SHA-224 Hash Generator

Compute the 224-bit SHA-2 digest of any text

Generate the 224-bit SHA-224 hash of any text in your browser. SHA-224 is a truncated SHA-256 variant from the SHA-2 family, producing a 56-character hexadecimal digest computed entirely on your device. It runs free in your browser on Gera Tools, with nothing uploaded.

Last updated Source: Gera Tools

What is SHA-224?

SHA-224 is a member of the SHA-2 family that produces a 224-bit digest, shown as 56 hexadecimal characters. It is computed with the SHA-256 algorithm using different initial values and a truncated output.

What SHA-224 produces

SHA-224 is a member of the SHA-2 family that outputs a 224-bit digest, displayed as 56 hexadecimal characters. It offers a slightly shorter fingerprint than SHA-256 while retaining the same security foundation, making it useful when storage or bandwidth is tight and a 256-bit output would be wasteful.

How SHA-224 works

SHA-224 shares the SHA-256 compression function exactly — same 64 rounds, same round constants (K[0..63]), same message schedule expansion, same Ch, Maj, and sigma operations on 32-bit words. The differences are small but meaningful:

Different initial hash values (h0–h7):

SHA-224 starts from a distinct set of eight 32-bit constants derived from the fractional parts of the square roots of the 9th through 16th primes, rather than the 2nd through 9th primes used by SHA-256:

h0 = 0xc1059ed8
h1 = 0x367cd507
h2 = 0x3070dd17
h3 = 0xf70e5939
h4 = 0xffc00b31
h5 = 0x68581511
h6 = 0x64f98fa7
h7 = 0xbefa4fa4

Truncation at the end:

After processing all 512-bit blocks, the eight 32-bit state words are available, but only the first seven are concatenated. The eighth word (h7) is discarded, giving a 224-bit output instead of 256.

Message padding is identical to SHA-256: append a 1 bit, zero-pad, and append a 64-bit big-endian bit count, aligning to a 512-bit boundary.

Because browsers expose SHA-256 through the Web Crypto API but not SHA-224, this tool implements the full algorithm in JavaScript so the output matches any standard SHA-224 library.

Reference values

These are canonical SHA-224 test vectors from FIPS 180-4:

InputSHA-224 digest
(empty)d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f
abc23097d223405d8228642a477bda255b32aadbce4bda0b3f7e36c9da7
abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq75388b16512776cc5dba5da1fd890150b0c6455cb4f58b1952522525

Paste one of these inputs and check the output matches to confirm the tool is computing correctly.

Why use SHA-224 instead of SHA-256?

SHA-224 is appropriate when:

  • You need a 224-bit fingerprint to match an existing system or protocol that specifies it (for example, some TLS cipher suites and ECDSA-with-SHA-224 signatures).
  • Storage is genuinely constrained and you want to save 4 bytes per hash over SHA-256.
  • You want a 2:1 collision security margin at 112 bits — the same level as a 2048-bit RSA key — without the overhead of a 256-bit output.

SHA-224 is not a good choice when:

  • Compressing to 56 hex characters saves no practical space in your system.
  • You need SHA-256 for compatibility with HMAC-SHA-256, JWT, or S3 signature algorithms that specifically require SHA-256.
  • You want native browser acceleration — crypto.subtle supports SHA-256 natively, while SHA-224 requires a JavaScript implementation like this tool.

What this tool is not for

SHA-224 is a fast hash — it runs millions of times per second on modern hardware. That speed is useful for integrity and fingerprinting but makes it unsuitable for password storage, where you want computation to be slow. For passwords, use Argon2, bcrypt, or scrypt. Everything in this tool runs locally in your browser; no text is uploaded.