Merkle–Damgård construction
MerkleDamgård construction is a method of building collisionresistant cryptographic hash functions from collisionresistant oneway compression functions. This construction was used in the design of popular hash algorithms such as MD5, SHA1 and SHA2.
To make it easier to understand:
MerkleDamgård constructs a variablelength collision resistant hash function from a fixedlength collisionresistant hash function .
Construction
Suppose:

Block size is .

inputs length and outputs length .

inputs whose length is .
The construction is as follows:

Set block size . Pad with s so that its length is multiple of . Now we have bit blocks .

(Length Padding) Let , where is encoded using exactly bits. Now we have .

Let . This is the initialization vector (IV).

For , compute .

Output .
A picture is more than a thousand words:
Proof of security
Theorem: If is collisionresistant, then so is .
Proof: We prove by contraposition. Suppose is not collisionresistant, which means we can easily find 2 different inputs such that . Let and be the input blocks. Recall that and . There are 2 cases:

. In this case we only look at the last block:
Because , we have . So we have found a collision for .

. This implies . In this case we look backwards from the last block:

We have .
If or , then we have found a collision for . Else, we have and:

We have .
If or , then we have found a collision for . Else, we have and:

…

… Else, we have . But if we get here, then for all , which implies . This is a contradiction.

MDcompliant padding
The padding scheme used in the Merkle–Damgård construction must be chosen carefully to ensure the security of the scheme. The above construction uses length padding, but there are other MDcompliant padding schemes as well. For details about MDcompliant padding, check Wikipedia.