SHA-1 Hash Generator

Generate SHA-1 hash from any text

Input Text

Runs locally · Safe to paste secrets

SHA-1 Hash

SHA-1 hash will appear here…

Also try:MD5 Hash Generator SHA-256 Hash Generator SHA-384 Hash Generator SHA-512 Hash Generator HMAC Generator Hash Identifier

What Is SHA-1 Hashing?

SHA-1 (Secure Hash Algorithm 1) is a cryptographic hash function that produces a fixed 160-bit (20-byte) digest from any input. Published by the NSA and standardized by NIST in 1995 as FIPS PUB 180-1 and later documented in RFC 3174, SHA-1 was designed as a stronger successor to SHA-0 and MD5. The algorithm processes input in 512-bit blocks through 80 rounds of bitwise operations, producing a 40-character hexadecimal fingerprint that served as the backbone of SSL/TLS, PGP, SSH, and IPsec for over a decade.

Like all cryptographic hash functions, SHA-1 is a one-way transformation: computing the hash from an input is fast, but recovering the input from the hash alone is computationally infeasible. A single-bit change in the input produces a completely different 160-bit digest — a property called the avalanche effect. SHA-1 maps an arbitrarily large input space to a fixed 160-bit output, which means collisions (two different inputs producing the same hash) must exist mathematically. The security claim of a hash function is that finding such collisions should require approximately 2^80 operations — half the output bit length.

In 2017, Google and CWI Amsterdam published the SHAttered attack, demonstrating the first practical SHA-1 collision by producing two different PDF files with the same digest. The attack required approximately 2^63.1 SHA-1 computations — well below the theoretical 2^80 bound. In 2020, Gaetan Leurent and Thomas Peyrin further reduced the cost with a chosen-prefix collision attack requiring roughly 2^63.4 operations. As a result, all major browsers, certificate authorities, and standards bodies have deprecated SHA-1 for digital signatures and TLS certificates. However, SHA-1 remains in active use for non-security purposes: Git object IDs (though Git is migrating to SHA-256), legacy HMAC constructions, and file integrity checksums where adversarial collision resistance is not required.

Why Use This SHA-1 Generator?

Generate SHA-1 hashes instantly without installing anything or writing code. Paste your text and get the 40-character hex digest in real time — useful for verifying legacy checksums, debugging Git internals, or testing hash-based workflows.

⚡

Instant Hashing

Output updates as you type. No button clicks, no waiting — the SHA-1 digest appears character by character as you modify the input.

🔒

Privacy-First Processing

All hashing runs locally in your browser using the Web Crypto API. Your input text never leaves your device and is never sent to any server.

📋

One-Click Copy

Copy the hash to clipboard with a single click. Toggle between lowercase and uppercase hex output to match whatever format your system expects.

🔍

No Account Required

No sign-up, no login, no usage limits. Open the page and start hashing immediately. Works on any device with a modern browser.

SHA-1 Use Cases

Git Internals & Debugging

Git identifies every object (commit, tree, blob, tag) by its SHA-1 hash. When debugging Git plumbing commands, verifying pack files, or writing custom Git tooling, a quick SHA-1 generator helps you cross-check object IDs against expected values.

Legacy System Verification

Many older systems, package registries, and firmware update mechanisms still publish SHA-1 checksums alongside downloads. Generate and compare SHA-1 hashes to verify file integrity when SHA-256 digests are not available.

Subresource Integrity (SRI)

While sha256 and sha384 are preferred for SRI hashes in HTML script and link tags, some legacy CDN configurations still rely on SHA-1. Generate the expected digest to audit or transition existing SRI attributes.

QA & Regression Testing

Compare SHA-1 hashes of API responses, build artifacts, or database snapshots between test runs to detect unexpected changes without performing a full byte-by-byte diff of large outputs.

Data Deduplication

Compute SHA-1 hashes of file contents or data records in ETL pipelines to identify duplicates. The 160-bit output provides a stronger uniqueness guarantee than MD5 for non-adversarial deduplication scenarios.

