# SHA256 ![](/files/n6WCPujHJ5SUsHxiT8UW) ## A Brief History of the Secure Hashing Algorithms SHA stands for "secure hashing algorithm". The SHA-1 set of hash functions was developed by the NSA and published in 1993 – with its more well-known improved version being published in 1995 – as an extension to the MD5 hash function. From 1995 to 2005, SHA-1 was considered an ideal hash function; complete with all 3 properties of ideal hash functions: preimage resistance, second preimage resistance, and collision resistance. However, as computer processors became more powerful, SHA-1 became collision prone. In 2005, it was shown it’s possible to muster the necessary computing power to find a collision for a SHA-1 hash value and swap the input values for its 160bit long output value. As a result, SHA-1 is now considered insecure. It was formally depreciated by the United States' National Institute of Standards and Technology (NIST) in 2011 disallowing its use for digital signatures. In 2020, a collision attack on a SHA-1 hash to produce the same SHA-1 hash value for any two arbitrary inputs was carried out for less than $100,000 USD. ### Secure Hashing Algorithm 2: SHA-2 Before SHA-1 became officially insecure, the NSA produced a second set of more complex hash functions, first published by NIST in 2001, called the SHA-2, or Secure Hashing Algorithm 2, set of hash functions (SHA224, SHA256, SHA384, SHA512, SHA512/224, and SHA512/256). Like SHA-1, the SHA-2 family of hash functions are Merkle-Damgård hash functions; however, their compression functions are more complex, and the message digests are significantly larger than SHA-1. ### Secure Hashing Algorithm 256: SHA-256 Named after its message digest bit-length, SHA-256 produces a 256-bit message digest. This means SHA-256 has $$2^{256}$$ possible unique output values. Human beings aren't good at intuitively understanding astronomically large numbers, so to put it into perspective, 1 million seconds equates to about 11 days, 1 billion seconds equates to about 31.6 years, 1 trillion seconds or a 1 with 12 zeros, equates to about 31,710 years, and $$2^{256}$$ is approximately equal to $$1.1579\*10^{77}$$ or 1 with 77 zeros following it; meaning it's safe to say SHA-256 has such a low probability of two different input values sharing the same message digest, or very good collision resistance, that it will likely be quite a long time before we have the ability to find a feasible SHA-256 collision attack. Additionally, since BSV publishes all transactions in clear text, i.e., it’s not a cryptographic system, and each transaction uses unique values, even if an attacker were able to discover a private key for a particular transaction, they would have only gained access to a single UTXO within a single transaction. ### Double SHA-256: HASH-256 In Bitcoin, the double hash of SHA-256 is commonly written as SHA-256d or abstracted to a new function called HASH-256. HASH-256 is used to: * Generate transaction IDs – including Merkle Roots * Generate block header IDs * Block header IDs are used to find a proof-of-work solution #### Activity - Generate a HASH-256 Message Digest Using the [hash calculator](https://bitcoinsv.academy/hash-calculator), generate a SHA-256 message digest in hexadecimal (HEX) for each of the following ASCII input strings: ```markup hash functions map an arbitrary length input to a fixed length output ``` ```markup I'm a short string ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://hub.bsvblockchain.org/higher-learning/bsv-academy/hash-functions/sha-256.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.