Java Glossary : SHA-1

CMP home Java glossary home Menu no menu Last updated 2004-06-28 by Roedy Green ©1996-2004 Canadian Mind Products

Java definitions: 0-9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

You are here : home : Java Glossary : S words : SHA-1.

SHA-1
Secure Hash Algorithm 1, a message-digest algorithm developed by NIST the National Institute of Standards and Technology and NSA the National Security Agency. SHA-1 produces an 160-bit (20 byte) message digest used for creating unforgeable digital signatures. The algorithm is slower than MD5, but the message digest is larger, which makes it more resistant to brute force attacks, which choose messages at random in an attempt to generate the same message digest. SHA-1 is also used to digitally sign jar files. PGP uses SHA-1 for digitally signing email. You compute it using a MesssageDigest object created like this:


view

Note that SHA-1 involves no private or public key. The algorithm for computing it is completely public. It represents a summary of an entire file or message. Only that summary needs to be digitally signed/encrypted, not the entire file. SHA-1 now has higher strength brothers, SHA-256, SHA-384, and SHA-512 for 256, 384 and 512-bit digests respectively.

The SHA-1 digests that you see in the manifest of a digitally signed jar file are base64 encoded.

base64 ¤ certificate ¤ digest ¤ digital signing ¤ manifest ¤ MD5 ¤ PGP

CMP logo
CMP_home
home		 Canadian Mind Products CSS
HTML Checked!
ICRA ratings logo
mindprod.com IP:[24.87.56.253]
Your IP:[80.134.30.163]
You are visitor number 2769.
Please send errors, omissions and suggestions
to improve this page to Roedy Green.
You can get a fresh copy of this page from: or possibly from your local J: drive mirror:
http://mindprod.com/jgloss/sha1.html J:\mindprod\jgloss\sha1.html