SHA3-384 is a cryptographic hash function from the SHA-3 family, standardized by NIST in FIPS 202. It produces a 384-bit hash value and is based on the Keccak sponge construction, making it fundamentally different from SHA-2. SHA3-384 offers strong security guarantees and is resistant to length extension attacks.

Yes, SHA3-384 is considered highly secure. As the latest NIST standard, it has undergone extensive cryptanalysis and has no known vulnerabilities. The 384-bit output provides 192 bits of security against collision attacks and 384 bits against preimage attacks, making it suitable for the most demanding security applications.

What is SHA3-384 used for?

SHA3-384 is used in various security applications including digital signatures, message authentication codes (HMAC), blockchain technology, file integrity verification, and password hashing. It's particularly valuable in systems requiring resistance to length extension attacks and in applications future-proofing against potential SHA-2 vulnerabilities.

How long is a SHA3-384 hash?

SHA3-384 produces a 384-bit (48-byte) hash value. In hexadecimal representation, it appears as 96 characters. In base64 encoding, it appears as 64 characters. The hash length is fixed regardless of the input size, whether you hash a single character or a multi-gigabyte file.

SHA3-384 Hash Generator

Q: How is SHA-3 different from SHA-2?

SHA-3 uses a completely different internal structure called the sponge construction (Keccak), while SHA-2 uses a Merkle-Damgård structure. This makes SHA-3 inherently resistant to length extension attacks and provides a different security profile. SHA-3 was designed as a backup to SHA-2 in case vulnerabilities are found in the SHA-2 family.

Generate secure SHA-3 cryptographic hashes with our free online tool. Support for all SHA-3 variants including 224, 256, 384, and 512-bit outputs.

SHA-3 Variant

Output Format

Text to Hash

SHA3-224

224 bits

112-bit security

SHA3-256

256 bits

128-bit security

SHA3-384

384 bits

192-bit security

SHA3-512

512 bits

256-bit security

SHA3-256 Hash

SHA3-256 hash will appear here...

What is SHA-3?

SHA-3 (Secure Hash Algorithm 3) is the latest member of the Secure Hash Algorithm family of standards, released by NIST in 2015. Unlike SHA-1 and SHA-2, which are based on the Merkle-Damgård structure, SHA-3 uses a completely different design called the sponge construction (Keccak algorithm). This makes SHA-3 highly secure and resistant to length extension attacks by design.

Sponge Construction: Unique design for enhanced security

Length Extension Resistant: Built-in protection

Variable Output: 224, 256, 384, or 512 bits

NIST Standard: FIPS 202 compliant

Understanding SHA-3 (Keccak)

SHA-3 (Secure Hash Algorithm 3) is the latest member of the Secure Hash Algorithm family, standardized by NIST in FIPS 202. Unlike its predecessors SHA-1 and SHA-2, SHA-3 is based on the Keccak sponge construction, which provides a fundamentally different approach to cryptographic hashing. This design offers enhanced security properties and built-in resistance to certain types of attacks.

The Sponge Construction

SHA-3 uses a unique sponge construction that absorbs input data and then squeezes out the hash. This design provides several advantages:

Built-in Length Extension Resistance: Unlike SHA-2, SHA-3 is naturally resistant to length extension attacks without additional mechanisms
Flexible Output Size: The sponge construction allows for variable-length output, though NIST standardized fixed lengths
Parallelizable: The design allows for efficient hardware implementation and parallel processing

SHA-3 Variants

Algorithm	Output Size	Security Level	Hex Length
SHA3-224	224 bits	112 bits (collision)	56 chars
SHA3-256	256 bits	128 bits (collision)	64 chars
SHA3-384	384 bits	192 bits (collision)	96 chars
SHA3-512	512 bits	256 bits (collision)	128 chars

Common Applications

Digital Signatures: Used in conjunction with signature algorithms like RSA and ECDSA
Blockchain and Cryptocurrencies: Some newer blockchain projects use SHA-3 for its security properties
Password Hashing: Often used in key derivation functions and password storage
Message Authentication: Can be used in HMAC constructions for message authentication

NIST Standard: SHA-3 is approved by NIST for use in U.S. federal government applications and is recommended for new systems requiring cryptographic hashing, especially where future-proofing against potential SHA-2 vulnerabilities is desired.

Quick Features

4 SHA-3 Variants
3 Output Formats
One-click Copy
Client-side Only
Length Extension Resistant

Why Choose SHA-3?

SHA-3 represents the state-of-the-art in cryptographic hash functions. While SHA-2 remains secure, SHA-3 provides a completely different internal structure, offering diversification in cryptographic algorithms. This is particularly valuable for systems requiring long-term security or compliance with the latest NIST standards.

