We have to generate key hash from keystore and register it to facebook developer console.I want to understand the concept of key hash.

What benefits it provides for the server/client ?

We often see Invalid key hash error(i.e the key hash "***" does not match any stored key hashes) .So

How does my app know the correct key hash because I'm not storing it in any xml or somewhere else?

Any kind of materials or thoughts would be appreciated.

Here Hash code is used to restrict the applications so that only valid applications (which have this particular hash code corresponds to the given certificate) can access facebook services. Because all applications are signed with particular certificates, so all the downloaded applications(say 1000 user downloads it) under same certificate must have the same hashcode and facebook is able to track which certified application used its services

We can easily find hash code of the certificate by the following code:

try {
        PackageInfo info = getPackageManager().getPackageInfo(
                "com.facebook.samples.hellofacebook", 
                PackageManager.GET_SIGNATURES);
        for (Signature signature : info.signatures) {
            MessageDigest md = MessageDigest.getInstance("SHA");
            md.update(signature.toByteArray());
            Log.d("KeyHash:", Base64.encodeToString(md.digest(), Base64.DEFAULT));
            }
    } catch (NameNotFoundException e) {

    } catch (NoSuchAlgorithmException e) {

    }

Above we are using SHA(Secure Hash Algorithm) to generate Hash code of the certificate.

SHA (Secure Hash Algorithm ) is message-digest algorithm, which takes an input message of any length and produces a 160-bit output as the message digest. SHA is called secure because it is computationally infeasible to find a message which corresponds to a given message digest, or to find two different messages which produce the same message digest.

So before making any real request to Facebook server , first hash key of certificate is compared with the stored hash key(i.e development hash key or debug hash key) on the server and if they match only then we can proceed further.