|
〕 , no actual collisions are publicly known. }} In cryptography, SHA-1 (Secure Hash Algorithm 1) is a cryptographic hash function designed by the United States National Security Agency and is a U.S. Federal Information Processing Standard published by the United States NIST.〔http://csrc.nist.gov/publications/fips/fips180-4/fips-180-4.pdf〕 SHA-1 is considered insecure against well-funded opponents, and it is recommended to use SHA-2 or SHA-3 instead.〔〔https://www.schneier.com/blog/archives/2015/10/sha-1_freestart.html〕 SHA-1 produces a 160-bit (20-byte) hash value known as a message digest. A SHA-1 hash value is typically rendered as a hexadecimal number, 40 digits long. SHA-1 is a member of the Secure Hash Algorithm family. The four SHA algorithms are structured differently and are named SHA-0, SHA-1, SHA-2, and SHA-3. SHA-0 is the original version of the 160-bit hash function published in 1993 under the name SHA: it was not adopted by many applications. Published in 1995, SHA-1 is very similar to SHA-0, but alters the original SHA hash specification to correct weaknesses that were unknown to the public at that time. SHA-2, published in 2001, is significantly different from the SHA-1 hash function. In 2005, cryptanalysts found attacks on SHA-1 suggesting that the algorithm might not be secure enough for ongoing use.〔(【引用サイトリンク】title=Schneier on Security: Cryptanalysis of SHA-1 )〕 NIST required many applications in federal agencies to move to SHA-2 after 2010 because of the weakness.〔http://csrc.nist.gov/groups/ST/toolkit/secure_hashing.html〕 Although no successful attacks have yet been reported on SHA-2, it is algorithmically similar to SHA-1. In 2012, following a long-running competition, NIST selected an additional algorithm, Keccak, for standardization under SHA-3.〔(Schneier on Security: NIST Hash Workshop Liveblogging (5) )〕〔(Hash cracked – heise Security )〕 Microsoft, Google and Mozilla〔(【引用サイトリンク】 title=Bug 942515 - stop accepting SHA-1-based SSL certificates with notBefore >= 2014-03-01 and notAfter >= 2017-01-01, or any SHA-1-based SSL certificates after 2017-01-01 )〕〔(【引用サイトリンク】 title=CA:Problematic Practices - MozillaWiki )〕 have all announced that their respective browsers will stop accepting SHA-1 SSL certificates by 2017. Windows XP SP2 and earlier, and Android 2.2 and earlier, do not support SHA2 certificates.〔(As sites move to SHA2 encryption, millions face HTTPS lock-out; ZDNet; October 23, 2015. )〕 ==The SHA-1 hash function== SHA-1 produces a message digest based on principles similar to those used by Ronald L. Rivest of MIT in the design of the MD4 and MD5 message digest algorithms, but has a more conservative design. The original specification of the algorithm was published in 1993 under the title ''Secure Hash Standard'', FIPS PUB 180, by U.S. government standards agency NIST (National Institute of Standards and Technology). This version is now often named ''SHA-0''. It was withdrawn by the NSA shortly after publication and was superseded by the revised version, published in 1995 in FIPS PUB 180-1 and commonly designated ''SHA-1''. SHA-1 differs from SHA-0 only by a single bitwise rotation in the message schedule of its compression function; this was done, according to the NSA, to correct a flaw in the original algorithm which reduced its cryptographic security. However, the NSA did not provide any further explanation or identify the flaw that was corrected. Weaknesses have subsequently been reported in both SHA-0 and SHA-1. SHA-1 appears to provide greater resistance to attacks , supporting the NSA’s assertion that the change increased the security. 抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』 ■ウィキペディアで「SHA-1」の詳細全文を読む スポンサード リンク
|