SHA-1 Hash Algorithm

SHA-1 (Secure Hash Algorithm 1) was designed by the NSA and published by NIST in 1995 as part of the Federal Information Processing Standard (FIPS 180-1). It produces a 160-bit (20-byte) digest, typically rendered as a 40-character hexadecimal string. SHA-1 served as the dominant cryptographic hash function for over a decade but has been formally deprecated for most security applications.

How SHA-1 works:

SHA-1 processes input in 512-bit blocks, similar to MD5 but with a wider internal state. After standard padding, each block passes through 80 rounds of computation using four different logical functions across four groups of 20 rounds each. The algorithm maintains five 32-bit working variables (A through E) that are updated each round via a combination of rotations, additions, and nonlinear functions.

The deprecation timeline:

Theoretical weaknesses in SHA-1 were identified as early as 2005 when researchers showed the collision resistance was weaker than expected. In 2017, Google and CWI Amsterdam published the SHAttered attack, producing two different PDF files with the same SHA-1 hash using approximately 6,500 CPU-years of computation (executed on cloud infrastructure). By 2020, chosen-prefix collision attacks became feasible for around $45,000 in cloud compute costs, making SHA-1 collisions practical for well-funded attackers.

Industry response:

Major certificate authorities stopped issuing SHA-1 SSL certificates by 2016. Browsers including Chrome, Firefox, and Edge began rejecting SHA-1 certificates in 2017. Microsoft, Apple, and Mozilla removed SHA-1 trust from their root stores. NIST formally deprecated SHA-1 for digital signatures in 2011 and recommended full phase-out by 2030.

Current legitimate uses:

SHA-1 still appears in Git for identifying commits (though Git is migrating to SHA-256), in some HMAC constructions where the collision weakness is less relevant, and in legacy systems undergoing migration. For any new project, SHA-256 or SHA-3 should be used instead.