What is SHA or Secure Hash Algorithm?

Secure Hash Algorithm (SHA) refers to a group of standardized cryptologic hash functions. These are used to calculate a unique check for any digital data and are the basis for creating a digital signature. The check value is used to ensure the integrity of a message. If two messages give the same test value, is the equality of the messages which normally to be expected to be guaranteed, without prejudice any targeted attempts to manipulate the data. Therefore if we demand a cryptographic hash function, for safety; SHA or Secure Hash Algorithm should virtually make impossible to generate two different messages with the same test value with guess or reverse engineering. [Read : Encryption and Decryption ]

What is the History of Secure Hash Algorithm (SHA)?

The National Institute of Standards and Technology (NIST) in collaboration with the National Security Agency (which now infamously known to all as NSA) developed a hash function as part of the Digital Signature Algorithms (DSA) for the Digital Signature Standard (DSS). The function was published in 1994. The Secure Hash Standard (SHS) designated a standard which specifies the secure hash algorithm (SHA) with a hash value of 160 bits length for any digital data from a maximum of 2 Exbibyte length. Internal blocks of size 512 bits (64 bytes) were used in this standard. The algorithm is similar in design to that of MD4 developed by Ronald L. Rivest. The SHA has been corrected due to a in 1995 due to a design flaw. This new variant is now known as SHA-1, the original is referred as SHA-0. SHA-0, almost not used now. Principle, as said was based on the same design and goals as in MD4. With its longer hash value of 160 bits SHA was more resistant to brute-force attacks. [Read the practical usage of RSA, DSA Keys]

However, the corrected version of the original SHA ( read correcting the design flaws of SHA-0 ) differs from SHA-0 by very little more detail, it had not introduced other measures that can immediately give a much higher level of security. The cryptanalysis confirms, however, that the change significantly complicated back calculation.

On 15 February 2005, cryptography expert Bruce Schneier reported in his blog that scientists Xiaoyun Wang, Yiqun Lisa Yin and Hongbo Yu of Shandong University have successfully broken SHA-1. They could manage the back calculation with high-performance computers. Collisions were not published until these days to preserve safety.

A short time later, on 17 August 2005, Andrew Yao and Frances Yao at one conference presented another, more efficient collision attack on SHA-1, which reduced the amount of calculation needed. In August 2006, another, much more serious attack against SHA-1 was presented at the CRYPTO 2006, which may possibly in practice can take effects. In this attack, a part of the fake message to the content were freely chosen (up to 25% currently). In the recent collision attacks, the so-called hash twins were formed only with meaningless combinations of letters of the plaintext and were therefore easily identified.

A critical attack scenario assumes, however that the attacker can create a second, at least useful in variant parts of a document that gives the same SHA-1 value and thus also the same signature. The case of the new attack method currently remaining 75% meaningless letter combinations (i.e. garbage) can possibly, at least technically easily hidden from the eyes of an untrained observer. The attacker can therefore claim that the forged version was signed in place of the original version. [Key is a Terminology]

What is the Current State of Secure Hash Algorithm (SHA)?

From August 8, 2007 to May 12, 2009 a research group of the Technical University of Graz attempted collisions in SHA-1 algorithm to find flaws. The project was terminated due to insufficient progress. In response to becoming a known victim, a workshop was held by National Institute of Standards and Technology (NIST) in October 2005, in which the current state of cryptographic hash functions was discussed. NIST recommends that the transition from SHA-1 to hash functions SHA-2 family (SHA-224, SHA-256, SHA-384, SHA-512) is important. In the long run this will be replaced by a new standard named SHA-3. For this purpose, NIST modeled on the Advanced Encryption Standard (AES) on a tender. The final selection and appointment went on October 2012.

NIST has four variants of the published algorithms – SHA-224, SHA-256, SHA-384 and SHA-512. These developments are often collectively referred to as SHA-2. The SHA-1 and SHA-256 are also the basis for a cipher block.

RFC 3174 = Secure Hash Algorithm 1 (SHA1) (September 2001)
RFC 4634 = Secure Hash Algorithms (SHA and HMAC-SHA) (July 2006)
RFC 6234 = Secure Hash Algorithms (SHA and SHA-based HMAC and HKDF) (May 2011)