SHA-1 (Secure Hash Algorithm 1)

SHA-1 is a 160-bit cryptographic hash function used for data integrity. Once widely adopted, it is now considered insecure against collision attacks and has been largely superseded by SHA-2 and SHA-3.

Overview

SHA-1 (Secure Hash Algorithm 1) is a cryptographic hash function that maps arbitrary-length input data to a fixed 160-bit (20-byte) digest. It was published as a revision to an earlier algorithm and became a common tool for checksums, integrity verification, and digital signatures. A hash produced by SHA-1 is intended to be a one-way value: given the digest it should be infeasible to recover the original input.

Design and operation

SHA-1 processes input in 512-bit blocks. The message is padded and its length appended before processing. Internally the algorithm uses a 160-bit internal state that is updated in 80 rounds of simple operations: bitwise logical functions (AND, OR, XOR), fixed constants, additions modulo 232, and circular left rotations. The final 160-bit state is emitted as the hash value, conventionally expressed as a 40-character hexadecimal string.

Security properties

Cryptographic hash functions are expected to provide three core properties: preimage resistance (hard to find any message matching a given digest), second-preimage resistance (hard to find a different message with the same digest as a given message), and collision resistance (hard to find any two distinct messages that produce the same digest). SHA-1 was designed with these goals in mind, but its collision resistance has been weakened by cryptanalysis.

Vulnerabilities and deprecation

Research in the 2000s found theoretical attacks faster than brute force against SHA-1's collision resistance, and practical collisions were later demonstrated. Because collisions undermine the trustworthiness of digital signatures and integrity checks, standards bodies and major software projects have deprecated SHA-1 for most security uses. The general recommendation is to migrate to stronger hashes such as SHA-2 family algorithms (SHA-256, SHA-512) or SHA-3.

Common uses and migration

Historically, SHA-1 was used in many contexts: TLS certificates and code signing, package and file checksums, version control identifiers, and more. Over time those uses have shifted as vulnerabilities became known. New systems typically employ SHA-2 or SHA-3; legacy systems may still encounter SHA-1 digests, so compatibility and migration strategies remain relevant concerns for administrators and developers.

Examples and notable facts

An example SHA-1 digest is the 40-hex-character string produced from the ASCII input "Wikipedia": 664add438097fbd4307f814de8e62a10f8905588. Because SHA-1 outputs a fixed-size value, two different inputs that accidentally or intentionally collide would share the same hex digest. This property is central to why collisions represent a practical break of the algorithm in security-sensitive contexts.

Digest size: 160 bits (20 bytes)
Block size: 512 bits
Rounds: 80 internal rounds
Status: Deprecated for many security applications; migration recommended