Key Advantage: The sponge construction makes SHA-3 inherently resistant to length extension attacks, a property that must be specifically addressed when using SHA-2 (e.g., using HMAC instead of plain hashing).

SHA3-384 Implementation Examples

JavaScript (Browser)

async function sha3_384(message) {
  const msgBuffer = new TextEncoder().encode(message);
  const hashBuffer = await crypto.subtle.digest('SHA3-384', msgBuffer);
  const hashArray = Array.from(new Uint8Array(hashBuffer));
  return hashArray.map(b => 
    b.toString(16).padStart(2, '0')
  ).join('');
}

Node.js (with crypto)

const crypto = require('crypto');

function sha3_384(message) {
  return crypto
    .createHash('sha3-384')
    .update(message)
    .digest('hex');
}

Python (with hashlib)

import hashlib

def sha3_384(message):
    return hashlib.sha3_384(
        message.encode()
    ).hexdigest()

Java

import java.security.MessageDigest;

public static String sha3_384(String message) 
        throws Exception {
    MessageDigest md = 
        MessageDigest.getInstance("SHA3-384");
    byte[] hash = md.digest(
        message.getBytes("UTF-8")
    );
    return bytesToHex(hash);
}

Frequently Asked Questions

SHA-2 and SHA-3 are fundamentally different in their internal design. SHA-2 uses a Merkle-Damgård structure, while SHA-3 uses a sponge construction (Keccak). This makes SHA-3 naturally resistant to length extension attacks and gives it a different security profile. SHA-3 was designed as a backup to SHA-2, not a replacement, providing algorithm diversity in case vulnerabilities are found in SHA-2.

Performance comparison between SHA-2 and SHA-3 depends on the implementation and hardware. In software, SHA-2 is generally faster on most platforms. However, SHA-3 was designed with hardware efficiency in mind and can be very fast in hardware implementations. For most software applications, SHA-2 remains the faster choice, but SHA-3's performance is acceptable for most use cases and offers the benefit of algorithm diversity.

While SHA3-384 is a secure cryptographic hash function, it's not recommended for direct password hashing. Password hashing requires functions that are deliberately slow and memory-hard to resist brute-force attacks (like bcrypt, Argon2, or PBKDF2). However, SHA3-384 can be used as part of these dedicated password hashing functions or in key derivation functions like HKDF.

SHA3-384 provides 192 bits of security against collision attacks (due to the birthday paradox) and 384 bits of security against preimage attacks. This is considered extremely strong and suitable for the most demanding security applications. Even with future advances in computing, including quantum computers, this level of security is expected to remain adequate for the foreseeable future.

Choose SHA3-384 when you need: (1) The latest NIST standard for compliance, (2) Built-in resistance to length extension attacks without HMAC, (3) Algorithm diversity alongside SHA-2 for defense in depth, (4) Future-proofing for systems expected to operate for decades, or (5) Hardware-optimized implementations. For most general purposes, SHA-256 or SHA-384 remain excellent choices, but SHA-3 offers the security of a fresh design.

Related Hash Tools

SHA-256

SHA-384

SHA-512

SHA3-256

SHA3-384

SHA3-512

All SHA-3 hash generation is performed locally in your browser. Your data never leaves your device, ensuring complete privacy and security. Supports the latest NIST FIPS 202 standard.

Frontend

JavaScript & Frameworks

Backend

Artificial Intelligence

Database

CSS Frameworks

Data Analytics

Digital Marketing

Frontend

Backend

Artificial Intelligence

DevOps

Database

Cyber Security

SHA3-384 Hash Generator

What is SHA-3?

Understanding SHA-3 (Keccak)

The Sponge Construction

SHA-3 Variants

Common Applications

Quick Features

Why Choose SHA-3?

SHA3-384 Implementation Examples

JavaScript (Browser)

Node.js (with crypto)

Python (with hashlib)

Java

Frequently Asked Questions

Related Hash Tools

SHA-256

SHA-384

SHA-512

SHA3-256

SHA3-384

SHA3-512

Follow Us

Our Tools

Our Company

Special Tools

SHA3-384 Hash Generator

What is SHA-3?

Understanding SHA-3 (Keccak)

The Sponge Construction

SHA-3 Variants

Common Applications

Quick Features

Why Choose SHA-3?

SHA3-384 Implementation Examples

JavaScript (Browser)

Node.js (with crypto)

Python (with hashlib)

Java

Frequently Asked Questions

What's the difference between SHA-2 and SHA-3?

Is SHA3-384 faster than SHA-512?

Can I use SHA3-384 for password hashing?

What is the security level of SHA3-384?

When should I choose SHA3-384 over other hash functions?

Related Hash Tools

SHA-256

SHA-384

SHA-512

SHA3-256

SHA3-384

SHA3-512

Follow Us

Our Tools

Our Company

Special Tools