# Hashing Hashing is the process of converting input data of arbitrary size into a fixed-size output (called a hash or digest) using a mathematical function. A good hash function produces outputs that appear random, and even a small change in input produces a completely different hash. Hash functions are deterministic: the same input always produces the same output. Common hash algorithms include SHA-256, SHA-3, and BLAKE2 for general-purpose hashing, and bcrypt, scrypt, and Argon2 for password hashing. Cryptographic hash functions are designed to be one-way (computationally infeasible to reverse) and collision-resistant (hard to find two inputs with the same output). In API security, hashing is used extensively. API keys and passwords are stored as hashes rather than plaintext. HMAC (Hash-based Message Authentication Code) is used to verify the integrity and authenticity of API requests. Content hashing enables cache validation through ETags, allowing API gateways to determine whether a cached response is still valid without fetching the full response from the backend. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.serverlessapigateway.com/glossary/h/hashing.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.