RIPEMD-160 Hash Calculator
// instant hashing — no data leaves your browser
Text Hash
File Hash
Random Hashes
Frequently Asked Questions
What is a cryptographic hash function?
A cryptographic hash function takes an input of any size and produces a fixed-length digest. Three properties define it: determinism (same input always gives the same output), pre-image resistance (you cannot reverse the hash to recover the input), and collision resistance (it is computationally infeasible to find two different inputs that produce the same digest).
What is RIPEMD?
RIPEMD (RACE Integrity Primitives Evaluation Message Digest) is a family of cryptographic hash functions developed in the mid-1990s by Hans Dobbertin, Antoon Bosselaers, and Bart Preneel at KU Leuven, as part of the EU-funded RACE project. The original 1992 RIPEMD had weaknesses similar to MD4; the strengthened variants — RIPEMD-128, RIPEMD-160, RIPEMD-256, and RIPEMD-320 — were published in 1996 and are the current standard. Unlike the NIST SHA family, RIPEMD was designed independently in Europe and has never been subject to NIST deprecation timelines.
Are RIPEMD hashes safe for passwords?
No. All RIPEMD variants are designed to be fast, which is ideal for integrity checking but harmful for password storage — a fast hash lets attackers brute-force millions of candidates per second. For passwords, use a purpose-built slow algorithm: bcrypt, scrypt, or Argon2, all of which incorporate salting and adjustable work factors.
How does RIPEMD.com ensure privacy?
All hashing runs entirely inside your browser using crypto-api by nf404 — a pure-JavaScript library that computes RIPEMD digests locally without any network calls. No text, no file content, and no hash output is ever transmitted to any server. You can verify this by running the tool while offline — it works identically.
What output formats are available?
Hex (lowercase hexadecimal) is the most common format used in tooling and documentation. HEX is the same in uppercase. Base64 encodes the raw digest bytes as a compact string using the standard Base64 alphabet — note that the + and / characters are not URL-safe and require percent-encoding when embedded in a URL; use hex instead if URL embedding is needed. Binary shows each byte's individual bits, useful for educational and low-level inspection purposes.
What is RIPEMD-160?
RIPEMD-160 is the most widely deployed member of the RIPEMD family, producing a 160-bit (20-byte) digest typically represented as a 40-character hex string. Published in 1996, it uses a dual parallel pipeline design on a Merkle–Damgård construction — two independent computation paths are run simultaneously and merged at each compression step, a structure that significantly hardens it against the differential attacks that broke earlier single-pipeline designs like MD4 and the original RIPEMD.
Where is RIPEMD-160 used?
RIPEMD-160 sees its most prominent use in cryptocurrency infrastructure. Bitcoin address generation applies RIPEMD-160 to a SHA-256 digest of the public key — the combined HASH160 operation produces the 20-byte payload embedded in a Pay-to-Public-Key-Hash (P2PKH) address. OpenPGP (RFC 4880) uses RIPEMD-160 as one of its supported hash algorithms for key fingerprints and message signatures. It is also available in TLS cipher suites and X.509 certificate processing, though SHA-256 is preferred in most modern deployments.
Is RIPEMD-160 still secure?
RIPEMD-160 is considered secure against all known practical attacks. No collision has ever been demonstrated against the full 160-bit variant, and no pre-image attack is known. It has seen less cryptanalytic scrutiny than SHA-256, which is a reason to prefer SHA-256 for new general-purpose systems. However, for applications already built on RIPEMD-160 — particularly Bitcoin and OpenPGP — migration is unnecessary on security grounds alone.
Can RIPEMD-160 be reversed or cracked?
RIPEMD-160 has no known mathematical inverse. Brute-forcing a 160-bit digest is computationally infeasible. For short or common inputs, precomputed rainbow tables could theoretically recover the original value — salt your data if that is a concern.
The RIPEMD family
The 1996 RIPEMD family contains four strengthened variants sharing the same dual-pipeline Merkle–Damgård construction. RIPEMD-128 and RIPEMD-160 are the primary designs — both use completely independent pipelines. RIPEMD-256 and RIPEMD-320 are extended-output variants that do not increase security beyond their 128 and 160-bit counterparts; they simply concatenate the two pipeline outputs to produce a wider digest for applications where digest length matters.
Variant comparison
| Algorithm | Digest | Block size | Rounds | Status | Common use |
|---|---|---|---|---|---|
| RIPEMD-128 | 128 bit · 32 hex | 512 bit | 4×16 | Use with care | Drop-in MD5 replacement, constrained environments |
| RIPEMD-160 | 160 bit · 40 hex | 512 bit | 5×16 | Secure | Bitcoin addresses, OpenPGP key fingerprints |
| RIPEMD-256 | 256 bit · 64 hex | 512 bit | 4×16 | Secure | Wider digest without SHA-2, same security as RIPEMD-128 |
| RIPEMD-320 | 320 bit · 80 hex | 512 bit | 5×16 | Secure | Wider digest without SHA-2, same security as RIPEMD-160 |
Which variant should I use?
RIPEMD-160 is the right default for almost all applications. It is the most studied, most widely deployed, and has the best library and tooling support of the four. RIPEMD-320 offers no security advantage over RIPEMD-160 — it only provides a wider output — but may be useful when a longer digest is a protocol requirement. Similarly, RIPEMD-256 extends RIPEMD-128 without strengthening it. RIPEMD-128 should only be chosen in environments where a 128-bit digest is strictly required and MD5 is undesirable.