MD4;algorithm;Rivest;hash function;message digest;brute-force collision;Capstone;inversion attacks">


Question 100. What is the Secure Hash Algorithm (SHA and SHA-1)?

The Secure Hash Algorithm (SHA), the algorithm specified in the Secure Hash Standard (SHS), was developed by NIST (see Question 146) and published as a federal information processing standard (FIPS PUB 180) [NIS93a]. SHA-1 [NIS94c] was a revision to SHA that was published in 1994. The revision corrected an unpublished flaw in SHA. Its design is very similar to the MD4 family of hash functions developed by Rivest (see Question 99).

The algorithm takes a message of less than 264 bits in length and produces a 160-bit message digest. The algorithm is slightly slower than MD5 (see Question 99), but the larger message digest makes it more secure against brute-force collision and inversion attacks (see Question 96). SHA is part of the Capstone project (see Question 150). For further information on SHA, see [Pre93] and [Rob95c].