# SHA

**SHA** is the **Secure Hash Algorithm** and specifies a family of one way functions. **SHA** is standardized by NIST in FIPS 180-3, *Secure Hash Standard (SHS)*. SHA-0 is the original 160 bit hash which was found to be defective by the NSA. SHA-1 is the revised version of SHA-0 which many typically use when a hash is needed. SHA-2 refers to a collection of hashes: SHA-224, SHA-256, SHA-384, and SHA-512.

Note to implementers: the security level of SHA-1 has been reduced to approximately 2^{61}. In fact, the best publicly available cryptanalysis result is a
2011 attack by Marc Stevens that can produce hash collisions with a complexity of 2^{61} operations, see *hashclash - Framework for MD5 & SHA-1 Differential Path Construction and Chosen-Prefix Collisions*.

In addition, SHA-1 is no longer recommended by NIST for use in digital signatures in the Federal arena. See *SP 800-57, Recommendation for Key Management*, Table 3 on page 64.

## Crypto++ Validation

Crypto++'s `fipstest.cpp` test file performs SHA validation in function `SecureHashKnownAnswerTest`.