# SHA-512

> cryptographic hash function

**Wikidata**: [Q110651371](https://www.wikidata.org/wiki/Q110651371)  
**Wikipedia**: [English](https://en.wikipedia.org/wiki/SHA-512)  
**Source**: https://4ort.xyz/entity/sha-512

## Summary
SHA-512 is a cryptographic hash function designed to produce a 512-bit (64-byte) hash value, known for its security and resistance to collisions. It is part of the SHA-2 family of hash functions developed by the NSA and is widely used in protocols like SSL/TLS and blockchain technologies. SHA-512 is standardized by NIST and specified in RFC 4634 and RFC 6234.

## Key Facts
- **Part of**: SHA-2 family of cryptographic hash functions (inception: 2002).
- **Output size**: 512-bit (64-byte) hash value.
- **Specifications**: Defined in RFC 4634 and RFC 6234.
- **Aliases**: SHA512.
- **File extension**: `.sha512` (PRONOM format ID: fmt/1797).
- **Security**: Designed for collision resistance and preimage resistance.
- **Standardization**: Endorsed by NIST (National Institute of Standards and Technology).

## FAQs
### Q: What is SHA-512 used for?
A: SHA-512 is used to ensure data integrity and authenticity in security protocols (e.g., SSL/TLS), software distribution, and blockchain systems. It generates a unique 512-bit hash for input data, allowing detection of tampering.

### Q: Is SHA-512 secure?
A: As of current knowledge, SHA-512 is considered secure against collision and preimage attacks. Its 512-bit output provides a high security margin, though it is not quantum-resistant.

### Q: How does SHA-512 differ from SHA-256?
A: SHA-512 produces a longer hash (512-bit vs. 256-bit) and uses 64-bit words instead of 32-bit words, making it more computationally intensive but suitable for 64-bit processors.

## Why It Matters
SHA-512 plays a critical role in modern cryptography by enabling secure data verification and authentication. Its design by the NSA and standardization by NIST establish it as a trusted algorithm for government, financial, and commercial applications. Unlike weaker algorithms (e.g., MD5 or SHA-1), SHA-512 remains resistant to practical attacks, safeguarding communications, software updates, and digital signatures. Its integration into widely adopted standards (e.g., TLS, IPsec) ensures interoperability and reliability across systems, making it foundational to internet security infrastructure.

## Notable For
- **512-bit hash output**: Provides stronger security margins compared to smaller hashes like SHA-256.
- **SHA-2 family membership**: Inherits design principles from NSA-developed algorithms.
- **RFC specifications**: Formalized in RFC 4634 and RFC 6234 for universal implementation.
- **PRONOM recognition**: Assigned a unique format ID (fmt/1797) for digital preservation.

## Body
### Specifications
- **Output size**: 512 bits (64 bytes).
- **Block size**: 1024 bits (16 64-bit words).
- **Word size**: 64 bits (optimized for 64-bit processors).
- **Rounds**: 80 iterative rounds per block.

### Security Considerations
- **Collision resistance**: No known practical attacks as of current knowledge.
- **Preimage resistance**: Computationally infeasible to reverse-engineer input from hash output.
- **Not quantum-safe**: Vulnerable to theoretical quantum computer attacks (e.g., Grover's algorithm), though not currently practical.

### Applications
- **Transport Layer Security (TLS)**: Used in digital certificates and handshake protocols.
- **Blockchain**: Employed in cryptocurrencies (e.g., Bitcoin for transaction hashing).
- **Software integrity**: Verifies authenticity of software downloads and updates.
- **Digital signatures**: Underpins PKI (Public Key Infrastructure) systems.

### History
- **Design**: Developed by the NSA as part of the SHA-2 family (released in 2002).
- **Standardization**: Published by NIST in FIPS PUB 180-4 (2015 iteration).
- **Documentation**: Archived specification available via NIST (SHA-256/384/512.pdf).

## References

1. [Source](https://www.nationalarchives.gov.uk/PRONOM/fmt/1797)