We are independent & ad-supported. We may earn a commission for purchases made through our links.
WiseGeek
Advertiser Disclosure
Our website is an independent, advertising-supported platform. We provide our content free of charge to our readers, and to keep it that way, we rely on revenue generated through advertisements and affiliate partnerships. This means that when you click on certain links on our site and make a purchase, we may earn a commission. Learn more.
How We Make Money
We sustain our operations through affiliate commissions and advertising. If you click on an affiliate link and make a purchase, we may receive a commission from the merchant at no additional cost to you. We also display advertisements on our website, which help generate revenue to support our work and keep our content free for readers. Our editorial team operates independently of our advertising and affiliate partnerships to ensure that our content remains unbiased and focused on providing you with the best information and recommendations based on thorough research and honest evaluations. To remain transparent, we’ve provided a list of our current affiliate partners here.
Security

Our Promise to you

Founded in 2002, our company has been a trusted resource for readers seeking informative and engaging content. Our dedication to quality remains unwavering—and will never change. We follow a strict editorial policy, ensuring that our content is authored by highly qualified professionals and edited by subject matter experts. This guarantees that everything we publish is objective, accurate, and trustworthy.

Over the years, we've refined our approach to cover a wide range of topics, providing readers with reliable and practical advice to enhance their knowledge and skills. That's why millions of readers turn to us each year. Join us in celebrating the joy of learning, guided by standards you can trust.

What Is a Secure Hash Algorithm?

By Kurt Inman
Updated: May 17, 2024
References

A secure hash algorithm, often known simply as an “SHA,” is a hashing algorithm that is considered cryptographically secure. In general, hashing functions are used to sort and organize digital data into smaller, more categorized packets. Algorithms are the programs that drive the functions, and the security of these algorithms matters insofar as it controls how easily the data can be unlocked and rearranged. How secure things need to be usually depends on the circumstances. Many software and code developers want impenetrable algorithms because their methods of sorting topics and drawing connections is proprietary, and they’re using it to make money. In other cases the data itself is highly sensitive, as is often the case with things like medical records or certain government documents. The actual mechanics of SHAs tend to be very complicated, and at least some degree of technical savvy is usually required to fully grasp how they work and how they’re developed. Like most things technological, there’s been an upward evolution in development, too; earlier models have largely been replaced, and newer, more secure designs are almost constantly being introduced.

Understanding Hash Algorithms Generally

The modern digital landscape contains hundreds of millions of data points, all of which occupy a web of interconnectedness and points in common, both across websites and in the social sphere when it comes to messages and postings generated by users. Hashing is one way to amalgamate data that is similar or related such that it forms something of a compendium or a smaller, more inter-related “web within a web.” Secure hashing algorithms seek to do this organizing in an efficient and secure way.

The original data, once hashed by an SHA, typically cannot be reconstructed without a tremendous amount of computing power. Secure algorithms are often used in combination with other algorithms to authenticate messages, including digital signatures.

How They’re Implemented

Some network routers and firewalls implement SHAs directly in their hardware. This allows data packets to be authenticated with limited impact on throughput. Specially designed software is another option, including many open source implementations. For instance, the US National Institute of Standards and Technology (NIST) and the Canadian Communications Security Establishment (CSE) jointly run the Cryptographic Module Verification Program (CMVP). This official program certifies the correct operation of secure algorithm implementations for sensitive applications.

Standardization

The US government has standardized at least six secure hash algorithms. SHA-0 and SHA-1 were the earliest models developed in the 1990s. The SHA-2 series developed in the 2000s included SHA-224, -256, -384 and -512. These are designed such that two documents with different contents generally produce two unique sets of hash values, which is really helpful in terms of avoiding hash collisions.

Earliest Iterations

The SHA-0 algorithm, first published in 1993 by the NIST, was quickly discontinued after a significant weakness was found. It was replaced by SHA-1 in 1995, which includes an extra computational step that addresses the undisclosed problems of SHA-0. Both algorithms hash a message of up to 264-1 bits into a 160-bit "digest." Both utilize a block size of 512 bits and a word size of 32 bits in their operation.

SHA-1 is used in some common Internet protocols and security tools. These include IPsec, PGP, SSL, S/MIME, SSH and TLS. SHA-1 is also typically used as part of the protection scheme for unclassified government documents. Some parts of the private sector utilize this algorithm for certain sensitive information as well. It was formally retired from general government use in 2010, however.

Evolution and Continuing Development

SHA-224, -256, -384 and -512 were published by the NIST between 2001 and 2004. These four algorithms, also known as the SHA-2 family, are generally more robust than SHA-1. SHA-224 and SHA-256 utilize the same block, word and maximum input message sizes as SHA-1. In contrast, SHA-224 produces a 224-bit digest, while SHA-256 creates a 256-bit digest. SHA-384 and SHA-512 increase the block size to 1024 bits, the word size to 64 bits, and the maximum input message length to 2128-1 bits. The digest produced by SHA-384 is 384 bits long, while the SHA-512 digest contains 512 bits.

Like SHA-0 and SHA-1, the SHA-2 family was designed by the US National Security Agency (NSA). Although serious flaws have not been publicly disclosed in SHA-2, NIST has opened a competition to develop the next secure hash algorithm. This new algorithm, to be called SHA-3, is likely to be chosen from a collection of public entries. It is expected to be a new design, not based on the existing algorithms.

WiseGeek is dedicated to providing accurate and trustworthy information. We carefully select reputable sources and employ a rigorous fact-checking process to maintain the highest standards. To learn more about our commitment to accuracy, read our editorial process.
Link to Sources
See our Editorial Process Share Feedback

Related Articles

Discussion Comments
Share
https://www.wisegeek.net/what-is-a-secure-hash-algorithm.htm
WiseGeek, in your inbox

Our latest articles, guides, and more, delivered daily.

WiseGeek, in your inbox

Our latest articles, guides, and more, delivered daily.