What is SHA-1?
SHA-1 (Secure Hash Algorithm 1) outputs a 160-bit digest (40-hex chars). Designed by the NSA and published by NIST in 1995 (FIPS 180-1), it became popular for digital signatures, file checksums and version-control systems.
Security note: SHA-1 is broken — use SHA-256, SHA-3 or BLAKE3 for new systems.
How SHA-1 works
- Pad the message → length ≡ 448 (mod 512) bits
- Append 64-bit length of the original message
- Init five 32-bit words (A–E)
- Process 512-bit blocks through 80 operations (four rounds)
- Output the final 160-bit digest
Security status
- 2005 — first theoretical collision attacks
- 2017 — Google & CWI Amsterdam demonstrated real collision (“SHAttered” PDFs)
- Browsers now distrust SHA-1 TLS certificates
- NIST deprecated SHA-1 for digital signatures in 2011
Example hashes
| Input | SHA-1 Hash |
|---|---|
Hello, World! | 0a0a9f2a6772942557ab5355d76af442f8f65e01 |
password | 5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8 |
123456789 | f7c3bc1d808e04732adf679965ccc34ca7ae3441 |
| (empty) | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
SHA-1 vs. other hash functions
| Algorithm | Output | Security | Speed |
|---|---|---|---|
| MD5 | 128 bits | ❌ Broken | ⚡ Very fast |
| SHA-1 | 160 bits | ❌ Compromised | ⚡ Fast |
| SHA-256 | 256 bits | ✅ Secure | 🚀 Moderate |
| SHA-3 | Variable | ✅ Very secure | 🚀 Moderate |
| BLAKE3 | 256 bits | ✅ Secure | ⚡ Blazing |
Frequently Asked Questions
Is SHA-1 secure for passwords?
No. Use bcrypt, Argon2 or PBKDF2 instead.
What is a SHA-1 collision?
A collision occurs when two different inputs generate the same hash. The 2017 “SHAttered” attack proved real-world collisions.
Why does Git still use SHA-1?
Git's design limits exploitability, but the project is migrating to SHA-256.