Converter Web ToolsConverter WebTools

SHA-384 Hash

Generate a SHA-384 hash from any text instantly. Everything is computed in your browser, so your input never leaves your device.

Input
Output
Share Link
Settings
Hash

What is SHA-384?

SHA-384 is a cryptographic hash function from the SHA-2 (Secure Hash Algorithm 2) family, producing a fixed 384-bit (48-byte) digest typically displayed as a 96-character hexadecimal string. It is a one-way function: computationally infeasible to reverse. The tool processes your input entirely in the browser—no servers see your data—making it ideal for verifying file integrity, securing digital signatures, and authentication workflows where privacy matters.

How SHA-384 works

SHA-384 processes input data through multiple rounds of mathematical operations including bitwise shifts, logical functions, and modular addition. The algorithm works in two main stages:

  1. Pre-processing: The input message is padded to a multiple of 1024 bits, and a 128-bit length field is appended.
  2. Hashing: The padded message is processed in 1024-bit blocks through 80 rounds of operations using eight 64-bit state variables (called a, b, c, d, e, f, g, h) and a series of constants derived from the first 64 prime numbers.

Why the name "384"? SHA-384 is structurally identical to SHA-512 but uses different initial hash values and truncates the output to only the first 384 bits (discarding the final 128 bits of the 512-bit result).

Worked Example (conceptual structure):
Input: "Hello"
Process: Apply padding, split into 1024-bit blocks, perform 80 transformation rounds on the state variables.
Output: A unique 96-character hexadecimal string representing the 384-bit hash. Each time "Hello" is hashed, the output is identical; changing even one character of the input produces a completely different hash (the "avalanche effect").

How to use

  1. Type or paste your text into the input box.
  2. The SHA-384 hash is calculated automatically as you type.
  3. Choose your output encoding (Hex or Base64) if needed.
  4. Click Copy to copy the digest to your clipboard.

Common uses

  • Verifying file downloads and software integrity: compare a file's SHA-384 hash against a published checksum to confirm the file hasn't been corrupted or tampered with.
  • Digital signatures and certificates: used in public-key cryptography to create unique fingerprints of documents and verify authenticity.
  • Password storage and authentication: while not a replacement for salted bcrypt, SHA-384 hashes can be used in security protocols and access control systems.
  • Data deduplication: identifying duplicate files or database records by comparing hash values rather than entire contents.
  • API request authentication: generating HMAC-SHA384 signatures to authenticate API calls and prevent request tampering.
  • Blockchain and ledger systems: creating transaction digests and maintaining data integrity in distributed systems.

Frequently asked questions

Is SHA-384 secure?
Yes, SHA-384 is cryptographically secure and recommended by NIST for federal applications. No practical attacks exist that can break it faster than brute-force attempts.
Can the hash be reversed to get the original input?
No. SHA-384 is a one-way function; it is computationally infeasible to reverse a hash back to its original input.
How long is the SHA-384 output?
SHA-384 produces a 384-bit digest, which is 48 bytes or 96 hexadecimal characters when displayed in hex format.
What's the difference between SHA-384 and SHA-512?
SHA-384 and SHA-512 use the same algorithm but different initial values and output lengths. SHA-384 truncates the result to 384 bits, while SHA-512 outputs all 512 bits.
Is my data safe with this browser-based tool?
Yes. This tool runs entirely in your browser using JavaScript; no data is uploaded to servers, and nothing is logged or stored.
Should I use SHA-384 for password hashing?
SHA-384 should not be the sole mechanism for password hashing; use dedicated slow hashing algorithms like bcrypt, scrypt, or Argon2 that include salting and make brute-force attacks impractical.