The US government’s National Institute of Standards and Technology (NIST) is officially retiring the Secure Hash Algorithm-1 for secure data processing. The protocol’s second and third versions are more secure.

NIST has announced that the SHA-1 encryption algorithm has officially reached its end-of-life status. The US Government Standards Office recommends users switch to the protocol’s latest and more secure versions, SHA-2 and SHA-3. These iterations offer 224-, 256-, 384- and 512-bit encryption.

NIST guaranteed a long-term migration period. Minimal SHA-1 support will be maintained until December 31, 2030.

SHA-1 algorithm

Released in 1995, the SHA-1 algorithm was the first security algorithm for data processing. Meanwhile, there are seven similar algorithms in use by the US government. SHA-1 allows data to be encrypted with up to 160 bits or 40 hexadecimal characters.

This level has become outdated and exploitable by hackers. The algorithm has seen increasingly less use in recent years. Large tech companies have long phased out SHA-1. Windows Update stopped using the algorithm in 2020.

Tip: AWS to change S3’s default bucket security settings in April 2023