About SHA Hash Functions
The Secure Hash Algorithms (SHA) are a family of cryptographic hash functions published by the
National Institute of Standards and Technology (NIST) as a U.S. Federal Information Processing
Standard (FIPS).
SHA Variants:
- SHA-1: Produces a 160-bit (20-byte) hash value. It is no longer considered
secure against well-funded attackers.
- SHA-2 Family: Includes SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, and
SHA-512/256. These are considered secure and widely used.
- SHA-3 Family: The newest member of the SHA family, based on the Keccak
algorithm. Includes SHA3-224, SHA3-256, SHA3-384, and SHA3-512.
Security Note: SHA-256 and stronger variants are recommended for security-critical
applications. SHA-1 should be avoided for new applications due to demonstrated collision attacks.
Common Uses of SHA:
- Digital Signatures: Verifying the authenticity and integrity of messages and
documents.
- SSL/TLS Certificates: Ensuring secure connections on the web.
- Password Storage: Storing password hashes (though specialized password hashing
functions like bcrypt are preferred).
- File Integrity: Verifying that files have not been tampered with.
- Blockchain Technology: SHA-256 is used in Bitcoin and many other
cryptocurrencies.
Comparison of SHA Variants:
| Algorithm |
Output Size |
Internal State Size |
Block Size |
Security |
| SHA-1 |
160 bits |
160 bits |
512 bits |
Broken (collision attacks demonstrated) |
| SHA-224 |
224 bits |
256 bits |
512 bits |
Secure |
| SHA-256 |
256 bits |
256 bits |
512 bits |
Secure |
| SHA-384 |
384 bits |
512 bits |
1024 bits |
Secure |
| SHA-512 |
512 bits |
512 bits |
1024 bits |
Secure |