

So there are 2^256 total combinations in all! And this is an insanely large number. And breaking this hash by random guessing is exponentially hard.

Watch this interesting video by Grant Sanderson of 3Blue1Brown.

And in the above video, Grant explains how complex the process is.

Put simply, even if you had access to the most sophisticated computing resources in the world, and time equal to 37 times the age of the universe, you'll still have a 1 in 4 billion chance of successfully guessing the input.


An excerpt from the YouTube video

How to Compute SHA256 Sum in Bash

You can even use simple Bash commands to obtain the hash on applying the secure hashing algorithms.

If you're on a Linux or Mac, open up your terminal and run the following line of code. If you're on a Windows machine, consider using a shell environment such as Git Bash.

The Bash command

returns the 256-bit hash, as shown below.

$ printf "I'm coding"| sha256sum

Observe that the output hash is 64 hexadecimal digits long—each taking 4 bits.

To get the 160-bit long SHA1 hash, you can use the Bash command

. Run the above code by replacing

$ printf "I'm coding" | sha1sum

In the next section, we'll see how to obtain the hash under the

algorithm in Python.

How to Obtain SHA256 Hash in Python

Python ships with a built-in

module. So you can just go ahead and import it like so:
import hashlib.

Here are the steps to obtain the hash:

  • Use the
    constructor to instantiate a hash object
  • Encode the message string, optionally include an encoding format
  • Call the
    method to obtain the hex equivalent of the 256-bit hash

The following code block shows how you can do it.

import hashlib
message = "I'm coding"
hash_obj = hashlib.sha256(message.encode())
hash_val = hash_obj.hexdigest()

# output: 860f5cae6febaa6b9064a16d78553819de43cb1e4c5a87ab267bb1c35fb41a04


# output: 64
# correct! 64 hexadecimal digits; total length = 64 * 4 = 256 bits

Notice how the

sum in this case is same as the one you obtained from Bash in the previous section. This verifies the deterministic nature of cryptographic hash functions.

Now, let's try to obtain the hashes for a list of strings.

import hashlib

strings = ["hello","sha256","sensitive info"]

for string in strings:
    hash_obj = hashlib.sha256(string.encode())
    hash_val = hash_obj.hexdigest()
    print(f"Hash #{strings.index(string)+1}: {hash_val}")

# Output
Hash #1: 2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824
Hash #2: 5d5b09f6dcb2d53a5fffc60c4ac0d55fabdf556069d6631545f42aa6e3500f2e
Hash #3: 034fcc03d9332ee032b5815ef69b0f21926dd2da73f0fcfd65ff90ded1700892

See, that's how simple it is. ✅

Summing Up the Discussion on Cryptographic Hash Functions

I hope you found this tutorial on cryptographic hash functions useful.

You've learned what cryptographic functions are what their properties are. And you've also learned how to use the Bash commands like

to obtain the hash values.

In addition, you've seen how to use Python's

module to generate hashes for input strings.

Be sure to try out a few more examples. Keep coding!

📚 Read Next

▶️ Advanced Topic Modeling Tutorial: How to Use SVD & NMF in Python

▶️ Learn K-Means Clustering by Quantizing Color Images in Python

▶️ Confusion Matrix in Machine Learning: Everything You Need to Know

▶️ 9 Best Data Engineering Courses You Should Take in 2022

▶️ Document-Term Matrix in NLP: Count and TF-IDF Scores Explained

Welcome to the Decentralized Internet Contest!


Signup or Login to Join the Discussion


Related Stories