Whirlpool Hash Function in Python

Last Updated : 7 Apr, 2026

Whirlpool is a cryptographic hash function designed by Vincent Rijmen and Paulo S. L. M. Barreto. It generates a 512-bit hash value, making it suitable for secure hashing.

  • Accepts input of variable length
  • Produces fixed 512-bit output
  • Based on block cipher design (similar to AES)
  • Designed for high security and data integrity

A hash function converts input data into a fixed-length output called a hash value. It is widely used in data integrity, password storage and cryptography. The same input always produces the same hash, while even a small change in input generates a completely different output.

Internal Working

Whirlpool processes input data of variable length and produces a fixed 512-bit hash value. The algorithm went through multiple versions:

  • Whirlpool-0 (2000): Initial version
  • Whirlpool-T (2001): Improved S-box for better hardware implementation
  • Whirlpool (final version): Fixed issues in the diffusion matrix to remove vulnerabilities

Internally, Whirlpool operates on a 512-bit state represented as an 8 × 8 byte matrix. The state is updated in multiple rounds using four main operations:

Operation NameFunction
Substitute Bytes (SB)Applies non-linear transformation using a lookup table
Shift Columns (SC)Rearranges data by shifting columns
Mix Rows (MR)Mixes data using matrix multiplication
Add Round Key (AK)Combines data with a round key using XOR

Whirlpool processes the input data in multiple rounds. In each round, the internal state (represented as an 8 × 8 matrix) is updated by applying a sequence of transformations. These transformations are the core operations of the algorithm and are repeated multiple times to produce the final hash value.

The transformation can be represented as:

State = MR ∘ AK ∘ SC ∘ SB (State)

Installation

Install the Whirlpool library using:

pip install whirlpool

Note: Whirlpool library may require additional system dependencies (such as C++ build tools) to install successfully. If installation fails, ensure the required compilers are installed on your system.

Examples

Example 1: In this example, a string is converted into its Whirlpool hash value.

Python 
import whirlpool
s = b"GeeksforGeeks"
h = whirlpool.new(s)
print(h.hexdigest())

Output

95cb4d2d765eb26a922b3ade5a5837a3bc6b18f9a68cec6392f7bf4284c996dd...

Explanation: whirlpool.new(s) creates hash object and hexdigest() returns hash in hexadecimal format

Example 2: In this example, additional data is added to the existing hash using the update method.

Python 
import whirlpool
s = b"GeeksforGeeks"
h = whirlpool.new(s)
h.update(b"Geeks")
print(h.hexdigest())

Output

c3a2aea5a2b487f1a3ee848870dff8ca5af0adcf7eae2a58b40927e87027918c...

Explanation: update() adds more data to the hash

Applications

  • Data Integrity Verification: Ensures data has not been altered
  • Password Hashing: Stores passwords securely in hashed form
  • Digital Signatures: Used in authentication systems
  • File Verification: Detects changes in files using hash comparison

Limitations

  • Less commonly used compared to SHA-256
  • Installation issues due to external dependencies
  • Slower than some modern hash functions
  • Limited support in libraries and tools
Comment
Article Tags:
Python
python-utility

Explore