This SHA-1 tool hashes a string into a message digested SHA-1 hash. This is a quick way for you to verify a hash you are working with is correct. If you are using salt, make sure to include that in the string.
What is a SHA-1 Hash?
SHA-1 (Secure Hash Algorithm) is a 160 bit cryptographic hash function created by the NSA in 1995. It creates a 40 byte hash value for the input of the algorithm. SHA-1 is one-way, meaning that the original input cannot be be determined simply by knowing the hash value. SHA-1 was designed to be collision resistant, meaning that two inputs could not have the same hash value.
When and why would you use SHA-1 Hash?
In 2005, SHA-1 was found to no longer be secure enough for ongoing use in high security environments. It was widely used for signing of SSL certificates, but is being phased out and will no longer be supported by many browsers by 2017.
SHA-1 is often used as a checksum
algorithm. Text or files are fed into the MD5 algorithm and the resulting hash would change if the file had been changed. This is done to detect malicious tampering, or file corruption.
SHA-1 has also historically been used as a password hashing algorithm. Password hashing algorithms allow a password to be stored, in a website's database for instance, without having to store the actual password. This makes it more difficult to steal passwords, and if the hash is taken, the user's password is not necessarily compromised. When using a hashing algorithm for passwords it is wise to use "salt". With SHA-1, salt is added by concatinating a string unrelated to the password to the user supplied password string.
A plain SHA-1 hash:
I love Dan's Tools! results in a hash of
An MD5 Hash with salt for a user supplied password of
would be salted so the input for the MD5 is
. This would result in a hash of
use Digest::SHA1 qw(sha1 sha1_hex sha1_base64);
- More information about SHA-1 (Wikipedia)