Learning & Education

SHA-1 is a well-documented algorithm with extensive academic literature. Experiment with it to understand Merkle-Damgard construction, message scheduling, and why collision resistance breaks down when the output length is too short relative to modern computing power.

SHA-1 vs Other Hash Algorithms

SHA-1 produces a 160-bit digest — longer than MD5 (128 bits) but significantly shorter than SHA-2 family algorithms. The table below compares digest sizes, standards, and appropriate use cases for each algorithm.

Algorithm	Digest Size	Hex Length	Standard	Best For
SHA-1	160 bits	40 hex chars	1995 / RFC 3174	Deprecated — legacy git commits, old TLS
SHA-256	256 bits	64 hex chars	2001 / FIPS 180-4	TLS certificates, blockchain, JWTs
SHA-384	384 bits	96 hex chars	2001 / FIPS 180-4	Government systems, higher security margin
SHA-512	512 bits	128 hex chars	2001 / FIPS 180-4	Digital signatures, HMAC with large keys
MD5	128 bits	32 hex chars	1992 / RFC 1321	Checksums only — broken since 2004
SHA-3	256 bits	64 hex chars	2015 / FIPS 202	Post-quantum readiness, alternative to SHA-2
BLAKE3	256 bits	64 hex chars	2020	High-performance checksums, Merkle trees

How SHA-1 Works

SHA-1 follows the Merkle-Damgard construction: the message is padded, split into 512-bit blocks, and each block is processed through 80 rounds of bitwise operations that mix the input with a message schedule derived from the block. Five 32-bit state words (H0 through H4) carry the running hash state, and the final concatenation of these words produces the 160-bit digest.

Input: "hello world"
SHA-1: 2aae6c35c94fcfb415dbe95f408b9ce91ee846ed
(160 bits = 20 bytes = 40 hex characters)

Step	Description
Padding	Append a 1-bit, then zeros, until message length is 448 mod 512. Append the original length as a 64-bit big-endian integer.
Block splitting	Divide the padded message into 512-bit (64-byte) blocks.
Expansion	Expand each 16-word block into 80 words using a left-rotate-by-1 XOR feedback schedule.
Compression	Process 80 rounds per block using four nonlinear functions (Ch, Parity, Maj, Parity) across rounds 0-19, 20-39, 40-59, and 60-79.
Output	Concatenate the five 32-bit state words (H0-H4) into a 160-bit (20-byte) digest, rendered as 40 hexadecimal characters.

The key difference between SHA-1 and MD5 is the number of state words (5 vs. 4), the number of rounds per block (80 vs. 64), and the use of a message schedule with left-rotate feedback. These differences give SHA-1 a larger output (160 vs. 128 bits) and originally provided a higher security margin, though both algorithms are now considered broken for collision resistance.

Code Examples

How to generate SHA-1 hashes in popular languages and environments. Unlike MD5, SHA-1 is available in the browser Web Crypto API, making it usable without external libraries in both browser and Node.js environments.

JavaScript (Web Crypto API — browser & Node.js)

// SHA-1 is available in the Web Crypto API
async function sha1(text) {
  const data = new TextEncoder().encode(text)
  const hashBuffer = await crypto.subtle.digest('SHA-1', data)
  const hashArray = Array.from(new Uint8Array(hashBuffer))
  return hashArray.map(b => b.toString(16).padStart(2, '0')).join('')
}

await sha1('hello world')
// → "2aae6c35c94fcfb415dbe95f408b9ce91ee846ed"

// Node.js (built-in crypto module)
const crypto = require('crypto')
crypto.createHash('sha1').update('hello world').digest('hex')
// → "2aae6c35c94fcfb415dbe95f408b9ce91ee846ed"

Python

import hashlib

# Basic SHA-1 hash
result = hashlib.sha1(b'hello world').hexdigest()
print(result)  # → "2aae6c35c94fcfb415dbe95f408b9ce91ee846ed"

# Hash a string (encode to bytes first)
text = 'hello world'
hashlib.sha1(text.encode('utf-8')).hexdigest()
# → "2aae6c35c94fcfb415dbe95f408b9ce91ee846ed"

