Cryptographic hashing · Avalanche property

Hash Avalanche

Paste a message and watch its SHA-256 bit grid. Change one character; about half the bits flip.

A cryptographic hash function maps any input to a fixed-size output that should look uniformly random. The avalanche property says: change one bit of input, and about half the output bits should flip. Without that property, similar inputs would produce similar hashes — and attackers could forge messages by tweaking real ones. SHA-256 has it by design. This demo computes real SHA-256 in your browser via the Web Crypto API; the bit grid you see is exactly what your operating system computes when it verifies a git commit, a TLS certificate, or a software-update signature.

Message AMessage B

0.0%

of bits differ — 0 of 256

A cryptographic hash should hover near 50% even for one-character input changes. Edit either input to explore.

SHA-256 of A

computing…

SHA-256 of B

computing…

bit is 1, same in bothbit is 0, same in bothdiffers between A and B

What’s happening under the hood

›SHA-256 produces a 256-bit output (32 bytes, displayed as 64 hex characters). The bit grid shows all 256 bits laid out in 8 rows of 32.
›Avalanche is measured by Hamming distance — count of differing bits. Ideal value for a one-character change: ~128 bits (50%). SHA-256 hovers right around that.
›The Web Crypto API (crypto.subtle.digest) runs the same SHA-256 implementation browsers use for HTTPS certificate verification — no JS-level reimplementation needed.

Dig deeper

Phase 7 · Security Engineering

The concept you just explored is taught with full depth in the formal DURA curriculum.