Hashing

Hashing is a mathematical process that converts data of any size into a fixed-length string of characters (a hash value or digest). Unlike encryption, hashing is a one-way process — you can create a hash from data, but you can't reconstruct the original data from the hash. Hash values are unique to the input data — even a tiny change in the input produces a completely different hash.

Hashing is used to verify data integrity (confirming files haven't been modified), store passwords securely (storing hashes instead of plain text passwords), and create digital signatures. Common hash algorithms include SHA-256 and SHA-3.

Why It Matters

Hashing supports integrity verification required by CMMC. Using hashes to verify that critical files, configurations, and software haven't been tampered with is a practical implementation of integrity controls.

Related Resources

NIST 800-53: SI-19(4)