RIPEMD-160 Hash Generator

Generate RIPEMD-160 or HMAC-RIPEMD-160 output with configurable input and output encoding.

Open Funify Notes

Tool

Generate RIPEMD-160 Hash

Use the RIPEMD-160 form in the right sidebar to choose input encoding, output encoding, and optional HMAC key, then press Generate to show the result.

Input text

Output hash

This RIPEMD-160 tool is for educational reference, testing, and quick browser experiments. Do not use it with sensitive, confidential, or production data.

Overview

What this tool does

This browser-based RIPEMD-160 tool generates a plain RIPEMD-160 digest or HMAC-RIPEMD-160 output from UTF-8 text, HEX bytes, or Base64 data. It is designed for learning, quick verification, compatibility checks, and browser-based integrity testing.

A practical starting point is UTF-8 input, HEX output, and no HMAC key, then compare the same value again with HMAC enabled.

How To

How to use this tool

  1. 1

    Enter input text

    Type or paste the text, encoded value, or sample data you want to hash in the input area.

  2. 2

    Select the input encoding

    Choose UTF-8, HEX, or Base64 so the tool reads the source value in the correct format.

  3. 3

    Choose output settings

    Select HEX or Base64 for the generated digest. HEX output can be normalized with the upper-case or lower-case buttons.

  4. 4

    Optionally add an HMAC key

    Enter a UTF-8 HMAC key if you want to compute HMAC-RIPEMD-160 instead of a plain RIPEMD-160 hash.

  5. 5

    Generate the hash

    Press Generate to compute the result.

  6. 6

    Review and normalize the result

    Check the output and selected settings, then use upper-case or lower-case conversion when the output format is HEX.

Guide

Detailed guide to RIPEMD-160 hash: algorithm, design, and applications

Thumbnail image for the hash ripemd160.

Understanding RIPEMD-160 hashing

RIPEMD-160 (RACE Integrity Primitives Evaluation Message Digest with 160-bit output) is a cryptographic hash function developed by the RIPE (RACE Integrity Primitives Evaluation) project as part of the European Union's RACE research program. It was designed by Hans Dobbertin, Antoon Bosselaers, and Bart Preneel at the COSIC research group of KU Leuven. RIPEMD-160 produces a fixed 160-bit (20-byte) digest, typically rendered as a 40-character hexadecimal string. According to the original RIPEMD-160 specification by the COSIC research group at KU Leuven, the algorithm was designed as a strengthened replacement for the original RIPEMD and RIPEMD-128, offering a conservative security margin through its unique dual-line parallel compression structure. RIPEMD-160 is notably used in Bitcoin address generation and remains one of the few non-SHA hash functions with significant real-world deployment.

RIPEMD-160 algorithm architecture

The internal structure of RIPEMD-160 is distinctive among hash functions because it uses a dual-line parallel design. Unlike SHA-256, which uses one main compression path for each message block, RIPEMD-160 processes data through two parallel computation lines whose results are combined at the end. The algorithm follows these stages:

  1. Padding: The input message is padded to a length congruent to 448 modulo 512 bits, following the standard Merkle-Damgård padding scheme.
  2. Appending length: A 64-bit representation of the original message length (in bits) is appended, making the total length a multiple of 512 bits.
  3. Initialization: Five 32-bit registers (A, B, C, D, E) are initialized with specific constants for each of the two parallel lines.
  4. Dual-line compression: Each 512-bit block passes through two parallel processing lines (left and right), each containing five rounds of 16 operations with different Boolean functions and constants. The left line uses functions from the original RIPEMD design, while the right line uses a complementary set.
  5. Combining outputs: After processing all blocks, the results from the left and right lines are combined through a feed-forward operation, producing the final 160-bit digest.

RIPEMD-160 vs SHA-256 comparison table

Understanding how RIPEMD-160 compares to the widely adopted SHA-256 helps developers choose the appropriate hash function for their specific use case. The NIST Hash Functions project provides authoritative guidance on approved cryptographic hash functions. The table below summarizes the key differences:

Property RIPEMD-160 SHA-256
Digest size 160 bits (20 bytes) 256 bits (32 bytes)
Block size 512 bits 512 bits
Internal structure Dual-line parallel (2 chains) Single line (1 chain)
Number of rounds 80 steps per line (5 rounds x 16 steps, two parallel lines) 64
Collision resistance 280 (no practical collisions known) 2128 (no practical collisions known)
Speed (software) Implementation-dependent Implementation-dependent
NIST approval Not standardized by NIST FIPS 180-4 approved
Primary use Bitcoin addresses, legacy systems, education Digital signatures, certificates, general security

