SHA-256 and Digital Evidence: The Hash That Holds Up in Court

Every person has a unique fingerprint. No two are identical, and even identical twins have different ridge patterns. A fingerprint does not describe the person — it does not tell you their height, their hair color, or what they had for breakfast — but it identifies them with near-absolute certainty.

A cryptographic hash works the same way for digital files. Feed any file — a photograph, a video, a spreadsheet, a 200-page contract — into a hash function, and it produces a fixed-length string of characters. That string is the file's digital fingerprint. Change one pixel in a photograph, one character in a document, one bit anywhere in the file, and the fingerprint changes completely. Not slightly. Completely. The new hash will share no recognizable relationship with the original.

Unlike human fingerprints, which require expert interpretation and probabilistic matching, hash values are mathematically deterministic. The same file will always produce the same hash. A different file will always produce a different hash. There is no ambiguity, no margin of error, and no need for expert opinion to compare them. Two hash values either match or they do not.

This property — deterministic, irreversible, and exquisitely sensitive to any modification — is why hash values have become the foundation of digital evidence authentication in federal and state courts.

What SHA-256 Actually Is

SHA-256 stands for Secure Hash Algorithm, 256-bit. It is one of several hash functions in the SHA-2 family, published by the National Institute of Standards and Technology (NIST) in Federal Information Processing Standard (FIPS) 180-4, the Secure Hash Standard.

When you run a file through SHA-256, the algorithm processes the file's contents — every byte, in order — and produces a 256-bit output, conventionally written as 64 hexadecimal characters. A hex character represents four bits, so 64 hex characters encode exactly 256 bits. That output is called the digest or hash value.

Here is what a SHA-256 hash value looks like:

e3b0c44298fc1c149afbf4c8996fb924 27ae41e4649b934ca495991b7852b855

That specific hash is the SHA-256 digest of an empty file — zero bytes of content. Every SHA-256 implementation in the world, run on any operating system, will produce that exact string when given an empty file. This reproducibility is not incidental. It is the defining property of a cryptographic hash function and the reason courts accept hash values as proof of integrity.

Key Properties

SHA-256 has three properties that matter for evidence authentication:

1. Deterministic. The same input always produces the same output. Run SHA-256 on a file today, tomorrow, and ten years from now — on Windows, Mac, Linux, or a phone — and you will get the identical 64-character digest every time. NIST's standard states that the hash function must produce a fixed-length output for any given input.
2. Avalanche effect. Any change to the input — even a single bit — changes approximately half the bits in the output. This is not a small shift. If you change one letter in a 100-page document, the before and after hash values will appear completely unrelated. FIPS 180-4 notes that "any change to the message will, with a very high probability, result in a different message digest."
3. Pre-image resistance. Given a hash value, there is no known method to reconstruct the original file. The hash is a one-way function. You cannot reverse-engineer a photograph from its hash any more than you can reconstruct a person from their fingerprint. This means a hash value can be shared openly without revealing the contents of the file.

Federal Mandate

SHA-256 is not an optional recommendation. Under the Federal Information Security Modernization Act (FISMA), federal agencies are required to use NIST-approved cryptographic standards. SHA-256 is the minimum acceptable hash function for federal systems. The older SHA-1 algorithm — which produces a 160-bit digest — has been deprecated due to demonstrated collision vulnerabilities, and NIST's planned revision (FIPS 180-5) will formally remove SHA-1 from the Secure Hash Standard entirely, leaving SHA-256 as the baseline.

When a forensic examiner or evidence management platform uses SHA-256, they are applying the same cryptographic standard that protects federal classified systems, financial infrastructure, and military communications.

How Courts Treat Hash Values

Federal courts have recognized hash-based authentication as a reliable method for proving digital evidence integrity. The strongest judicial endorsements come from the Federal Rules of Evidence themselves and from landmark case law interpreting those rules.

FRE 902(14) Advisory Committee Notes

When Congress adopted Rules 902(13) and 902(14) in 2017, the Advisory Committee Notes specifically identified hash values as a method for authenticating electronic evidence. Rule 902(14) covers records copied from an electronic device, and the Notes cite hash value comparison as the mechanism for demonstrating that a copy is identical to the original. The logic is straightforward: if the hash of the copy matches the hash of the original, the two are mathematically identical.

This is significant because the Advisory Committee Notes carry persuasive authority in federal courts. They represent the considered judgment of the federal judiciary's own rulemaking body about what constitutes reliable authentication of electronic evidence. Hash values are not merely one of many options — they are the specific example the Committee chose to highlight.

Lorraine v. Markel American Insurance Co.

In Lorraine v. Markel American Insurance Co., 241 F.R.D. 534 (D. Md. 2007), Magistrate Judge Paul W. Grimm authored a 101-page opinion that remains the most comprehensive judicial analysis of digital evidence authentication in American case law. The court excluded all electronic evidence in the case because neither party laid a proper foundation for it.

Critically for this discussion, the Lorraine opinion identified hash values as a "generally accepted method" for authenticating electronically stored information (ESI). The court recognized that cryptographic hashing provides a mathematical basis for proving that evidence has not been altered since collection — a standard higher than testimony alone can reliably achieve.

