This tool computes the RIPEMD-160 hash of any text and displays it live as a 40-character hexadecimal string. RIPEMD-160 produces a 160-bit digest and is best known as the second hash in Bitcoin’s HASH160 operation, which is used to derive addresses from public keys and pay-to-script-hash scripts.
How RIPEMD-160 works
RIPEMD-160 processes the message in 512-bit blocks using a Merkle-Damgård construction. Padding appends a 0x80 byte, zero bytes, and a 64-bit little-endian bit-count to bring the total length to a multiple of 512 bits.
The distinctive feature of RIPEMD-160 is its dual-pipeline structure: each block is processed through two independent lines of 80 rounds each. Both lines start from the same five 32-bit state words (h0–h4, initialised to the MD4 constants), but they differ in:
- The non-linear boolean functions used in each group of 16 rounds
- The order in which the 16 message words are scheduled
- The rotation amounts applied after each round
- The additive constants (the left line uses
0, 5a827999, 6ed9eba1, 8f1bbcdc, a953fd4e; the right uses a mirrored set)
After both pipelines complete, the results are combined with the previous state through a rotated cross-sum pattern that mixes left-line and right-line output words:
newh1 = h2_old + left_c + right_d (positions rotate by one each round-group)
This cross-combination is what makes RIPEMD-160 resistant to attacks that succeed on a single-pipeline design. The five state words are serialised little-endian to produce the 20-byte (160-bit) digest.
Bitcoin HASH160
Bitcoin uses RIPEMD-160 as the second step in deriving pay-to-public-key-hash (P2PKH) and pay-to-script-hash (P2SH) addresses:
HASH160(data) = RIPEMD160(SHA256(data))
For a P2PKH address:
- Start with the 33-byte compressed public key (or 65-byte uncompressed).
- Hash it with SHA-256 to get a 32-byte intermediate.
- Hash the intermediate with RIPEMD-160 to get a 20-byte public key hash.
- Add a version byte (0x00 for mainnet), compute a 4-byte checksum (double-SHA256), Base58Check encode.
The RIPEMD-160 step compresses the 32-byte SHA-256 output into 20 bytes while maintaining strong collision resistance — compact enough to fit in a Bitcoin script output efficiently.
Reference values
These are the canonical vectors from the original RIPEMD-160 specification:
| Input | RIPEMD-160 digest |
|---|---|
| (empty) | 9c1185a5c5e9fc54612808977ee8f548b2258d31 |
abc | 8eb208f7e05d987a9b044a8e98c6b087f15a0bfc |
message digest | 5d0689ef49d2fae572b881b123a85ffa21595f36 |
abcdefghijklmnopqrstuvwxyz | f71c27109c692c1b56bbdceb5b9d2865b3708dbc |
Verify the tool by typing abc and checking the digest matches the table. A single character change produces a completely different hash.
Security status and modern alternatives
RIPEMD-160 has no known practical collision attack as of publication, and it remains in active use in Bitcoin, hardware security modules, and PGP fingerprints. However, its 160-bit output provides only around 80 bits of collision resistance due to the birthday bound — smaller than the 128 bits offered by SHA-256.
For new systems that do not require Bitcoin compatibility, prefer SHA-256 or BLAKE3, which offer a wider security margin and are generally faster on modern hardware. For Bitcoin address or script hash work, RIPEMD-160 remains the required standard and this tool provides the correct implementation.
Do not use RIPEMD-160 (or any fast hash) to store passwords. Use Argon2, bcrypt, or scrypt instead.