The Secure Hash Algorithm (SHA) is a family of cryptographic hash functions standardized by NIST. The Secure Hash Standard, FIPS 180-4, specifies SHA-1 along with the SHA-2 family: SHA-224, SHA-256, SHA-384, and SHA-512, distinguished by the bit length of the digest they produce. A separate standard, FIPS 202, specifies the SHA-3 family.
SHA-1 produces a 160-bit digest and was for many years the default hash on the web. It is now considered broken for security purposes: practical collision attacks have been demonstrated, meaning two different inputs can be made to share the same SHA-1 digest, so it must not be used where collision resistance matters.
The SHA-2 family, and SHA-256 in particular, is now ubiquitous. It secures TLS connections that protect web traffic, anchors the proof-of-work and transaction hashing in Bitcoin, and is used by the git version control system to identify content. SHA-256’s larger digest and internal design have so far resisted the attacks that defeated earlier hashes.
SHA-3 was standardized later in FIPS 202 as a structurally different alternative built on a sponge construction, providing a backup design in case weaknesses were ever found in the SHA-2 family. Together these standards give system builders a range of vetted, interoperable hash functions.