SHA-384 hash generator
Hash text or files with SHA-384 — free and entirely in your browser. Nothing is uploaded, nothing is stored.
the hash appears here — type above or drop a file
Where you'll actually meet SHA-384
SHA-384 is the quiet workhorse of transport security. TLS cipher suites like TLS_AES_256_GCM_SHA384 use it, certificates for high-assurance profiles are signed with it, and the CNSA suite (the U.S. government's commercial crypto baseline) names it explicitly. On the web it appears in Subresource Integrity attributes — integrity="sha384-…" — pinning a script to its exact content. Download pages use it less often than SHA-256, but 96-character checksums do show up around enterprise software.
Its relationship to SHA-512
SHA-384 is SHA-512 wearing a different jacket: the same 64-bit engine, started from different initial values, with the output truncated to 384 bits. Two consequences worth knowing. First, it inherits SHA-512's speed profile on 64-bit CPUs. Second, you can't derive one from the other — the SHA-384 of a file is not the first 96 characters of its SHA-512.
A quirk in its favor: length extension
Plain SHA-256 and SHA-512 leak their full internal state in the digest, so someone who knows hash(secret + message) can compute the hash of secret + message + more without the secret — the length-extension attack. Because SHA-384 throws away part of its state at the end, that trick fails. It's not a reason to skip HMAC where a keyed hash belongs, but it's a genuine structural advantage over its siblings.
Checking a SHA-384 value
Paste the expected 96-character hash into the compare field above, or the verify tool will recognize the length for you — noting that 96 hex characters could also be SHA3-384, since length alone can't distinguish them. In terminals: shasum -a 384, sha384sum, or certutil -hashfile file SHA384.
questions
Where is SHA-384 actually used?
Mostly in TLS cipher suites and certificates (it pairs with the P-384 elliptic curve in many government and enterprise profiles), in Subresource Integrity hashes, and anywhere a policy asks for more margin than SHA-256 without going to full SHA-512.
How does SHA-384 differ from SHA-512?
Same engine, different tuning: SHA-384 uses distinct initial values and truncates the result to 384 bits (96 hex characters). You can't shorten a SHA-512 hash to get the SHA-384 of the same input — they're different values from the first character.
Why would I pick SHA-384 over SHA-256?
Two honest reasons: a compliance profile (CNSA and various government suites specify it), or protection against length-extension attacks — because it's truncated, an attacker who knows your hash can't extend the message. For everyday download checks, SHA-256 is plenty.
How long is a SHA-384 hash?
96 hexadecimal characters (48 bytes). If you have a 96-character hex string, it's SHA-384 or its Keccak cousin SHA3-384 — length alone can't tell them apart.