SHA1 is a hash algorithm that is created by the National Security Agency (NSA). SHA1 hash algorithm is generally used in security and data integrity applications. SHA-1 is created in 1995 as the successor of the SHA-0. Both SHA1 and SHA-1 refer to each other.
Secure Hash Algorithm 1 or SHA1
SHA1 is in a hash or message digest algorithm where it generates 160-bit unique value from the input data. The input data size doesn’t matter as SHA1 always generates the same size message digest or hash which is 160 bit. This can be seen very confusing but the algorithm is designed for this.
SHA1 Is Not Secure Anymore
SHA1 is used for data integrity and security. Especially after 2005, there are a lot of different attacks against the SHA1 algorithm to prevent it is not secure. The first public collusion published in 2017 where SHA1 is not considered secure after that time. Currently, SHA2 family algorithms are invented to be used for security. A collision attack is simply a different input value that can generate the same output hash value which will fake the security systems.
Currently, there are a lot of tools where some of them online to create SHA1 hash values. In the following address, there is a tool which supports a lot of different type of hash and encoding algorithms.
SHA1 Cracking Tools
There are also some cracking tools that can crack popularly used words and passwords easily. Especially Linux, Network and Windows systems use SHA1 in order to hash and hide passwords but this can be cracked easily with the following online cracking sites.
Say we want to crack the password hash
717de03c9158ae10675c659c2fe8b27b71d50073 and find the user password. We will use the following online SHA1 cracker and provide the hash we want to crack. We can also provide multiple SHA1 hashes line by line.
We can see that the hashes clear text is
crackme123 which is shown in the cracker result in green color.
Linux SHA1 Usage
Linux distributions like Ubuntu, Debian, Mint, Kali, Fedora, and CentOS provide
sha1sum command which can calculate the SHA1 sum of the given file.
$ sha1sum password.txt
PHP SHA1 Usage
PHP programming language provides a SHA1 calculation function named
sha1() as builtin. We just need to provide the data or text we can to calculate its hash. In this example, we will calculate the hash of the “crackme123”.
$str="crackme123"; $str_hash = sha1($str); echo $str_hash;
Python SHA1 Usage
Python also provides the SHA1 hash algorithm support with the
hashlib module/library. We will first import hashlib and then use the
sha1() function by providing the data or text we want to calculate the hash. In this example, we will calculate the hash of “crackme”.
import hashlib str="crackme" str_hash=hashlib.sha1(str.encode()) print(str_hash) print(str_hash.hexdigest())
SHA1 vs MD5
MD5 is another popular hash algorithm that is created before the SHA1. But they are used in the 1990s and 2000s and were an alternative for each other. In this part, we will compare the SHA1 and MD5 hash algorithms.
- `Speed`: MD5 has fewer complex algorithms which make it faster than SHA1
- `Security`: SHA1 has a more complex algorithm which makes is more secure than MD5.
- `Name`: SHA1 stands for `Secure Hash Algorithm` where MD5 stands for `Message Digest`.
- `Hash Size`: SHA1 creates a 160-bit long hash/message digest where MD5 creates a 128-bit hash/message digest.
- `Popularity`: MD5 was more popular then SHA1 but in the last decade it losing its popularity
- `Usage Cases`: MD5 is generally used in hardware restricted devices like a switch, router where SHA1 is used in more stronger devices like computers.