SHA1 VS RSA: what's the difference between them?

Ted Smith picture Ted Smith · Apr 9, 2009 · Viewed 53.3k times · Source

What are the differences between SHA1 and RSA? Are they just different algorithms or are they fundamentally (i.e. used for different things) different on some level.

Answer

David M picture David M · Apr 9, 2009

Fundamentally different.

SHA1 is a hash algorithm, which is a one way function, turning an input of any size into a fixed-length output (160 bit in this case). A cryptographic hash function is one for which it should not be possible to find two inputs giving the same output except by brute force (for instance, with a 128-bit function you should need to try on average 2^64 message to find such a "collision" due to something called the birthday paradox - Google it for more).

In fact for SHA1 this is no longer the case - the algorithm is (in cryptographic terms at least) broken now, with a collision attack described by Xiaoyun Wang et al that beats a classic birthday attack. The SHA2 family is not broken, and a process is underway by NIST to agree on a SHA3 algorithm or family of algorithms.

Edit - Google have now generated and published an actual SHA1 collision.

RSA is an asymmetric encryption algorithm, encrypting an input into an output that can then be decrypted (contrast a hash algorithm which can't be reversed). It uses a different key for encryption (the public one) than for decryption (the private one). This can therefore be used to receive encrypted messages from others - you can publish your public key, but only you with the private key can then decrypt the messages that have been encrypted with it.

If you reverse the keys for RSA, it can be used to generate a digital signature - by encrypting something with your private key, anyone can decrypt it with the public key and, if they are sure the public key belongs to you, then they have confidence that you were the one who encrypted the original. This is normally done in conjunction with a hash function - you hash your input, then encrypt that with your private key, giving a digital signature of a fixed length for your input message.