Secure Hash Algorithm
||This disambiguation page should be converted into a broad-concept article, describing the primary meaning of the term. Additional meanings linked to this term should be moved to a separate page with "(disambiguation)" in the title.||
The Secure Hash Algorithm is a family of cryptographic hash functions published by the National Institute of Standards and Technology (NIST) as a U.S. Federal Information Processing Standard (FIPS), and may refer to:
- SHA-0: A retronym applied to the original version of the 160-bit hash function published in 1993 under the name "SHA". It was withdrawn shortly after publication due to an undisclosed "significant flaw" and replaced by the slightly revised version SHA-1.
- SHA-1: A 160-bit hash function which resembles the earlier MD5 algorithm. This was designed by the National Security Agency (NSA) to be part of the Digital Signature Algorithm. Cryptographic weaknesses were discovered in SHA-1, and the standard was no longer approved for most cryptographic uses after 2010.
- SHA-2: A family of two similar hash functions, with different block sizes, known as SHA-256 and SHA-512. They differ in the word size; SHA-256 uses 32-bit words where SHA-512 uses 64-bit words. There are also truncated versions of each standard, known as SHA-224 and SHA-384. These were also designed by the NSA.
- SHA-3: A hash function formerly called Keccak, chosen in 2012 after a public competition among non-NSA designers. It supports the same hash lengths as SHA-2, and its internal structure differs significantly from the rest of the SHA family.
Comparison of SHA functions
In the table below, internal state means the "internal hash sum" after each compression of a data block.
|Output size (bits)||Internal state size (bits)||Block size (bits)||Max message size (bits)||Word size (bits)||Rounds||Bitwise operations||Collisions found||Example Performance (MiB/s)|
|MD5 (as reference)||128||128||512||264 − 1||32||64||and,or,xor,rot||Yes||335|
|SHA-0||160||160||512||264 − 1||32||80||and,or,xor,rot||Yes||-|
|SHA-1||160||160||512||264 − 1||32||80||and,or,xor,rot||Theoretical attack (261)||192|
|256||512||264 − 1||32||64||and,or,xor,shr,rot||None||139|
|512||1024||2128 − 1||64||80||and,or,xor,shr,rot||None||154|
(5×5 array of 64-bit words)