SHA-1 Hash Generator & Checksum Verifier

SHA-1 Hash Generator - Generate SHA-1 Checksums Online

A free online SHA-1 hash generator that creates 160-bit SHA-1 checksums from any text input. Perfect for developers and system administrators needing SHA-1 hashes for legacy systems, Git commits, and development testing. Fast, client-side processing with instant results.

What is SHA-1 and how does it work?

SHA-1 (Secure Hash Algorithm 1) is a cryptographic hash function designed by the NSA and published by NIST in 1995 as FIPS PUB 180-1. It produces a 160-bit (20-byte) hash, typically represented as a 40-character hexadecimal string. SHA-1 processes input in 512-bit blocks through 80 rounds of bitwise operations, modular additions, and rotations. The input is padded to a multiple of 512 bits with the length encoded in the last 64 bits. Output is deterministic — the same input always produces the same hash. SHA-1 was widely used in TLS, Git, and digital signatures before being deprecated for security uses.

Is SHA-1 still secure to use?

No — SHA-1 is cryptographically broken for collision resistance. In February 2017 Google and CWI Amsterdam published 'SHAttered,' the first practical collision attack producing two distinct PDF files with identical SHA-1 hashes (paper: shattered.io). The attack cost was approximately $110,000 in cloud compute. NIST formally deprecated SHA-1 in 2011 (SP 800-131A) and disallowed it for digital signatures in 2014. Modern browsers (Chrome 56+, Firefox 51+, Safari 11+) reject TLS certificates signed with SHA-1. Use SHA-256, SHA-3, or BLAKE3 for any new cryptographic application. SHA-1 remains acceptable only for non-security uses like content checksums or Git commit identifiers.

Why does Git still use SHA-1?

Git uses SHA-1 to generate the commit ID, tree hash, and blob hash. Linus Torvalds chose SHA-1 in 2005 for its speed and adequate uniqueness for non-adversarial use. Git is moving to SHA-256 — Git 2.29 (October 2020) added experimental SHA-256 repository support. SHAttered-style collision attacks are not practical in Git because creating malicious content matching an existing commit's SHA-1 is much harder than producing two arbitrary colliding files. The Git project documented hardening measures in 2018 to detect SHAttered-style attacks at the protocol level. New repositories should opt into `git init --object-format=sha256` for future-proofing, though SHA-1 compatibility is the current default.

How is SHA-1 different from MD5 and SHA-256?

MD5 produces 128 bits (32 hex chars), SHA-1 produces 160 bits (40 hex chars), SHA-256 produces 256 bits (64 hex chars). MD5 was broken in 2004 (Wang et al. collision attack); SHA-1 was broken in 2017 (SHAttered). SHA-256 (part of the SHA-2 family, FIPS PUB 180-4) remains secure as of 2025 with no practical attacks known. SHA-256 is roughly 50 percent slower than SHA-1 on modern CPUs but has hardware acceleration via Intel SHA extensions and ARMv8 Crypto extensions. For new applications use SHA-256 or SHA-3; never use MD5 or SHA-1 for cryptographic purposes.

Can SHA-1 be reversed to find the original input?

No — SHA-1 is a one-way function by design. Given a hash, there is no mathematical operation to recover the original input. However, for short or low-entropy inputs (passwords, common words), attackers can use rainbow tables (precomputed hash → input mappings) or brute-force/dictionary attacks. For an 8-character lowercase alphanumeric password, modern GPUs can compute all 2.8 trillion possible SHA-1 hashes in under a day. This is why SHA-1 (and SHA-256) should never be used to store passwords directly — use bcrypt, Argon2id, scrypt, or PBKDF2 with proper salting and many iterations. NIST SP 800-63B requires Argon2 or bcrypt for password storage.

How do I generate a SHA-1 hash in code?

Python: `import hashlib; hashlib.sha1(b'hello').hexdigest()` returns 'aaf4c61ddcc5e8a2dabede0f3b482cd9aea9434d'. JavaScript (browser): `await crypto.subtle.digest('SHA-1', new TextEncoder().encode('hello')).then(b => Array.from(new Uint8Array(b)).map(b => b.toString(16).padStart(2, '0')).join(''))`. Node.js: `crypto.createHash('sha1').update('hello').digest('hex')`. Bash/Unix: `echo -n 'hello' | sha1sum`. All produce the same 40-character hexadecimal string. The byte-string vs text-string distinction matters: `'hello'.encode()` in Python gives bytes; passing a regular string can raise TypeError. Always specify input encoding (typically UTF-8) explicitly for non-ASCII content.

What are HMAC-SHA1 and where is it still acceptable?

HMAC-SHA1 (RFC 2104) combines a secret key with SHA-1 to produce a 160-bit message authentication code. Even though SHA-1 collision resistance is broken, HMAC-SHA1 remains secure because HMAC relies on the underlying hash function's pseudo-random function property, not collision resistance. AWS Signature Version 2 historically used HMAC-SHA1 (now deprecated in favor of Signature Version 4 with HMAC-SHA256). OAuth 1.0a (RFC 5849) specified HMAC-SHA1 as a signing method. Modern applications should still migrate to HMAC-SHA256 (RFC 4868) or HMAC-SHA3 because future weaknesses in SHA-1 could affect HMAC down the line, and modern hardware accelerates SHA-256 equally.

What is the SHA-1 file checksum used for?

SHA-1 checksums are still widely used to verify file integrity in non-adversarial contexts: Linux distribution downloads (Debian, Ubuntu provide SHA1SUMS and SHA256SUMS), Docker image manifests, GitHub commit IDs, BitTorrent piece hashes, and content-addressable storage systems. They detect accidental corruption from disk errors or partial downloads but cannot defend against malicious tampering. Always prefer SHA-256 checksums when available — most distributions now publish both. To verify: `sha1sum file.iso` and compare against the published value. The shattered.io demonstration showed two crafted PDFs with the same SHA-1 but different content, so trust SHA-1 only for non-adversarial integrity.

How do I verify a download with SHA-1?

When a project publishes a SHA1SUM (or .sha1) file alongside an ISO, package, or release archive, you confirm your download is intact by hashing the local file and comparing it to that published value. On the command line: `sha1sum ubuntu.iso` prints a 40-character hex digest followed by the filename — compare it character-for-character with the value in the SHA1SUMS file (or run `sha1sum -c SHA1SUMS` to check automatically). With this tool, pick the file in the 'Or hash a file' field — it is hashed locally in your browser via Web Crypto and never uploaded — then paste the published checksum into the 'Expected hash' field. You get an explicit MATCH (checksum verified) or NO MATCH (checksum differs) verdict, so you do not have to eyeball 40 hex characters by hand. The comparison is case-insensitive and tolerates a pasted full SHA1SUM line (it ignores the trailing filename). Note: a SHA-1 match proves the file was not accidentally corrupted in transit, but because SHA-1 collision resistance is broken, prefer the SHA-256 (sha256sum) checksum when the project publishes both for protection against deliberate tampering.

Key Features

• Generate SHA-1 hash from any text instantly
• 160-bit (40-character) hash output
• Lowercase or uppercase hexadecimal format
• Web Crypto API for fast hashing
• Input length statistics (UTF-8 byte count)
• Copy hash to clipboard
• Download hash as text file
• Upload files to hash content
• Verify file or text against an expected SHA-1 checksum
• Dark mode support
• 100% client-side processing
• Works offline after initial load
• Mobile-friendly responsive design
• Support for Unicode and emoji
• No registration required