ISSUE :
 
Profile photo
Submitted by RaKumar
on May 23rd, 2011 at 10:23:38 EST

Difference between SHA1, SHA1CryptoServiceProvider, SHA1Managed and SHA1Cng classes in .NET?

I need to use Hashing algorithm and I am looking into SHA (Secure Hash Algorithm). But I found many classes in .NET for even SHA1. Can someone please explain whats the difference between various SHA1 classes such as SHA1, SHA1CryptoServiceProvider, SHA1Managed and SHA1Cng in .NET? Which one should be used over the other?


Profile photo
Replied by SBajra
on May 23rd, 2011 at 13:43:19 EST
Main difference between SHA1, SHA1CryptoServiceProvider, SHA1Managed and SHA1Cng are:
1) SHA1: this is abstract class. All other implementation of SHA1 (SHA1CryptoServiceProvider, SHA1Managed and SHA1Cng) implements this abstract class. To create concreate SHA1 class, use SHA1.Create(). By default SHA1.Create() returns SHA1CryptoServiceProvider, which is configurable.
To configure default SHA1 implementation: http://msdn.microsoft.com/en-us/library/693aff9y.aspx
2) SHA1CryptoServiceProvider: this is wrapper for unmanaged CryptoAPI(CAPI). This is Federal Information Processing Standard (FIPS) certified.
3) SHA1Managed: this is complete implementation of SHA1 using managed code. This is fully managed but not FIPS certified and may be slower.
4) SHA1Cng: this is wrapper for unmanaged Cryptography Next Generation (CNG). These are newer implementation of cryptographic algorithms by Microsoft with Windows 2008/Windows Vista or newer. This is also FIPS certified.
Accepted Answer
Accepted
 Answer

Profile photo
Replied by RaKumar
on May 23rd, 2011 at 14:35:39 EST
nice explanation. Thanks

Profile photo
Replied by Dave Semmelink
on November 19th, 2013 at 08:26:29 EST
Just FYI, the managed version is 2 to 3 times *faster* than either CAPI or CNG. I am guessing this is because of the time it takes .Net to switch between managed and unmanaged code. An app done purely in unmanaged code using CNG or CAPI would probably be faster than a .Net app using the managed class.