SHA-1 Generator

Generate SHA-1 hash values from text input. SHA-1 produces a 160-bit hash value.

Input Text

Input Stats

Characters

13

Bytes (UTF-8)

13

SHA-1 Hash

Click "Generate SHA-1 Hash" to create hash

About SHA-1

Hash Length: 160 bits (40 hex characters)

Use Cases: Git commits, file verification, legacy systems

Status: Deprecated for security-critical applications

Warning: SHA-1 is considered weak for cryptographic purposes. Use SHA-256 or higher for security-critical applications.

What Is SHA-1?

SHA-1, which stands for Secure Hash Algorithm 1, is a cryptographic hash function designed by the United States National Security Agency (NSA) and published by the National Institute of Standards and Technology (NIST) in 1995. It belongs to the SHA family of hash functions and produces a fixed-size 160-bit (20-byte) hash value, commonly rendered as a 40-character hexadecimal string.

A hash function takes an arbitrary-length input and deterministically maps it to a fixed-length output. SHA-1 is a one-way function: given the hash output, it is computationally infeasible to reconstruct the original input. Even a tiny change in the input — as small as flipping a single character — will produce a completely different hash value, a property known as the avalanche effect.

SHA-1 was widely adopted throughout the late 1990s and 2000s for digital signatures, certificate authorities, SSL/TLS handshakes, and software distribution verification. Although it has since been deprecated for most security-critical applications due to demonstrated collision vulnerabilities, it remains in active use in legacy systems and version control tools like Git, where its collision resistance requirements are less strict.

Understanding SHA-1 is important for developers working with legacy codebases, auditing older infrastructure, or learning the fundamentals of cryptographic hashing before moving to stronger algorithms such as SHA-256 or SHA-3.

How the SHA-1 Algorithm Works

The SHA-1 algorithm follows the Merkle–Damgård construction, a widely used framework for building secure hash functions. It processes input data in discrete 512-bit (64-byte) blocks through a series of carefully designed compression rounds.

Step 1 — Pre-processing (Padding)

The input message is first encoded as UTF-8 bytes. A single 1 bit is appended, followed by enough 0 bits to make the total length congruent to 448 bits modulo 512. Finally, the original message length (in bits) is appended as a 64-bit big-endian integer. This ensures every processed block is exactly 512 bits wide.

Step 2 — Initialize Hash Values

Five 32-bit words are initialized with fixed constants derived from fractional parts of square roots:

  • H₀ = 0x67452301
  • H₁ = 0xEFCDAB89
  • H₂ = 0x98BADCFE
  • H₃ = 0x10325476
  • H₄ = 0xC3D2E1F0

Step 3 — Process Each 512-bit Block (80 Rounds)

Each 512-bit block is expanded into an 80-word message schedule. The algorithm then runs 80 rounds divided into four groups of 20. Each round uses a different non-linear Boolean function (Ch, Parity, Maj) and additive constant (K). The five words a, b, c, d, e are updated each round via left rotations and modular addition, mixing the message words into the accumulating hash state.

Step 4 — Produce Final Hash

After all blocks are processed, the five 32-bit words H₀–H₄ are concatenated in order to produce the final 160-bit digest. This tool then converts each byte to its two-digit hexadecimal representation using b.toString(16).padStart(2, '0'), producing the familiar 40-character lowercase hex string.

SHA-1 Hash Output

SHA-1(m) = H₀ ∥ H₁ ∥ H₂ ∥ H₃ ∥ H₄

Where:

  • m= Input message (arbitrary length, UTF-8 encoded bytes)
  • H₀–H₄= Five 32-bit intermediate hash words, each updated through 80 compression rounds
  • = Concatenation operator — the five words are joined to form the final 160-bit output
  • Output= 40-character lowercase hexadecimal string (160 bits = 20 bytes)

Understanding the SHA-1 Output

The SHA-1 generator on this page produces output as a 40-character hexadecimal string. Each pair of hex characters (00–ff) represents one byte of the 20-byte (160-bit) hash. For example, the hash of the empty string is always da39a3ee5e6b4b0d3255bfef95601890afd80709.