HMAC-RIPEMD-160

HMAC (Hash-Based Message Authentication Code) is a standardized mechanism that combines a cryptographic hash function with a secret key to provide both data integrity and authenticity verification. As documented in RFC 2104: HMAC: Keyed-Hashing for Message Authentication, HMAC is designed to resist length extension attacks that affect plain Merkle-Damgård hash functions. When HMAC-RIPEMD-160 is used, the secret key is XORed with two fixed padding constants (ipad and opad) before being hashed with the message. This construction provides a dual benefit: it protects against length extension attacks, and it ensures that only parties who share the secret key can verify the authenticity of a message. For modern applications, HMAC-SHA256 is generally preferred, but HMAC-RIPEMD-160 remains relevant for compatibility with certain legacy protocols and blockchain-related systems.

  • Keyed authentication: HMAC-RIPEMD-160 verifies both the integrity and the origin of a message when both parties share a secret key.
  • Length extension resistance: Unlike plain RIPEMD-160, HMAC-RIPEMD-160 is not vulnerable to length extension attacks because the key is mixed into both the inner and outer hash computations.
  • Compatibility testing: HMAC-RIPEMD-160 can still be useful when you need to reproduce legacy test vectors or verify systems that explicitly specify this keyed hash.
  • Legacy compatibility: Some older protocols and embedded systems still specify HMAC-RIPEMD-160 for backward compatibility.

Security considerations

RIPEMD-160 is historically important and offers stronger security guarantees than legacy hash functions like MD5 and SHA-1, but it is still not the optimal choice for all modern security-sensitive applications. Understanding its security posture requires examining several dimensions:

  • Collision resistance: RIPEMD-160 provides a 160-bit output, offering 280 collision resistance. No practical collision attacks have been demonstrated against the full RIPEMD-160 algorithm as of 2026. The US-CERT Vulnerability Note VU#836068 discusses the general risks of broken hash functions and contrasts them with algorithms like RIPEMD-160 that remain unbroken in practice.
  • Preimage resistance: Preimage attacks against RIPEMD-160 remain computationally impractical with current technology, requiring approximately 2160 operations for a full preimage.
  • Length extension: Like all Merkle-Damgård hash functions, plain RIPEMD-160 is vulnerable to length extension attacks. HMAC-RIPEMD-160 mitigates this concern for authentication scenarios.
  • Output length: The 160-bit digest is shorter than SHA-256 (256 bits), providing a lower security margin. For applications requiring resistance against quantum computing advances, longer digests are advisable.
  • Password storage: RIPEMD-160 is too fast for safe password hashing. Use Argon2, bcrypt, or PBKDF2 for password storage rather than any general-purpose cryptographic hash function.

Applications of RIPEMD-160

RIPEMD-160 occupies a unique position in the cryptographic landscape. While less widely adopted than SHA-256, it has found several important niche applications that ensure its continued relevance:

  • Bitcoin address generation: RIPEMD-160 is used in the Bitcoin address generation process as part of the HASH160 operation (SHA-256 followed by RIPEMD-160). This dual-hash approach is specified in the Bitcoin protocol for creating shorter, more user-friendly addresses.
  • File integrity checksums: RIPEMD-160 can be used to generate checksums for downloaded files, providing a non-NIST alternative for integrity verification.
  • OpenPGP and GPG ecosystems: Some PGP implementations support RIPEMD-160 as a hashing option for signatures and key fingerprints.
  • Educational reference: RIPEMD-160's unique dual-line design makes it an excellent case study in cryptography courses for understanding alternative hash function architectures.
  • Legacy system compatibility: Older software and embedded systems may still rely on RIPEMD-160 for hash-based operations.

