{"id":4122,"date":"2016-03-01T18:00:43","date_gmt":"2016-03-01T17:00:43","guid":{"rendered":"http:\/\/www.samlogic.net\/blog\/?p=4122"},"modified":"2019-07-07T18:14:02","modified_gmt":"2019-07-07T18:14:02","slug":"what-is-sha-1-and-sha-2-and-whats-the-difference-between-them","status":"publish","type":"post","link":"https:\/\/www.samlogic.net\/blog\/2016\/03\/what-is-sha-1-and-sha-2-and-whats-the-difference-between-them\/","title":{"rendered":"What is SHA-1 and SHA-2 and what&#8217;s the difference between them?"},"content":{"rendered":"<p>As we wrote in <a href=\"https:\/\/www.samlogic.net\/blog\/2016\/03\/visual-installer-now-supports-sha-2-and-dual-code-signing\/\">this blog post<\/a>, Visual Installer now supports both <strong>SHA-1<\/strong> and <strong>SHA-2<\/strong> hash algorithms when it code signs setup packages. But maybe you wonder what this really means and what the difference is between SHA-1 and SHA-2? We will give a short explanation below.<\/p>\n<p><strong>SHA<\/strong> (in <strong>SHA-1<\/strong> and <strong>SHA-2<\/strong>) is an acronym for <strong>Secure Hash Algorithm<\/strong>. SHA-1 and SHA-2 is a set of cryptographic hash functions designed by <a href=\"https:\/\/en.wikipedia.org\/wiki\/National_Security_Agency\" target=\"_blank\" rel=\"noopener noreferrer\">NSA<\/a>. Cryptographic hash functions are mathematical operations run on digital data, and by comparing a computed &#8220;hash&#8221; (the output from an execution of the algorithm) to a known and expected hash value, it is possible to determine the integrity of the data. For example, computing the hash of a downloaded file and comparing the result to a known hash result can show if the downloaded file has been modified or tampered with since it was created.<\/p>\n<p>SHA-1 is older than SHA-2 and it is no longer considered as secure. Operating systems (as Windows) and web browsers will soon not accept SHA-1 anymore. Instead must SHA-2 be used. SHA-2 is a family of six hash functions and one of them is <strong>SHA-256<\/strong>, which is commonly used when code signing binary files (for example program files, DLL files and setup packages). SHA-256 produces a 256 bit hash value. That is more than the older SHA-1, that only produces a 160 bit hash value.<\/p>\n<p>For further reading, we recommend the following Wikipedia pages:<br \/>\n<strong><span style=\"color: #ff0000;\">&gt;<\/span><\/strong> <a href=\"https:\/\/en.wikipedia.org\/wiki\/Secure_Hash_Algorithm\" target=\"_blank\" rel=\"noopener noreferrer\">Secure Hash Algorithm<\/a><br \/>\n<strong><span style=\"color: #ff0000;\">&gt;<\/span><\/strong> <a href=\"https:\/\/en.wikipedia.org\/wiki\/SHA-1\" target=\"_blank\" rel=\"noopener noreferrer\">SHA-1 (Secure Hash Algorithm 1)<\/a><br \/>\n<strong><span style=\"color: #ff0000;\">&gt;<\/span><\/strong> <a href=\"https:\/\/en.wikipedia.org\/wiki\/SHA-2\" target=\"_blank\" rel=\"noopener noreferrer\">SHA-2 (Secure Hash Algorithm 2)<\/a><\/p>\n<p><strong>See also<\/strong><br \/>\n<strong><span style=\"color: #ff0000;\">&gt;<\/span><\/strong> <a href=\"https:\/\/www.samlogic.net\/articles\/code-signing.htm\" target=\"_blank\" rel=\"noopener noreferrer\">What is Code Signing \/ Digital Signature \/ Digital Certificate? (Q&amp;A)<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>As we wrote in this blog post, Visual Installer now supports both SHA-1 and SHA-2 hash algorithms when it code signs setup packages. But maybe you wonder what this really means and what the difference is between SHA-1 and SHA-2? We will give a short explanation below. SHA (in SHA-1 and SHA-2) is an acronym &hellip; <\/p>\n<p class=\"link-more\"><a href=\"https:\/\/www.samlogic.net\/blog\/2016\/03\/what-is-sha-1-and-sha-2-and-whats-the-difference-between-them\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;What is SHA-1 and SHA-2 and what&#8217;s the difference between them?&#8221;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[3],"tags":[],"_links":{"self":[{"href":"https:\/\/www.samlogic.net\/blog\/wp-json\/wp\/v2\/posts\/4122"}],"collection":[{"href":"https:\/\/www.samlogic.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.samlogic.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.samlogic.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.samlogic.net\/blog\/wp-json\/wp\/v2\/comments?post=4122"}],"version-history":[{"count":1,"href":"https:\/\/www.samlogic.net\/blog\/wp-json\/wp\/v2\/posts\/4122\/revisions"}],"predecessor-version":[{"id":6048,"href":"https:\/\/www.samlogic.net\/blog\/wp-json\/wp\/v2\/posts\/4122\/revisions\/6048"}],"wp:attachment":[{"href":"https:\/\/www.samlogic.net\/blog\/wp-json\/wp\/v2\/media?parent=4122"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.samlogic.net\/blog\/wp-json\/wp\/v2\/categories?post=4122"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.samlogic.net\/blog\/wp-json\/wp\/v2\/tags?post=4122"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}