Skip to content
Hash Generator

Glossary

Preimage Resistance

Preimage resistance means that given a hash output you cannot find any input that produces it. It is what makes a cryptographic hash 'one-way'.

Preimage resistance is the property that, given a digest h, it is infeasible to find any input m such that H(m) = h. This is what people mean when they call a hash one-way: you can compute the digest forward, but not invert it.

There are two related notions:

  • First-preimage resistance: given h, find any m with H(m) = h. Cost should be about 2^n for an n-bit hash.
  • Second-preimage resistance: given a specific m1, find a different m2 with the same digest. Also about 2^n.

Preimage resistance is independent of collision resistance: MD5 is collision-broken but still preimage resistant in practice. Note that preimage resistance does not protect short, guessable inputs like passwords — those fall to brute force regardless, which is why password storage needs a slow key derivation function.

Learn more in how cryptographic hashing works, or hash something in your browser.