From InfoAnarchy
(Redirected from SHA1)
Jump to: navigation, search

See also: Algorithms | Hash

A hashing algorithm that produces 160-bit hash from message or file of less than 2^64 bits. This algorithm was developped by NIST in 1993. SHA-1 was first published as FIPS PUB 180-1. The "-1" indicates that this is the first revision to the FIPS standard; the original version, SHA (SHA-0), was modified several months after it was released to address faults in its design. Today the relevant standard is FIPS 180-2, Secure Hash Standard (SHS) that also document other algorithms in the SHA family. SHA-1 was also standardized as RFC 3174.

See these links for more information:

MD5 vs SHA-1 discussion:

"The two algorithms are of very similar complexity and there should be no major performance difference. SHA produces a larger result (160 bits rather than 128), which makes it slightly more secure against certain brute-force attacks. MD5 has one or two known minor weaknesses, which make people nervous but do not appear to actually compromise security when it is used the way IPsec uses it. SHA is a USA government standard.

MD5's design principles have been described openly, while SHA's have not... and there is cause for some concern about that, because it comes from people (the NSA) who historically have sometimes had hidden agendas. Bottom line: they're pretty similar; SHA may be a bit stronger but probably not very much; MD5's more-open origins avoid certain nagging doubts which are hard to entirely dismiss about SHA."

Since that discussion, MD5 suffered very pratical attack while SHA-1 is for pratical purpose still secure (but some theorical progress have been made). Anyway SHA-1 output is too small for future usage so NIST recommands it phased out by 2010.