SHSH

SHSH, or "Signed Hash" is a 1024-bit RSA signature that is verified by the bootloader before execution of an image is permitted.

Technically, the SHSH of a firmware image is a 1024-bit ( bytes) RSA signature. This often also refers to backup files with the signature ("SHSH blobs"). This signature is needed to restore a specific iOS version; it is generated by Apple based on hardware keys of the device and the hash of the firmware. Apple only issues signatures for the currently-available iOS version, which disallows installing older iOS versions. But if you have saved signatures for an older iOS version, you may be able to use a replay attack to restore that version. Therefore it is recommended to save the signature for your device as long as Apple issues it.

With the tools mentioned below it is possible to backup the signature. It is not necessary that the device is jailbroken to do the backup.

Users often misunderstand this system and think that the SHSH firmware version they back up depends on the firmware version they have installed on their device. This is the case for iFaith, but not for TinyUmbrella. iFaith dumps the SHSHs from your device's storage (whatever's installed on your device, e.g. 4.3.3), while TinyUmbrella gets SHSHs from Apple's servers (whatever firmwares Apple is currently signing).

SHSH blobs are unique to each device by ECID.

Using SHSH
Older devices (iPhone and iPod touch) do not use SHSH signatures, so installation of any firmware on these devices is possible.

iPhone OS 1.x and 2.x do not use SHSH signatures, and can therefore be downgraded to at any time, even on devices that do use SHSH signatures, such as iPhone 3G.

Versions above iPhone OS 3.0 require the iBEC, iBSS, and LLB to be fully signed with an SHSH for the ECID of that device.

However, some devices are vulnerable to untethered bootrom exploits, such as 0x24000 Segment Overflow or alloc8. These devices can be restored to a custom IPSW in Pwned DFU Mode for any version that is available to that particular device. Notable devices vulnerable to untethered bootrom exploits are the iPhone 3GS and iPod touch (2nd generation). The limera1n Exploit is able to provide a tethered downgrade for vulnerable devices.

Since various exploits, such as the limera1n Exploit, are fixed in the bootrom since version Bootrom 838.3 and because iOS versions 5.0 and above includes a nonce in their SHSH hashes, downgrading newer devices is not as simple. Blobs must be stitched into a custom firmware, and restored to in Pwned DFU Mode.

Blobs can be saved with tools such as iFaith and TinyUmbrella. Firmwares can be stitched using iFaith, redsn0w or sn0wbreeze.

Newer methods such as Odysseus, Prometheus or iDeviceReRestore are used now because other tools have become outdated and newer versions of iTunes prevents restores to custom versions.

Timeline
As noted above, the original iPhone and iPod touch didn't use SHSH blobs. iPhone OS 1.x and 2.x didn't use SHSH blobs either. iPhone 3G and iPod touch (2nd generation) both used SHSH blobs on iOS 4, but following the re-opening on 10 January 2018, all versions (excluding betas) that they ever ran can now be freely installed.

Protocol
To request a SHSH blob from Apple, a simple HTTP request can be made. For a full description, see the separate articles SHSH Protocol and Baseband SHSH Protocol.