Key properties of any SHA-1 output:

  • Fixed length: Always 40 hex characters regardless of input size.
  • Deterministic: The same input always produces the same hash.
  • Unique (practically): Two different inputs are astronomically unlikely to share the same hash under normal conditions, though proven collision attacks do exist.
  • Non-reversible: You cannot recover the original input from the hash alone.

The tool displays input statistics — character count and UTF-8 byte count — because SHA-1 operates on bytes, not characters. Multi-byte Unicode characters (like emoji or accented letters) may occupy more bytes than characters, and the SHA-1 hash is computed over those raw bytes.

Input Bytes SHA-1 Hash (40 hex chars)
(empty) 0 da39a3ee5e6b4b0d3255bfef95601890afd80709
abc 3 a9993e364706816aba3e25717850c26c9cd0d89d
The quick brown fox jumps over the lazy dog 43 2fd4e1c67a2d28fced849ee1bb76e7391b93eb12

Common SHA-1 Use Cases

Despite being deprecated for most cryptographic security purposes, SHA-1 remains relevant in several real-world contexts where you might encounter or need to generate SHA-1 hashes.

Git Version Control

Git uses SHA-1 to identify every object in its object store — commits, trees, blobs, and tags all carry a SHA-1 hash as their identifier. When you see a short commit hash like a9993e3, that is the first seven characters of a full 40-character SHA-1 digest. Git is gradually transitioning toward SHA-256, but SHA-1 remains the default in most active repositories.

File Integrity Verification

Many download mirrors and archive sites publish SHA-1 checksums alongside their files. You can generate a SHA-1 hash of a downloaded file and compare it against the published value to confirm the file has not been corrupted or tampered with in transit. This is especially common for ISO images and software packages on older infrastructure.

Legacy Authentication Systems

Older web applications and API systems may still use HMAC-SHA1 for request signing (for example, early versions of the OAuth 1.0 specification). If you are integrating with such a system, understanding and generating SHA-1 values is a practical requirement.

Deduplication and Caching

SHA-1 is fast to compute and its 160-bit output provides strong practical uniqueness for deduplication purposes in non-adversarial environments — such as identifying duplicate files in a content-addressable storage system or caching rendered HTML fragments.

Learning Cryptographic Concepts

SHA-1's relatively compact design (80 rounds, five state words) makes it an excellent teaching example for understanding how hash functions achieve diffusion and confusion. Studying SHA-1 alongside SHA-256 clarifies the design improvements made in the SHA-2 family.

SHA-1 Security Status and Alternatives

SHA-1 is considered cryptographically broken for collision resistance. In 2017, a team at Google and Centrum Wiskunde and Informatica (CWI) publicly demonstrated the first practical SHA-1 collision — the SHAttered attack — producing two different PDF files with identical SHA-1 hashes. This conclusively proved that SHA-1 should not be trusted to distinguish between different documents or authenticate digital signatures.

Major certificate authorities stopped issuing SHA-1-signed TLS certificates after 2017, and all modern browsers reject them. NIST officially deprecated SHA-1 in 2011 and disallowed its use in new digital signature applications as of 2013.

When SHA-1 is Still Acceptable

  • Non-security checksums in trusted, internal systems where collision attacks are not a realistic threat.
  • Git object identifiers in private repositories where you control all contributors.
  • Deduplication of files from a single trusted source.

Recommended Alternatives

Algorithm Output Length Status Best For
SHA-256 256 bits (64 hex) Recommended General security, TLS, JWT
SHA-512 512 bits (128 hex) Recommended High-security signatures
SHA-3 224–512 bits Recommended Future-proof applications
BLAKE3 256 bits (default) Modern, fast High-throughput checksums

For any new security-sensitive application — password hashing, certificate generation, digital signatures, or API authentication — always choose SHA-256 or stronger. This SHA-1 generator is best used for learning, legacy compatibility, and non-security checksums.

