Back to glossary

Keccak256

Table of Contents

What is Keccak256

Keccak256 is a cryptographic hash function used to generate a unique 256-bit output, or "hash" from any given input. Regardless of the size or complexity of the input data, the output is always a fixed-length 256-bit string. This transformation is one-way, meaning it is computationally infeasible to reverse the hash to recover the original input. Additionally, this process is deterministic, meaning that the same input will always produce the same output. Even a minor alteration in the input, such as changing a single character, will result in a dramatically different hash output.

What does Keccak256 do

The primary function of Keccak256 is to ensure data integrity and security. Determinism is an essential property for verifying data integrity.

Keccak256 is particularly resistant to collisions, meaning it is highly unlikely for two distinct inputs to generate the same hash. This property ensures that the output hash is unique to the input data. Additionally, Keccak256 is designed to protect against preimage attacks, making it exceedingly difficult to determine the original input based on the output hash alone.

Who uses Keccak256, and why

Keccak256 is widely used in blockchain systems, most notably in Ethereum. Developers, auditors, and blockchain users employ it to ensure the integrity, security, and transparency of their systems. The hash function’s robustness makes it a preferred tool in cryptographic applications.

  • Developers use Keccak256 hash functions to verify that data has not been altered. For example, instead of storing an entire piece of data, a developer might store the Keccak256 hash of it. Later, a copy of that data can be verified by passing it through the same Keccak256 hash function and comparing it to the stored hash. If the hashes match, the data has not been altered. This method is used to verify records like signatures, transaction logs, or contract terms. For more on how hash functions work, see "hash" and "hash function" in the Cyfrin glossary linked at the top of this page.
  • Smart contract developers use Keccak256 to create unique identifiers and validate conditions. For example, in Ethereum, a function signature like transfer(address,uint256) is hashed using Keccak256 to generate a unique 4-byte identifier (e.g., a9059cbb), ensuring the correct function is called. 
  • Blockchain users benefit from its ability to ensure the immutability and integrity of data within the network. In Ethereum, every transaction is hashed using Keccak256, generating a unique transaction hash (or "tx hash"). This hash acts as an identifier for the transaction, allowing anyone to track, verify, and reference specific transactions on the blockchain. The use of Keccak256 ensures that once a transaction is published, any attempt to alter it would change the hash, signaling that the data has been tampered with.
  • Cryptographers and security professionals use it for secure password hashing, digital signatures, and protecting sensitive data from tampering.

Use cases for Keccak256

Keccak256 is a versatile tool with plenty of real-world applications, especially where security and data verification are necessary. Here are a few:

  • Blockchain transactions: Every transaction on Ethereum goes through Keccak256. It hashes the transaction and its associated data to create a unique identifier that ensures neither the transaction nor the data can be tampered with after being published to the blockchain.
  • Smart contracts: Keccak256 is used in smart contracts for creating unique identifiers and verifying conditions securely. For example, it hashes function signatures (e.g., transfer(address,uint256)) to generate unique 4-byte identifiers, like a9059cbb, ensuring the correct function is called without ambiguity.
  • Digital signatures: Combining Keccak256 with encryption algorithms enables the creation of digital signatures, which authenticate messages or documents, proving their integrity and origin. For example, when someone signs a message with their private key, the message is first hashed using Keccak256 before the hash is then encrypted. The recipient can decrypt the signature with the sender's public key and compare the resulting hash with the hash of the original message to verify that it hasn't been altered and that it came from the correct sender.
  • Proof-of-Work (PoW): Keccak256 was utilized in Ethereum’s now-deprecated Proof-of-Work mechanism, where miners solved complex cryptographic puzzles to validate transactions and secure the network. Other blockchain networks like Maxcoin still use Keccak256 as their PoW hashing algorithm. In these systems, miners use computational power to find a valid hash below a target value, securing the network and confirming transactions.

Examples of Keccak256

Several real-world examples demonstrate the widespread use of Keccak256:

  • Password Hashing: Developers hash passwords using Keccak256 to increase security. When users log in, the system hashes their input and compares it to the stored hash.
  • Transaction Verification: Every Ethereum transaction is hashed with Keccak256. If a transaction's data is altered, the hash changes, indicating tampering.
  • Smart Contract Function Signatures: Keccak256 is used to generate unique identifiers for functions in Ethereum smart contracts, allowing the blockchain to distinguish between different functions without ambiguity.

For example, hashing the string "Hello, Ethereum!" with Keccak256 produces the following 256-bit hash:

ed2bdec58e9a1aabdf638c267d16b11fb3f92c987d6bd7a35647e017e584f50d

If the input is changed slightly, for example, replacing the exclamation mark with a question mark and hashing the string "Hello, Ethereum?", we get a completely different hash:

7ae57a70da707cd7c602db2f6761d30672aa3c1df257728217d6ad96e2f1a673

This illustrates how even the smallest change in the input produces a dramatically different hash, highlighting Keccak256's sensitivity to input variations.

Use of Keccak256 in code

Below is an example of how Keccak256 can be implemented in a Solidity smart contract:

// SPDX-License-Identifier: MIT
pragma solidity ^0.8.24;

contract ExampleContract {
    // Function to return the Keccak256 hash of an input string
    function getHash(string memory input) public pure returns (bytes32) {
        return keccak256(abi.encodePacked(input));
    }
}

Explanation:

  • The function getHash accepts a string as input.
  • Inside the function, Keccak256 is applied to the string, producing a 256-bit hash (bytes32).
  • This approach is often used in smart contracts for generating unique identifiers, verifying signatures, or securely mapping data.

Related Terms

No items found.
Cyfrin Updraft
Learn smart contract development, how to write secure smart contracts, and scalable protocols from world's leading experts.
Join Cyfrin Updraft for free
Paper plane icon
Weekly newsletter
Carefully crafted, short smart contract security tips and news freshly delivered every week.

Read about our

privacy policy
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Share this blog post