Hashing and HMAC: What They Are and When to Use Them
A practical guide to integrity, authentication, and common developer misconceptions.
Last updated: Feb 18, 2026
Part of the complete guide to encryption, hashing, and encoding.
A one-way function that produces a fixed-size fingerprint of any input. Used for integrity verification. Cannot be reversed.
Examples: SHA-256, SHA-3, MD5
A keyed hash that proves both integrity and authenticity. Only someone with the secret key can produce or verify the correct HMAC.
Examples: HMAC-SHA256, HMAC-SHA512
Transforms data so only authorized parties can read it. Reversible with the correct key. Provides confidentiality, not integrity.
Examples: AES, RSA, ChaCha20
Which One Do I Need?
| Goal | Recommended Approach |
|---|---|
| Detect if data has changed | Hash |
| Authenticate API request with shared secret | HMAC |
| Store passwords securely | Password hashing (bcrypt, Argon2) |
| Keep data secret from unauthorized parties | Encryption |
| Prevent tampering and prove sender identity | HMAC (or digital signatures) |
| Verify file integrity after download | Hash (checksum) |
Hashing Explained
A hash function takes input of any size and produces a fixed-size output called a digest or hash. This process is deterministic (same input always produces the same output) and one-way (you cannot recover the original input from the hash).
Even a tiny change in the input produces a completely different hash. This property, called the avalanche effect, makes hashes ideal for detecting modifications. If the hash of a file matches the expected value, you can be confident the file is unchanged.
Collisions occur when two different inputs produce the same hash. Modern cryptographic hash functions like SHA-256 make it computationally infeasible to find collisions intentionally. Older algorithms like MD5 and SHA-1 have known weaknesses and should be avoided for security-sensitive applications.
Common uses:
- •File integrity verification (checksums)
- •Cache keys and content deduplication
- •Content addressing (IPFS, Git commits)
- •Data fingerprinting for comparison
HMAC Explained
HMAC (Hash-based Message Authentication Code) combines a cryptographic hash function with a secret key. Unlike plain hashing, HMAC provides both integrity and authenticity. Only someone who knows the secret key can generate the correct HMAC for a given message.
When you receive a message with an HMAC, you can verify it by computing the HMAC yourself (using the shared secret) and comparing it to the one provided. If they match, you know the message is unmodified and came from someone with the key.
HMAC is widely used for API request signing, webhook verification, and session token validation. Services like AWS, Stripe, and GitHub use HMAC signatures to authenticate requests and webhooks.
For a direct comparison of plain SHA-256 and HMAC-SHA256 — specifically which to use for checksums vs API signing — see SHA-256 vs HMAC-SHA256.
Important: HMAC is not encryption
HMAC does not hide data. The message remains readable. HMAC only proves that the message is authentic and unmodified. If you need confidentiality, use encryption.
Hash vs HMAC vs Encryption
| Aspect | Hash | HMAC | Encryption |
|---|---|---|---|
| Purpose | Integrity verification | Integrity + authentication | Confidentiality |
| Reversible? | No | No | Yes (with key) |
| Requires secret? | No | Yes | Yes |
| Provides confidentiality? | No | No | Yes |
| Provides integrity? | Yes | Yes | Not inherently |
| Provides authentication? | No | Yes | No |
| Typical use cases | Checksums, deduplication, content addressing | API signing, webhooks, message authentication | Protecting data at rest and in transit |
Common Real-World Patterns
Software distributors publish hash values (checksums) alongside downloads. After downloading, you compute the hash of the file and compare it to the published value. If they match, the file is authentic and uncorrupted.
SHA-256 is the standard choice. The hash should be obtained from a trusted source separate from the download itself.
Services like GitHub, Stripe, and Twilio send webhooks with an HMAC signature header. Your server computes the HMAC of the payload using your shared secret and compares it to the header value. This confirms the webhook is genuine.
Always use constant-time comparison to prevent timing attacks when verifying HMACs.
Cloud providers like AWS use HMAC-based request signing. The client computes an HMAC over request parameters, headers, and a timestamp using their secret access key. The server verifies the signature to authenticate the request.
Timestamps prevent replay attacks by rejecting requests that are too old. For a full comparison of API authentication options (API keys, JWT, OAuth 2.0, and HMAC signing), see the API Authentication Methods guide.
Encryption alone provides confidentiality but not integrity. Attackers might modify ciphertext without detection. The solution is authenticated encryption (like AES-GCM) or combining encryption with HMAC.
Modern best practice is to use authenticated encryption modes that handle both confidentiality and integrity in a single operation. See the Authenticated Encryption and Integrity guide for AES-GCM and ChaCha20-Poly1305 details.
Common Misconceptions
"Hashing hides data"
Hashing is not encryption. While you cannot reverse a hash, the original data is not "hidden." Anyone can hash the same input and get the same output.
"Encoding provides security"
Base64, URL encoding, and hex encoding provide zero security. They are format conversions that anyone can reverse instantly.
"Encryption automatically proves authenticity"
Basic encryption modes can be tampered with without detection. Use authenticated encryption or add HMAC for integrity and authenticity.
"HMAC is encryption"
HMAC provides authentication and integrity, not confidentiality. The message remains readable. If you need secrecy, use encryption.
"SHA-1 and MD5 are fine for security"
Both have known collision vulnerabilities. Use SHA-256 or SHA-3 for security applications. MD5 and SHA-1 are only acceptable for non-security checksums.
Frequently Asked Questions
Try These Tools
Related Guides and Comparisons
Complete Guide to Encryption, Hashing & Encoding
Foundational overview of all three mechanisms and when to use each
MD5 vs SHA-256
Why MD5 is broken and when to use SHA-256
SHA-256 vs HMAC-SHA256
Detailed comparison: checksums vs keyed authentication
Authenticated Encryption and Integrity
AES-GCM, ChaCha20-Poly1305, and AEAD in depth
How Password Hashing Works
bcrypt, Argon2, PBKDF2 — why fast hashes are wrong for passwords
bcrypt vs Argon2 vs PBKDF2
Side-by-side comparison of the three recommended password hashers
What Is TLS?
TLS 1.3 uses HMAC for integrity — see how transport security builds on hashing
What Is a Digital Signature?
How HMAC and digital signatures differ — and when to use each
10 Common Encryption Mistakes
Using MD5 for passwords, skipping HMAC, and other errors to avoid
API Authentication Methods
API keys, JWT, OAuth 2.0, and HMAC signing — a practical guide