CryptoSys Home >
API >
SHA-1 cryptography software
The Secure Hash Algorithm (SHA-1) produces a condensed representation of a message or a data file that can be used by both the transmitter and intended receiver of the message and to verify a digital signature.
SHA-1 is specified in FIPS PUB 180 Secure Hash Standard, (pdf-link).
SHA-1 can process a message of up to 264 bits (that's 256 bytes or 64 Petabytes - a lot!) and produces a message digest of 160 bits (20 bytes). The SHA-1 is called secure because it is computationally infeasible to find a message which corresponds to a given message digest, or to find two different messages which produce the same message digest. Any change to a message in transit will, with very high probability, result in a different message digest, and the signature will fail to verify. SHA-1 is preferred over the less-secure MD5 message digest algorithm.
The SHA-1 function is no longer considered as secure as it was designed to be. Read RFC4270 Attacks on Cryptographic Hashes in Internet Protocols. For better security, consider using the 256-bit SHA-256 secure hash algorithm.
| VB6/C Functions | .NET methods |
|---|---|
The SHA_1Hmac function provides HMAC, a mechanism for message authentication
using the SHA-1 cryptographic hash function. For more details, refer to
RFC 2104
HMAC: Keyed-Hashing for Message Authentication,
Krawczyk, Bellare and Canetti, February 1997 or
FIPS PUB 198 The Keyed-Hash Message Authentication Code (HMAC), March 2002,
(pdf 173 kB).
For more information or to comment on this page, please send us a message.
This page last updated 15 August 2025.
