SHA-1 Hash Generator
What is SHA-1?
SHA-1 (Secure Hash Algorithm 1) was designed by the NSA and published by NIST in 1995. It produces a 160-bit (40 hex character) digest from any input. For years it was the backbone of TLS certificates, PGP signatures, and Git's object store.
SHA-1 is no longer considered secure. In 2017, Google's SHAttered attack produced two different PDF files with identical SHA-1 hashes — the first practical collision. Certificate authorities stopped issuing SHA-1 TLS certificates in 2017, and most security standards have formally deprecated it.
When should you still use SHA-1?
Only in non-security contexts — for example, Git uses SHA-1 as a fast content-addressable key (Git 2.29+ supports SHA-256 as an experimental alternative). Do not use SHA-1 for passwords, certificates, digital signatures, or any integrity check where an attacker could forge inputs.
How SHA-1 Works
SHA-1 is built on the Merkle–Damgård construction: the input is padded to a multiple of 512 bits, split into 512-bit blocks, and fed one at a time into a compression function that updates a 160-bit internal state.
The internal state consists of five 32-bit words (A, B, C, D, E) initialised to fixed constants. Each 512-bit block drives 80 rounds of mixing using bitwise operations (AND, OR, XOR, NOT), 32-bit rotations, and four round-specific nonlinear functions. An expanded message schedule stretches the 16 original 32-bit words of the block into 80 words.
After all blocks are processed the five words are concatenated to produce the 40-character hex digest.
Why collisions are possible
The compression function reuses bits across rounds in a way that allows differential cryptanalysis — an attacker can craft two carefully chosen input blocks that collide after mixing. The SHAttered attack exploited exactly this, requiring roughly 2⁶³ SHA-1 evaluations (feasible on modern GPU clusters) rather than the theoretical 2⁸⁰ brute-force cost.
SHA Hash Comparison
| Algorithm | Output | Security | Common Uses |
|---|---|---|---|
| SHA-1 (this tool) | 160-bit / 40 chars | ❌ Deprecated | Legacy systems, Git (legacy) |
| SHA-256 | 256-bit / 64 chars | ✅ Current standard | TLS, JWT, Bitcoin, passwords |
| SHA-384 | 384-bit / 96 chars | ✅ High security | TLS 1.3 cipher suites |
| SHA-512 | 512-bit / 128 chars | ✅ Highest in SHA-2 | High-security signatures |
If you need a secure hash today, use SHA-256 or stronger.
Frequently Asked Questions
Can I reverse a SHA-1 hash?
No. SHA-1 is a one-way function — there is no algorithm that reliably recovers the original input from the hash. Lookup tables ("rainbow tables") work only for short, common inputs like weak passwords.
Is SHA-1 safe for checksums (non-security use)?
For detecting accidental corruption (e.g. download integrity), SHA-1 is still technically fine — it's collision resistance that is broken, not preimage resistance. However, using SHA-256 costs nothing extra and is a better habit.
What's the difference between SHA-1 and MD5?
Both are deprecated for security use. MD5 produces a 128-bit (32 char) digest and is even weaker than SHA-1. SHA-1's 160-bit output and different construction make collisions harder, but neither is safe.
Does SHA-1 work on files?
SHA-1 hashes bytes, not text. This tool hashes the UTF-8 encoded bytes of whatever you type. File checksums are computed the same way on the raw file bytes.
