In Sha-1 cryptography, Secure Hash Algorithm 1 is a cryptographic hash function that takes input and generates a 160-bit (20-byte) hash value, known as a message digest, typically displayed as a 40-digit hexadecimal number. It was developed by the US national security Agency and To the us Federal information processing standard.

Since 2005, SHA-1 is not considered to be protected from well-funded opponents, and since 2010, many organizations have recommended its replacement with SHA-2 or SHA-3. Microsoft, Google, Apple and Mozilla have announced that their respective browsers will stop accepting SHA-1 SSL certificates by 2017.

In 2017, CWI Amsterdam and Google announced that they had carried out a collision attack against SHA-1, publishing two heterogeneous PDFs that produced the same Sha-1 hash.