NIST Says Use of SHA-1 Algorithm No Longer Advisable
The National Institute of Standards and Technology (NIST) has deprecated use of the SHA-1 cryptographic algorithm.
According to the announcement, the algorithm “has reached the end of its useful life,” and NIST recommends that IT professionals replace it with newer, more secure options. “We recommend that anyone relying on SHA-1 for security migrate to SHA-2 or SHA-3 as soon as possible,” said NIST computer scientist Chris Celi.
SHA-1, which stands for “secure hash algorithm,” has been in use since 1995 and was “one of the first widely used methods of protecting electronic information.”
However, the announcement notes, “as attacks on SHA-1 in other applications have become increasingly severe, NIST will stop using SHA-1 in its last remaining specified protocols by Dec. 31, 2030.”