What is SHA-1?

SHA-1 (“Secure Hash Algorithm #1”, also “SHA1”) is the second most common data integrity check standard (a.k.a. “hash”) used throughout the world today.  SHA-1 codes are 160-bit numbers and are usually represented in hexadecimal format (e.g., “de9f2c7f d25e1b3a fad3e85a 0bd17d9b 100db4b3”).

SHA-1 is the least secure hash algorithm NIST currently supports in its FIPS validated cryptography implementations.   However, SHA-1 is faster than SHA-2 (its successor) and is commonly available in file transfer technology today (e.g., FTP’s unofficial “XSHA1” command).

BEST PRACTICE: Modern file transfer deployments should use FIPS validated SHA-1 or SHA-2 implementations for integrity checks.  Some SHA-1 usage is already prohibited in high security environments.  If you are working with a U.S. Federal Government application, read NIST’s “Transitioning of Cryptographic Algorithms and Key Sizes” to see if your SHA-1 implementation is still allowed.

Leave a comment

You must be logged in to post a comment.

Event Log Analyzer by SolarWinds