SHA-1 is and algorithm developed by NSA for DSS (Digital Signature Standard) and is thus the algorithm of SHS (Secure Hash Standard)
SHA-1 is based on MD4 algorithm (as was MD5) developed by Ron Rivest at 1990.
Maximum message length for SHA-1 is bits from where SHA-1 provides 160-bit hash value
SHA-1 vs MD5
SHA-1 uses five vectors where MD5 used 4 (128+32 = 160)
SHA-1 has 4*20= 80 rounds while MD5 had 4*16=64 rounds
SHA-1 bit functions are slightly different
Security of SHA-1
Compared to MD5
The hash size of SHA-1 is 32 bits longer and is thus more resistant for brute-force attacks
SHA-1 is slightly slower and requires bit more memory(more rounds, longer vectors to get 160 bit hash)
SHA-1 uses input bits more often in during the hash function than MD5
On February 15th, 2005 Bruce Schneier stated on his blog:
“SHA-1 has been broken. Not a reduced-round version. Not a simplified version. The real thing. The research team of Xiaoyun Wang, Yiqun Lisa Yin, and Hongbo Yu (mostly from Shandong University in China) have been quietly circulating a paper announcing their results:
collisions in the the full SHA-1 in hash operations, much less than the brute-force attack of operations based on the hash length.
collisions in SHA-0 in operations.
collisions in 58-round SHA-1 in operations.”
Currently all MD5 style Hash functions are susceptible.
Competition for generating new hash standard will be opened by NIST