SHA (Secure Hash Algorithm) is a family of digest algorithms (i.e. cryptographic hashes), i.e. checksum functions that are hard to forge. The recommended digest algorithms these days are SHA-1 and SHA-2 (which covers both SHA-256 and SHA-512). MD5 is a deprecated alternative.
SHA is a family of cryptographic hash functions (i.e. cryptographic digests). That is, they are checksum functions (producing a fixed-size output for an (almost) arbitrary-sized input), with no known way to find two inputs with the same checksum or to recover the input given the checksum.
The SHA algorithms are specified by the U.S. standard body NIST's publication FIPS-180. There have been several versions of SHA; both SHA-1 and SHA-2 are currently in widespread use:
- SHA-0: withdrawn in favor of SHA-1 due to an undisclosed flaw
- SHA-1 sha1: a widely-used algorithm with a 160-bit result, published in 1993. SHA-1 is currently deprecated in favor of SHA-2, although it is still approved for many official uses and no serious flaw is known.
- SHA-2 sha2: a family of four similar algorithms with different output sizes: SHA-256, SHA-512, and the less common variants SHA-224 and SHA-384. It was published in 2002.
- SHA-3 sha-3: the future successor of SHA-1 and SHA-2, which is scheduled to be selected by NIST in 2012 amongst candidates (the selection is now down to 5 competitors).
MD5 md5 is an earlier cryptographic digest algorithm, now deprecated because collisions have been found, but still used in legacy systems.
