SHA-384 hash generator

Hash text or files with SHA-384 — free and entirely in your browser. Nothing is uploaded, nothing is stored.

drop a file here or browse any size · read locally, never uploaded
SHA-384

the hash appears here — type above or drop a file


Where you'll actually meet SHA-384

SHA-384 is the quiet workhorse of transport security. TLS cipher suites like TLS_AES_256_GCM_SHA384 use it, certificates for high-assurance profiles are signed with it, and the CNSA suite (the U.S. government's commercial crypto baseline) names it explicitly. On the web it appears in Subresource Integrity attributes — integrity="sha384-…" — pinning a script to its exact content. Download pages use it less often than SHA-256, but 96-character checksums do show up around enterprise software.

Its relationship to SHA-512

SHA-384 is SHA-512 wearing a different jacket: the same 64-bit engine, started from different initial values, with the output truncated to 384 bits. Two consequences worth knowing. First, it inherits SHA-512's speed profile on 64-bit CPUs. Second, you can't derive one from the other — the SHA-384 of a file is not the first 96 characters of its SHA-512.

A quirk in its favor: length extension

Plain SHA-256 and SHA-512 leak their full internal state in the digest, so someone who knows hash(secret + message) can compute the hash of secret + message + more without the secret — the length-extension attack. Because SHA-384 throws away part of its state at the end, that trick fails. It's not a reason to skip HMAC where a keyed hash belongs, but it's a genuine structural advantage over its siblings.

Checking a SHA-384 value

Paste the expected 96-character hash into the compare field above, or the verify tool will recognize the length for you — noting that 96 hex characters could also be SHA3-384, since length alone can't distinguish them. In terminals: shasum -a 384, sha384sum, or certutil -hashfile file SHA384.

questions

Where is SHA-384 actually used?

Mostly in TLS cipher suites and certificates (it pairs with the P-384 elliptic curve in many government and enterprise profiles), in Subresource Integrity hashes, and anywhere a policy asks for more margin than SHA-256 without going to full SHA-512.

How does SHA-384 differ from SHA-512?

Same engine, different tuning: SHA-384 uses distinct initial values and truncates the result to 384 bits (96 hex characters). You can't shorten a SHA-512 hash to get the SHA-384 of the same input — they're different values from the first character.

Why would I pick SHA-384 over SHA-256?

Two honest reasons: a compliance profile (CNSA and various government suites specify it), or protection against length-extension attacks — because it's truncated, an attacker who knows your hash can't extend the message. For everyday download checks, SHA-256 is plenty.

How long is a SHA-384 hash?

96 hexadecimal characters (48 bytes). If you have a 96-character hex string, it's SHA-384 or its Keccak cousin SHA3-384 — length alone can't tell them apart.