Jump to content
Main menu
Main menu
move to sidebar
hide
Navigation
Main page
Recent changes
Random page
Help about MediaWiki
Special pages
Niidae Wiki
Search
Search
Appearance
Create account
Log in
Personal tools
Create account
Log in
Pages for logged out editors
learn more
Contributions
Talk
Editing
SHA-1
(section)
Page
Discussion
English
Read
Edit
View history
Tools
Tools
move to sidebar
hide
Actions
Read
Edit
View history
General
What links here
Related changes
Page information
Appearance
move to sidebar
hide
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
==Applications== ===Cryptography=== {{Further|Cryptographic hash function#Applications}} SHA-1 forms part of several widely used security applications and protocols, including [[Transport Layer Security|TLS]] and [[Secure Sockets Layer|SSL]], [[Pretty Good Privacy|PGP]], [[Secure Shell|SSH]], [[S/MIME]], and [[IPsec]]. Those applications can also use [[MD5]]; both MD5 and SHA-1 are descended from [[MD4]]. SHA-1 and SHA-2 are the hash algorithms required by law for use in certain [[U.S. government]] applications, including use within other cryptographic algorithms and protocols, for the protection of sensitive unclassified information. FIPS PUB 180-1 also encouraged adoption and use of SHA-1 by private and commercial organizations. SHA-1 is being retired from most government uses; the U.S. National Institute of Standards and Technology said, "Federal agencies should stop using SHA-1 for...applications that require collision resistance as soon as practical, and must use the [[SHA-2]] family of hash functions for these applications after 2010",<ref name="Computer Security Division">{{Cite web |last=Computer Security Division |first=Information Technology Laboratory |date=2017-01-04 |title=NIST Policy on Hash Functions β Hash Functions |url=https://csrc.nist.gov/Projects/Hash-Functions/NIST-Policy-on-Hash-Functions |access-date=2023-08-27 |website=CSRC, NIST |language=EN-US}}</ref> though that was later relaxed to allow SHA-1 to be used for verifying old digital signatures and time stamps.<ref name="Computer Security Division"/> A prime motivation for the publication of the [[Secure Hash Algorithm]] was the [[Digital Signature Algorithm|Digital Signature Standard]], in which it is incorporated. The SHA hash functions have been used for the basis of the [[SHACAL]] [[block cipher]]s. ===Data integrity<span class="anchor" id="Data Integrity"></span>=== [[Revision control]] systems such as [[Git (software)|Git]], [[Mercurial]], and [[Monotone (software)|Monotone]] use SHA-1, not for security, but to identify revisions and to ensure that the data has not changed due to accidental corruption. [[Linus Torvalds]] said about Git in 2007: :If you have disk corruption, if you have DRAM corruption, if you have any kind of problems at all, Git will notice them. It's not a question of ''if'', it's a guarantee. You can have people who try to be malicious. They won't succeed. [...] Nobody has been able to break SHA-1, but the point is the SHA-1, as far as Git is concerned, isn't even a security feature. It's purely a consistency check. The security parts are elsewhere, so a lot of people assume that since Git uses SHA-1 and SHA-1 is used for cryptographically secure stuff, they think that, Okay, it's a huge security feature. It has nothing at all to do with security, it's just the best hash you can get. ... :I guarantee you, if you put your data in Git, you can trust the fact that five years later, after it was converted from your hard disk to DVD to whatever new technology and you copied it along, five years later you can verify that the data you get back out is the exact same data you put in. [...] :One of the reasons I care is for the kernel, we had a break in on one of the [[BitKeeper]] sites where people tried to corrupt the kernel source code repositories.<ref>{{cite web | url = https://www.youtube.com/watch?v=4XpnKHJAok8&t=56m20s | title = Tech Talk: Linus Torvalds on git | website = [[YouTube]] |access-date=November 13, 2013}}</ref> However Git does not require the [[second preimage resistance]] of SHA-1 as a security feature, since it will always prefer to keep the earliest version of an object in case of collision, preventing an attacker from surreptitiously overwriting files.<ref>{{cite web |last1=Torvalds |first1=Linus |title=Re: Starting to think about sha-256? |url=https://marc.info/?l=git&m=115678778717621&w=2 |website=marc.info |access-date=30 May 2016}}</ref> The known attacks (as of 2020) also do not break second preimage resistance.<ref>{{cite web |date=2020 |last1=Walfield |first1=Neal H. |title=openpgp: Pass the hash algo's security reqs to Policy::signature |url=https://gitlab.com/sequoia-pgp/sequoia/-/commit/35119b755db270ab43a8e1ec13577bc0f9846546 |website=gitlab.com/sequoia-pgp |language=en}} – see section "Background" in the [https://docs.rs/sequoia-openpgp/1.18.0/sequoia_openpgp/policy/enum.HashAlgoSecurity.html rendered documentation]</ref>
Summary:
Please note that all contributions to Niidae Wiki may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see
Encyclopedia:Copyrights
for details).
Do not submit copyrighted work without permission!
Cancel
Editing help
(opens in new window)
Search
Search
Editing
SHA-1
(section)
Add topic
