SHA-1 : Java Glossary

go to home page S words local find full screen, hide local find menu Google search web for more information on this topic jump to foot of page translate this page with Babelfish by Roedy Green ©1996-2009 Canadian Mind Products
index page for letter ⇒ punctuation 0-9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z (all)
SHA-1
Secure Hash Algorithm 1, a message-digest algorithm developed by NIST the National Institute of Standards and Technology and NSA the National Security Agency. SHA-1 produces an 160-bit (20 byte) message digest used for creating unforgeable digital signatures. The algorithm is slower than MD5, but the message digest is larger, which makes it more resistant to brute force attacks, which choose messages at random in an attempt to generate the same message digest. SHA-1 is also used to digitally sign jar files. PGP uses SHA-1 for digitally signing email. You compute it using a MesssageDigest object created like this:
Note that SHA-1 involves no private or public key. The algorithm for computing it is completely public. It represents a summary of an entire file or message. Only that summary needs to be digitally signed/encrypted, not the entire file. SHA-1 now has higher strength brothers, SHA-256, SHA-384, and SHA-512 for 256, 384 and 512-bit digests respectively. SHA-0 is also 160 bits, and is an obsolete first attempt, quickly replaced by SHA-1

A SHA-1 digest looks like an byte[20] of apparently random bytes, though they are completely repeatable. You need to armour it if you want to make it printable for transporting in an email, for example. The SHA-1 digests that you see in the manifest of a Sun-style digitally signed jar file are base64 encoded.

SHA-1 is a trap-door, one-way function. You can easily compute the SHA-1 digest of a document, but you can’t go backwards and compose a document with a given digest. SHA-1 is not an encryption method.

Learning More

Sun’s Javadoc on the MessageDigest/SHA-1 class : available:
armouring
base64
certificate
digest
digital signing
encryption
How SHA-1 is computed: official standard
JCE
manifest
MD5
PGP
SHA family of hash functions
CMP homejump to top
CMP logo		 feedback Please email your feedback for publication, errors, omissions, broken/redirected link reports
and suggestions to improve this page to Roedy Green : feedback email
made with CSS
HTML Checked!
ICRA ratings logo
mindprod.com IP:[65.110.21.43]
Your face IP:[38.103.63.58]
You are visitor number 35,355.
You can get a fresh copy of this page from: or possibly from your local J: drive (Java virtual drive/mindprod.com website mirror)
http://mindprod.com/jgloss/sha1.html J:\mindprod\jgloss\sha1.html