http://www.movable-type.co.uk/scripts/sha1.Html
A hash is not ‘encryption’ – it cannot be decrypted back to the original text (it is a ‘one-way’ cryptographic function, and is a fixed size for any size of source text). This makes it suitable when it is appropriate to compare ‘hashed’ versions of texts, as opposed to decrypting the text to obtain the original version. Such applications include stored passWords, challenge handshake authentication, and digital signatures.
- to validate a passWord, you can store a hash of the password, then when when the password is to be authenticated, you hash the password the user supplIEs, and if the hashed versions match, the password is authenticated; but the original passWord cannot be obtained from the stored hash
- ‘challenge handshake authentication’ (or ‘challenge hash authentication’) avoids transmissing passwords in ‘clear’ – a clIEnt can send the hash of a password over the internet for validation by a server without risk of the original passWord being intercepted
- anti-tamper – link a hash of a message to the original, and the recipient can re-hash the message and compare it to the supplIEd hash: if they match, the message is unchanged; this can also be used to confirm no data-loss in transmission
- digital signatures are rather more involved, but in essence, you can sign the hash of a document by encrypting it with your private key, producing a digital signature for the document. Anyone else can then check that you authenticated the text by decrypting the signature with your public key to obtain the original hash again, and comparing it with their hash of the text.
SHA-1 is one of the most secure hash algorithms. It is used in SSL (Secure Sockets Level), PGP (Pretty Good Privacy), XML Signatures, and in Microsoft’s Xbox, among hundreds of other applications (including from IBM, Cisco, Nokia, etc). It is defined in the NIST (National Institute of Standards and Technology) standard