Worked Examples

Hashing a Simple Word

Problem:

Generate the SHA-1 hash of the input text "abc".

Solution Steps:

  1. 1Encode the string "abc" as UTF-8 bytes: 0x61, 0x62, 0x63 (3 bytes total).
  2. 2Pad the 24-bit (3-byte) message to 512 bits: append a 1-bit, then zero bits, then the 64-bit representation of 24 (the original bit length).
  3. 3Initialize the five 32-bit state words to their fixed constants: H₀=0x67452301, H₁=0xEFCDAB89, H₂=0x98BADCFE, H₃=0x10325476, H₄=0xC3D2E1F0.
  4. 4Process the single 512-bit padded block through 80 rounds of the SHA-1 compression function, updating H₀–H₄ with each round.
  5. 5Concatenate the final H₀–H₄ values and convert each byte to two hex digits.

Result:

SHA-1("abc") = a9993e364706816aba3e25717850c26c9cd0d89d (40 hex characters, 160 bits)

Hashing an Empty String

Problem:

What is the SHA-1 hash of an empty string (zero-length input)?

Solution Steps:

  1. 1The input is empty — there are zero bytes to process (0 characters, 0 UTF-8 bytes).
  2. 2Padding is applied directly: the single 1-bit is followed by zero-fill bits, and the 64-bit length field encodes 0.
  3. 3The algorithm still runs one full 512-bit padded block through all 80 compression rounds.
  4. 4Because every SHA-1 run starts with the same initial constants and processes the same padding when input is empty, the result is always identical.
  5. 5Convert the final five 32-bit words to their hexadecimal representation.

Result:

SHA-1("") = da39a3ee5e6b4b0d3255bfef95601890afd80709 — this is the SHA-1 null hash, a well-known constant.

Hashing a Sentence

Problem:

Generate the SHA-1 hash of "The quick brown fox jumps over the lazy dog".

Solution Steps:

  1. 1Encode the 43-character string as UTF-8 bytes (all ASCII, so 43 bytes = 344 bits).
  2. 2Pad to 512 bits: append 1-bit, then zero-fill to 448 bits, then append the 64-bit length (344).
  3. 3This fits in a single 512-bit block. Run 80 compression rounds on that block.
  4. 4The avalanche effect ensures that even though this sentence is similar to "The quick brown fox jumps over the lazy cog" (one letter different), their SHA-1 outputs share no obvious similarity.
  5. 5Produce the 40-character hex output from the final five state words.

Result:

SHA-1("The quick brown fox jumps over the lazy dog") = 2fd4e1c67a2d28fced849ee1bb76e7391b93eb12

Verifying File Integrity with SHA-1

Problem:

A download page lists the SHA-1 checksum of a file as a9993e364706816aba3e25717850c26c9cd0d89d. You want to verify your downloaded copy is intact.

Solution Steps:

  1. 1Generate the SHA-1 hash of the downloaded file's contents using a tool or command-line utility.
  2. 2Compare every character of the computed hash against the published checksum — both must match exactly (case-insensitive).
  3. 3If the hashes match, the file is byte-for-byte identical to the published copy.
  4. 4If any character differs, the file was corrupted during download or tampered with, and should be discarded and re-downloaded.

Result:

If the computed hash equals a9993e364706816aba3e25717850c26c9cd0d89d, the file is verified intact. Any difference indicates corruption or tampering.

