Is there a limit for sha256 input?

hash sha256

Jackson · Jun 30, 2013 · Viewed 24.6k times · Source

When hashing a string, like a password, with sha256, is there a limit to the length of the string I am hashing? For example, is it only "safe" to hash strings that are <= 64 characters?

Answer

There is technically a limit, but it's quite large. The padding scheme used for SHA-256 requires that the size of the input (in bits) be expressed as a 64-bit number. Therefore, the maximum size is (2⁶⁴-1)/8 bytes ~= 2'091'752 terabytes.

That renders the limit almost entirely theoretical, not practical.

Most people don't have the storage for nearly that much data anyway, but even if they did, processing it all serially to produce a single hash would take an amount of time most would consider prohibitive.

A quick back-of-the-envelope kind of calculation indicates that even with the fastest enterprise SSDs currently¹ listed on Tom's hardware, and striping them 16 wide to improve bandwidth, just reading that quantity of data would still take about 220 years.

^{1. As of April 2016.}

Is there a limit for sha256 input?

Answer

Related questions