A Secure Hash Algorithm is a family of cryptographic hash functions published by the National Institute of Standards and Technology as a U.S FIPS standard.
Cryptographic hash functions are mathematical operations run on digital data; by comparing the computed “hash” (the output from execution of the algorithm) to a known and expected hash value, a person can determine the data’s integrity (and make a handshake).
For example, computing the hash of a downloaded file and comparing the result to a previously published hash result can show whether the download has been modified or tampered with. A key aspect of cryptographic hash functions is the collision resistance: nobody should be able to find two different input values that result in the same hash output.The different levels are:
- SHA-0 (Unused)
SHA-1 – An SHA1 is a a cryptographic hash function designed by the United States national security agency and is a U.S FIPS published by the NIST. SHA-1 produces a 160 bit (20 byte) hash value known as a message digest. The hash value is typically rendered as a hexadecimal number, 40 digits long. The SHA1 is no longer considered secure against well funded opponents as it was found in 2005 that attacks were being successful made against the algorithm. By 2010 it was recommended that organizations replace the SHA1 with either SHA-2 or SHA-3. Microsoft, Google and Mozilla have all announced that their respective browsers will stop accepting SHA-1 SSL certificates by 2017.
SHA-2 – This is the next level of encryption created by the same people who created SHA-1 however includes significant changes from its predecessor. The SHA-2 family consists of 6 hash functions with hash values of 224, 256, 384 and 512 bits. These include:
SHA-3 – SHA-3 (Secure Hash Algorithm 3), a subset of the cryptographic primitive family Keccak is a cryptographic hash function designed by Guido Bertoni, Joan Daemen, Michaël Peeters, and Gilles Van Assche, building upon RadioGatún. SHA-3 is a member of the Secure Hash Algorithm family. The SHA-3 standard was released by NIST on August 5, 2015.