What this SHA-512 generator does
This tool computes the SHA-512 cryptographic hash of any text you enter, returning a fixed 512-bit value as 128 hexadecimal characters. SHA-512 is used for file integrity, certificate signing, and as the basis for HMAC-SHA512 and the SHA-512/256 truncated variant.
How it works
SHA-512 is defined in NIST FIPS 180-4. The UTF-8 bytes of your text are padded so the length is congruent to 896 modulo 1024 bits, with the original 128-bit length appended. The message is processed in 1024-bit blocks through 80 rounds of compression over eight 64-bit working variables, using constants derived from the fractional parts of the cube roots of the first 80 primes. This tool uses the browser’s native crypto.subtle.digest("SHA-512", data), so output matches the standard exactly.
Why choose SHA-512 over SHA-256?
SHA-256 and SHA-512 are both members of the SHA-2 family and both remain cryptographically secure. The practical choice between them usually comes down to three factors:
Word size. SHA-512 operates on 64-bit words internally. On 64-bit processors — which now cover virtually all desktop, server, and mobile hardware — 64-bit arithmetic is native, so SHA-512 can be faster than SHA-256 in optimised implementations despite processing twice the output bits.
Output length. SHA-512 produces a 512-bit (64-byte) digest compared to SHA-256’s 256 bits. For applications that store or transmit the digest, the larger output costs more storage and bandwidth. For most integrity and signing use cases, 256 bits is already far beyond any foreseeable attack; 512 bits gives a larger safety margin if you are designing long-lived archives.
Side-channel resistance. Some implementations prefer SHA-512/256 — a truncated form of SHA-512 that produces a 256-bit output but internally runs the 64-bit rounds — because the SHA-512 round structure can be faster to implement in constant-time than SHA-256 on certain platforms.
The SHA-512 family: variants at a glance
| Variant | Output bits | Internal word size | Primary use |
|---|---|---|---|
| SHA-512 | 512 | 64-bit | Full-strength digest, file integrity |
| SHA-384 | 384 | 64-bit | TLS certificates, some signing |
| SHA-512/256 | 256 | 64-bit | Fast 256-bit output on 64-bit systems |
| SHA-512/224 | 224 | 64-bit | Compact digest on 64-bit systems |
What SHA-512 is and is not good for
Good uses:
- Verifying file downloads (compare published hash against computed hash)
- Digital signatures (SHA-512 as the digest inside RSA-SHA512 or ECDSA)
- HMAC-SHA512 for message authentication where you control both ends
- Hashing public, non-secret data for content addressing or deduplication
Not appropriate for:
- Storing passwords. A single SHA-512 pass is far too fast — a modern GPU can compute billions of hashes per second. Use a salted, slow KDF such as Argon2id, bcrypt, or scrypt for passwords.
- Random number generation. SHA-512 is a deterministic function; use
crypto.getRandomValuesfor randomness.
Tips and notes
- Operating on 64-bit words, SHA-512 is often faster than SHA-256 on modern 64-bit CPUs.
- A single changed character produces an entirely different digest (avalanche effect).
- Reference: the empty string hashes to
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e. - Plain SHA-512 is vulnerable to length-extension attacks, like SHA-256. Use HMAC-SHA512 when you need authentication, not just a hash.
- All computation happens in your browser using the native
crypto.subtleAPI — nothing is uploaded.