From Crypto++ Wiki
Jump to: navigation, search

SHA is the Secure Hash Algorithm and specifies a family of one way functions. SHA is standardized by NIST in FIPS 180-3, Secure Hash Standard (SHS). SHA-0 is the original 160 bit hash which was found to be defective by the NSA. SHA-1 is the revised version of SHA-0 which many typically use when a hash is needed. SHA-2 refers to a collection of hashes: SHA-224, SHA-256, SHA-384, and SHA-512.

Note to implementers: the security level of SHA-1 has been reduced to approximately 261. In fact, the best publicly available cryptanalysis result is a 2011 attack by Marc Stevens that can produce hash collisions with a complexity of 261 operations, see hashclash - Framework for MD5 & SHA-1 Differential Path Construction and Chosen-Prefix Collisions.

In addition, SHA-1 is no longer recommended by NIST for use in digital signatures in the Federal arena. See SP 800-57, Recommendation for Key Management, Table 3 on page 64.

Crypto++ Validation

Crypto++'s fipstest.cpp test file performs SHA validation in function SecureHashKnownAnswerTest.

Sample Program