# Hash a file in chunks
with open('file.bin', 'rb') as f:
    sha1 = hashlib.sha1()
    for chunk in iter(lambda: f.read(8192), b''):
        sha1.update(chunk)
    print(sha1.hexdigest())

package main

import (
    "crypto/sha1"
    "fmt"
)

func main() {
    data := []byte("hello world")
    hash := sha1.Sum(data)
    fmt.Printf("%x\n", hash)
    // → 2aae6c35c94fcfb415dbe95f408b9ce91ee846ed
}

CLI (Linux / macOS)

# Using sha1sum (Linux) or shasum (macOS)
echo -n "hello world" | sha1sum
# → 2aae6c35c94fcfb415dbe95f408b9ce91ee846ed  -

# macOS
echo -n "hello world" | shasum -a 1
# → 2aae6c35c94fcfb415dbe95f408b9ce91ee846ed  -

# Hash a file
sha1sum package.json
# → a1b2c3d4e5f6...  package.json

# Using openssl (cross-platform)
echo -n "hello world" | openssl sha1
# → SHA1(stdin)= 2aae6c35c94fcfb415dbe95f408b9ce91ee846ed

Frequently Asked Questions

Is SHA-1 still safe to use?

SHA-1 is not safe for security-sensitive applications. The 2017 SHAttered attack demonstrated practical collision generation, and the 2020 chosen-prefix attack further lowered the cost. For digital signatures, TLS certificates, or any scenario where an adversary could craft colliding inputs, use SHA-256 or SHA-3 instead. For non-security purposes like checksums and cache keys where no adversary controls the input, SHA-1 remains functional.

What is the difference between SHA-1 and SHA-256?

SHA-1 produces a 160-bit (40-hex-character) digest and is vulnerable to collision attacks. SHA-256 produces a 256-bit (64-hex-character) digest and belongs to the SHA-2 family, which has no known practical attacks. SHA-256 is approximately 20-30% slower than SHA-1 on the same hardware, but the additional 96 bits of output and the absence of known structural weaknesses make it the default recommendation for any new project.

Why does Git use SHA-1?

When Linus Torvalds designed Git in 2005, SHA-1 was considered secure and offered a good balance of speed and collision resistance for content-addressable storage. Git uses SHA-1 as a content identifier, not a security mechanism — it detects accidental corruption, not adversarial tampering. Since 2021, Git has been transitioning to SHA-256 via the hash extension framework described in the git-hash-function-transition plan.

Can you reverse a SHA-1 hash back to the original input?

No. SHA-1 is a one-way function that discards information during hashing. For short or common inputs, attackers can use rainbow tables or brute-force search to find the original plaintext, but this is not a reversal of the algorithm — it is an exhaustive search of the input space. For passwords, use bcrypt, scrypt, or Argon2 instead of any fast hash function.

How does the SHAttered attack work?

The SHAttered attack exploits structural weaknesses in the SHA-1 compression function. By carefully constructing two different 512-bit message blocks that produce the same intermediate hash state, the attackers created two PDF files with identical SHA-1 digests but different visible content. The attack required approximately 2^63 SHA-1 computations — about 6,500 years of single-CPU time, but feasible on a GPU cluster in months. The cost has since dropped further with improved techniques.

What is the difference between SHA-1 and HMAC-SHA1?

SHA-1 is a plain hash function: hash = SHA1(message). HMAC-SHA1 is a keyed message authentication code: mac = HMAC(key, message). HMAC wraps the hash function in a construction that prevents length-extension attacks and requires a secret key. Interestingly, HMAC-SHA1 remains considered secure for message authentication even though SHA-1 itself is broken for collision resistance, because HMAC security depends on the pseudorandom function properties of the compression function, not on collision resistance.

Should I use SHA-1 or MD5 for file checksums?

SHA-1 is a better choice than MD5 for file checksums. MD5 produces a 128-bit digest and has been broken since 2004, with practical collision attacks now executable in seconds. SHA-1 produces a 160-bit digest and its collision attacks, while demonstrated, remain more expensive. However, for any new system, prefer SHA-256 — it provides a 256-bit digest with no known practical attacks and is well-supported across all platforms and languages.