Does SHA-2 Hashing use a key?

Question

From personal knowledge I know SHA-2 hashes are irreversible and do not use a key.

But a person I know has contradicted the above very confidently, I'm now confused and couldn't find the answer I wanted by googling.

Can anyone clear me up on this issue ?

Thanks

I'm not looking for anything, I need to know if SHA-2 uses a key or not. — Marco, Aug 29 '13 at 17:18
It (SHA-2) does not use a key. The "person you know" is wrong and may have confused hashing with HMAC (hashed message authentication code). — Dan Anderson, Jul 03 '19 at 15:50

score 7 · Answer 1 · answered Aug 29 '13 at 19:34

Hash functions like SHA-* do not need a key, they just calculate a hash-value from any input.

There are other functions like HMAC, which indeed use a key, together with a hash function. So it is possible to use a key together with SHA-2, to generate a HMAC, that's what the person possibly had in mind, and what SLaks tried to point out. A HMAC has a different purpose than a hash function though.

score 4 · Answer 2 · answered Aug 29 '13 at 17:22

4

SHA-2, like all hash algorithms, do not use keys.

The definition of a hash function is a map from a single input to an output.

answered Aug 29 '13 at 17:22

SLaks

868,454
176
1,908
1,964

1

True, but to elaborate (since a lot of people *think* they are using a key/salt for e.g. SHA-2): All hash functions either calculate a hash-digest **without a key** or HMAC (hashed message authentication code) **with a key**. For R for example, the `openssl` package uses HMAC under the hood to support salted hashing with SHA-2. – MS Berends Aug 01 '22 at 15:25

Does SHA-2 Hashing use a key?

2 Answers2