What is SHA-1?
SHA-1 (“Secure Hash Algorithm #1″, also “SHA1″) is the second most common data integrity check standard (a.k.a. “hash”) used throughout the world today. SHA-1 codes are 160-bit numbers and are usually represented in hexadecimal format (e.g., “de9f2c7f d25e1b3a fad3e85a 0bd17d9b 100db4b3″).
SHA-1 is the least secure hash algorithm NIST currently supports in its FIPS validated cryptography implementations. However, SHA-1 is faster than SHA-2 (its successor) and is commonly available in file transfer technology today (e.g., FTP’s unofficial “XSHA1″ command).
BEST PRACTICE: Modern file transfer deployments should use FIPS validated SHA-1 or SHA-2 implementations for integrity checks. Some SHA-1 usage is already prohibited in high security environments. If you are working with a U.S. Federal Government application, read NIST’s “Transitioning of Cryptographic Algorithms and Key Sizes” to see if your SHA-1 implementation is still allowed.