ENCRYPTION VULNERABILITIES USING SHA-1
SHA-1 is an encryption type with a cryptographic hash function. This means that with each encoding, a new hash is generated. This type of encoding method is also called a cryptographic hash function.
As already said, theoretically the SHA function should create a unique hash for all data inserted into it, but with increasing insertion, the chance of different peers creating the same hash number increases together, thus generating a collision between with these already generated numbers.
So with the collision, you can create an untrusted certificate with a hash identical to a trusted certificate. If they make you install this untrusted certificate, it can make a fake certificate as trusted and distribute malicious data.
The problem increased when attacks on the SHA-1 hash algorithm became more dangerous with “chosen prefix collision attacks”. It means collision attacks can now be performed with custom entries, and they are no longer just accidental, allowing malicious users to target files to duplicate and forge.
SHA-2 is a group of hashing algorithms that were created to replace SHA-1. SHA-2 contains several hash values, they are SHA-224, SHA-256, SHA-384 and SHA-512. SHA-256 is the default value.
There are a lot of different ways to create hashes, the algorithm used by SHA-2 is one of the most used for the balance between security and cost, it is a very efficient algorithm against collision attacks, the hashes combinations are much larger than the combinations of the SHA-1 type.
Another feature of the SHA-2 hash algorithm is that the size of the resulting hash is always the same, no matter how long it takes to generate, the result is always a sequence of 64 letters and numbers (with an encoding of 256 bits and 32 bytes).
SHA-2 has several uses and one of them is in Bitcoin, SHA-2 is used for the mining process, but also in the process of generating bitcoin addresses, this is due to the high level of security it offers.
Another important use is within the blockhain network, all nodes contain a 64-character hash copy representing the information, for example, an entire block. Once this information is validated by the network, any manipulation of this information by attempting to modify any character in the validated hash would be detected immediately and discarded.
Main difference SHA-1 e SHA-2
Hash values: SHA-1 generates a value of 160bits, SHA-2 generates 256 bits in the standard format.
Usage: SHA-1 used to sign SSL certificates, SHA-2 used as a function into blockchain.
Security: SHA-2 mais seguro pois contém 256 bits em seu formato padrão.
Diversity: SHA-2 contains 256 bits in its standard format, that’s why is more sucre than SHA-1.