RIPEMD-160 checksum verification table

When verifying data integrity using RIPEMD-160 checksums, it is important to understand how different input encodings produce different hash outputs. The following table shows RIPEMD-160 hash values for common test inputs using various encoding configurations:

Input text Input encoding Output encoding RIPEMD-160 hash (HEX)
Hello, World! UTF-8 HEX 527a6a4b9a6da75607546842e0e00105350b1aaf
hello UTF-8 HEX 108f07b8382412612c048d07d13f814118445acd
RIPEMD160 UTF-8 HEX 485e7741aaeacfc358c67641fb82dbbc265169ad
48656c6c6f (UTF-8 "Hello" in HEX) HEX HEX d44426aca8ae0a69cdbc4021c64fa5ad68ca32fe
aGVsbG8= (UTF-8 "hello" in Base64) Base64 HEX 108f07b8382412612c048d07d13f814118445acd

History of RIPEMD-160 timeline

RIPEMD-160 has a rich history spanning over three decades, from its origins in European research initiatives to its adoption in blockchain technology. The timeline below summarizes the key milestones:

Year Event Significance
1992 RIPE project begins The RACE Integrity Primitives Evaluation project initiates the development of openly designed cryptographic hash functions as a European alternative to US-developed algorithms.
1996 RIPEMD-160 published Dobbertin, Bosselaers, and Preneel introduce RIPEMD-160 with a 160-bit output and a novel dual-line parallel compression structure, addressing weaknesses in the original RIPEMD.
2004 MD5 collisions demonstrated The practical collision attacks against MD5 highlight the conservative design choices in RIPEMD-160 and increase interest in alternative hash functions.
2009 Bitcoin adoption Satoshi Nakamoto's Bitcoin protocol adopts RIPEMD-160 for address generation via the HASH160 operation, giving the algorithm significant real-world deployment.
2010s NIST SHA-3 competition While SHA-3 (Keccak) wins the NIST competition, RIPEMD-160 maintains its niche role in blockchain ecosystems and continues to be studied for its unique design.
Present Continued use in blockchain RIPEMD-160 remains unbroken and continues to be used in Bitcoin, Litecoin, and other cryptocurrency address generation systems alongside SHA-256.

Advanced configuration tips

  • Input encoding discipline: Use UTF-8 for plain text, HEX for hexadecimal bytes, and Base64 only when the source really is Base64 encoded data. Choosing the wrong encoding will produce a different digest even for the same visible characters.
  • Output format: HEX output is easier to compare with documentation, command-line tools, and published checksum samples. Base64 output is more compact than HEX (28 characters with padding for a 20-byte RIPEMD-160 digest) but is case-sensitive.
  • Odd-length HEX handling: If the HEX input length is odd, the tool prepends a leading zero before parsing, matching the original implementation logic.
  • HMAC usage: Entering a key switches the result from plain RIPEMD-160 to HMAC-RIPEMD-160, so the output will differ even when the input text stays the same. This is expected behavior per the HMAC specification.
  • Validation workflow: Test with short known samples first, compare against trusted libraries when exact matching matters, and always record the input encoding, output encoding, and HMAC key state for reproducibility.

Limitations and cautions

  • Client-side processing: Everything runs in the browser using CryptoJS. No data is sent to any server, which means the tool works offline after the initial page load.
  • Not for passwords: RIPEMD-160 is too fast for safe password storage. Use dedicated password hashing algorithms such as Argon2, bcrypt, or PBKDF2.
  • Legacy strength level: While unbroken, RIPEMD-160 provides a 160-bit digest, which offers a lower security margin than SHA-256 (256 bits) or SHA-3. For new systems, SHA-256 or SHA-3 is generally preferred.
  • Encoding sensitivity: A wrong input format can produce an error or a different digest than expected. Always verify that the input encoding matches the actual format of the data you are hashing.
  • Browser dependency: The page assumes a modern browser with JavaScript enabled. The CryptoJS library is loaded from a CDN, so an internet connection is required on the first visit.

Results are for educational and testing purposes only. Output can vary based on the input bytes, encoding choice, and whether HMAC is enabled. For production security needs, always use audited libraries and NIST-approved cryptographic algorithms where possible.

FAQ

Frequently asked questions

Can I hash HEX input with this page?

Yes. Select HEX as the input encoding. The tool validates the characters and pads an odd-length HEX value with a leading zero before parsing.

What happens if I enter an HMAC key?

When you enter an HMAC key, the page generates HMAC-RIPEMD-160 instead of a plain RIPEMD-160 hash.

Can I use upper case or lower case conversion for Base64 output?

No. The case conversion buttons are intended for HEX output and are disabled when Base64 output is selected.

Is this page suitable for password hashing or modern high-security systems?

No. This page is mainly for educational and testing purposes. For password storage use Argon2, bcrypt, or PBKDF2, and for modern secure digests prefer SHA-256 or SHA-3.