NIST SP 800-86: The Forensic Process

NIST Special Publication 800-86, Guide to Integrating Forensic Techniques into Incident Response, defines the four-phase forensic process: Collection, Examination, Analysis, and Reporting. Hash verification appears at the most critical junctures: immediately after collection and before forensic imaging. The purpose is to create a verifiable baseline — a mathematical proof that the evidence as examined is identical to the evidence as collected.

This NIST framework is not binding law, but courts routinely reference it as representing best practices in digital forensics. When an attorney asks "what is the standard process for handling digital evidence?" the answer, per NIST, includes hash verification at every stage of custody transfer.

The Practical Workflow: From Upload to Certificate

Understanding hash values conceptually is useful. Understanding how they function in a litigation workflow is essential. Here is what happens when evidence is preserved with SHA-256 verification:

1. File is uploaded. A party uploads a file — a surveillance video, a photograph, a contract, an email export — to an evidence management platform.
2. SHA-256 hash is computed immediately. At the moment of upload, before the file is stored, the platform computes the file's SHA-256 hash. This happens automatically, in milliseconds. The file's contents are processed through the algorithm and the 64-character digest is produced.
3. Hash is recorded with timestamp. The hash value is recorded in an immutable log alongside a timestamp. This creates the first link in the chain of custody: "This file, with this exact content, existed at this exact time."
4. Access and sharing events are logged. Every time the file is accessed, viewed, downloaded, or shared, the event is recorded. Optionally, the hash can be reverified at each access point to confirm the file has not been modified in storage.
5. FRE 902(13) certificate is generated. When the file needs to be produced in litigation, the platform generates a certification that includes the SHA-256 hash, the timestamp of upload, a description of the hashing process, and the complete chain of custody log. This certificate is designed to satisfy the requirements of FRE 902(13) for self-authentication.
6. Verification is independently reproducible. Opposing counsel can take the produced file, run it through any SHA-256 implementation — command line tools, open-source software, commercial forensic suites — and compare the result to the hash on the certificate. If the values match, the file is mathematically identical to the original. No proprietary software is needed. No expert is required. The math is the proof.

What a Match Means

If the hash of the produced file matches the hash recorded at upload, the file has not been altered. Not one bit has changed. This is not an opinion — it is a mathematical certainty within the boundaries of the algorithm. The probability of two different files producing the same SHA-256 hash (a "collision") is approximately 1 in 2¹²⁸, a number so large that it exceeds the estimated number of atoms in the observable universe.

What a Mismatch Means

If the hashes do not match, the file has been altered. Something changed between the time the original hash was recorded and the time the file was re-hashed. The hash cannot tell you what changed or who changed it — only that the file produced is not identical to the file that was originally preserved. This alone may be enough to challenge the evidence's admissibility or raise questions about the chain of custody.

Why This Matters for Litigation

Hash-based authentication solves three persistent problems in digital evidence practice:

1. Independent Verification

Opposing counsel does not need to trust the producing party's word that evidence is authentic. They do not need to trust the platform, the IT department, or the forensic examiner. They can verify the hash independently using any SHA-256 implementation. The algorithm is open, standardized, and universally available. This removes the adversarial dynamic from the authentication question — the math either confirms or denies integrity.

2. Reduced Foundation Costs

Before FRE 902(13) and 902(14), authenticating electronic evidence typically required a live witness — often an IT professional or forensic examiner — to testify about how the evidence was collected, stored, and produced. When hash values are recorded at collection and included in a written certification, the evidence can self-authenticate without that testimony. This eliminates the cost of expert witnesses for routine authentication and allows forensic experts to focus their time on genuinely contested issues.

3. Self-Authentication Under Federal Rules

A certification under 28 U.S.C. § 1746 — a declaration under penalty of perjury — that includes the SHA-256 hash, the timestamp, and a description of the process used to generate the hash satisfies the requirements for self-authentication under FRE 902(13). The producing party serves notice on the opposing party at least 14 days before trial. If the opposing party does not object within 7 days, the evidence is admitted without a foundation witness. If they do object, they must articulate a specific basis — and "I don't trust computers" is not one.

The Standard Is Not Going Anywhere

NIST periodically reviews and updates its cryptographic standards. The planned revision from FIPS 180-4 to FIPS 180-5 will formally remove SHA-1 — the older, shorter algorithm that Google demonstrated a practical collision attack against in 2017. SHA-256 is unaffected by this revision. No collision attack against SHA-256 has been demonstrated, and the algorithm remains the baseline requirement for federal cryptographic applications.

For attorneys and paralegals, this means SHA-256 hash values generated today will remain verifiable and court-admissible for the foreseeable future. There is no risk of the standard being deprecated or the hash values becoming unverifiable. The algorithm is designed to endure.

What Attested Does With This

Every file uploaded to Attested is hashed with SHA-256 at the moment of upload. That hash, along with the complete access audit trail — every view, every download, every share event with timestamps and viewer identification — is included in every FRE 902(13) certificate we generate.

The hash is not optional. It is not a feature you enable. It is the first thing that happens to every file, because evidence integrity is not an afterthought — it is the product.

When opposing counsel receives your evidence and certificate, they can verify the hash independently, review the access audit trail, and confirm that the file they are examining is mathematically identical to the file you uploaded. No trust required. No expert needed. The math speaks for itself.