Tips & Best Practices

  • SHA-1 is case-insensitive in practice — 'A9993E...' and 'a9993e...' represent the same hash value, but this tool always outputs lowercase.
  • Whitespace matters: 'abc', 'abc ', and 'abc\n' all produce different SHA-1 hashes because trailing spaces and newlines change the byte sequence.
  • For file integrity checks in terminal environments, use 'sha1sum filename' on Linux/macOS or 'certutil -hashfile filename SHA1' on Windows instead of pasting file contents here.
  • Never store or transmit SHA-1 hashes of passwords. Use bcrypt or Argon2 for password hashing — they include salting and tunable cost factors that SHA-1 lacks.
  • If you need a longer hash for higher collision resistance, consider using this site's SHA-256 generator instead — it produces a 256-bit (64 hex character) output.
  • The SHA-1 of the empty string (da39a3ee...) is a useful sanity check: if a tool outputs this for an empty input, its implementation is likely correct.
  • SHA-1 hashes are not encrypted — they are one-way digests. You cannot 'decrypt' a SHA-1 hash to recover the original text; you can only compare hashes.
  • When comparing SHA-1 checksums, always compare the full 40-character string, not just the first few characters, to avoid accidental partial matches.

Frequently Asked Questions

No. SHA-1 should never be used to hash passwords. It is a general-purpose hash function designed for speed, which makes it easy to brute-force with modern hardware using dictionary attacks or rainbow tables. For passwords, always use a dedicated slow key-derivation function such as bcrypt, scrypt, or Argon2, which are specifically designed to be computationally expensive and include salting to prevent rainbow table attacks.
SHA-1 is a deterministic algorithm — its computation is entirely defined by the input bytes and fixed algorithm constants. There is no randomness or secret key involved. This determinism is essential for its verification use case: if SHA-1("abc") produced different outputs each time, you could never reliably verify that a file or message is unchanged. The trade-off is that identical inputs will always reveal themselves through their matching hash.
Both SHA-1 and MD5 are deprecated cryptographic hash functions, but they differ in output size and security margin. MD5 produces a 128-bit (32 hex character) hash while SHA-1 produces a 160-bit (40 hex character) hash. SHA-1 is generally considered slightly more collision-resistant than MD5, though both have been practically broken. For any new application requiring integrity or security, SHA-256 should be used in place of both.
Yes, theoretically and practically. Because SHA-1 maps inputs of any length to a fixed 160-bit output, collisions must mathematically exist (pigeon-hole principle). In 2017, the SHAttered attack demonstrated the first publicly known SHA-1 collision, producing two distinct PDF files with the exact same SHA-1 hash. This is why SHA-1 is no longer trusted for digital signature schemes or certificate authentication. For non-adversarial deduplication in trusted environments, accidental collisions remain extremely rare.
SHA-1 always produces a 160-bit (20-byte) output, regardless of input size. When displayed as a hexadecimal string, each byte is represented by exactly two characters (00 through ff), so 20 bytes × 2 characters per byte = 40 characters. This fixed length is a defining property of hash functions — knowing the hash length reveals nothing about the original input length.
SHA-1 operates on raw bytes, not characters. When you enter Unicode text, it is first encoded as UTF-8 bytes by the browser's TextEncoder API. ASCII characters (A–Z, 0–9, common punctuation) each occupy exactly one byte. Accented characters and most European scripts occupy two bytes. Emoji and many CJK characters occupy three or four bytes. The SHA-1 hash is computed over those raw bytes, so the byte count shown in the input stats panel is what the algorithm actually processes.
Git's use of SHA-1 is primarily for content addressing and deduplication, not for adversarial security. An attacker would need write access to a repository to inject a colliding object, which is already a severe security breach by that point. Git has implemented collision-detection mitigations since 2017 and is actively transitioning to SHA-256 (available as an experimental option in newer Git versions). For most private repositories, SHA-1 in Git remains practically safe.

Sources & References

Last updated: 2026-06-05

💡

Help us improve!

How would you rate the SHA-1 Generator?

<>

Editorial Note

MyCalcBuddy Editorial Team

This page is maintained as an educational calculator reference.

Source

Formula Source: Standard Mathematical References

by Various

UpdatedLast reviewed: May 2026
CheckedFormula checks are based on standard references and internal QA review.