A message digest (or hash) function is a cryptographic primitive used for digital signatures and password protection. It maps a message of arbitrary length to a fixed-length hash value or "message digest". The same input (message) will always result in the same output.
Note that the terms hash function, hash algorithm and message digest algorithm can be used interchangeably. Similarly, the terms message digest, hash value and digest value mean the same thing.
A cryptographic hash function should be one-way and collision-resistant.
"One-way" means that it's easy to compute the digest output from the message input, but it's effectively impossible to go backwards and find the input given the digest. More formally, it means that, given an n-bit hash value, it should require work equivalent to about 2n hash computations to find any message that hashes to that value.
"Collision-resistant" means that it should be almost impossible to find two messages that hash to the same digest value (a collison). Finding a collision for a given digest value should require work equivalent to about 2n/2 hash computations.
SHA-1 is a 160-bit (20-byte) hash function specified in FIPS PUB 180 Secure Hash Standard (SHS) [FIPS180]. It is no longer considered secure for digital signatures.
The SHA-2 family of hash functions, SHA-224, SHA-256, SHA-384 and SHA-512, are also specified in [FIPS180], and have digest lengths of 224, 256, 384 and 512 bits (28, 32, 48 and 64 bytes), respectively. SHA-256 is intended as a companion for the Advanced Encryption Standard (AES) to provide a similar level of enhanced security as AES-128 (i.e. a security strength of 128 bits). Similarly, SHA-512 is designed to have the same level of security as AES-256 (a security strength of 256 bits).
SHA-224 and SHA-384 are effectively just cut-down versions of SHA-256 and SHA-512, with exactly the same computational effort required, and are for use where the length of digest values needs to be kept to a minimum (at a cost of reduced security).
MD5 is an older, less-secure, but faster hash algorithm with a digest length of 128 bits. It is no longer recommended for use. MD2 is even older and should not be used. We keep it in this library in case you need it for some legacy use.
The SHA-3 family of hash functions SHA3-224, SHA3-256, SHA3-384 and SHA3-512 are specified in [FIPS202], published in 2015. They have the same digest lengths as the SHA-2 family but are based on an entirely different algorithm, called Keccak. The intention is to keep the SHA-3 family "in reserve" in case a vulnerability is found in the SHA-2 family. See also Notes on SHA-3.