Table of Contents
In the data security field, encryption and hashing are commonly compared, but why is this the case. Encryption is a two-way function where data is passed in as plaintext and comes out as ciphertext, which is unreadable. Since encryption is two-way, the data can be decrypted so it is readable again. Hashing, on the other hand, is one-way, meaning the plaintext is scrambled into a unique digest, through the use of a salt, that cannot be decrypted. Technically, hashing can be reversed, but the computational power needed to decrypt it makes decryption infeasible.
The way hashing works is with a hashing algorithm. This algorithm is most effective when it collision resistant. Collision resistance means that all the digests are unique and do not overlap with each other. This means that the hashing algorithm must be complex enough to not have overlapping hashes, but not so complex as to take too long to compute hashes. Encryption comes in two different types, and both encryption and hashing have several common types of algorithms.
Common Encryption and Hashing Algorithms
Encryption comes in two types: Asymmetric and Symmetric. Asymmetric encryption uses two different keys, a public and private key, for encryption and decryption. The private key is used to encrypt data, and is kept a secret from everyone but the person encrypting the data. The public key is available for anyone, and is used for decryption. Using asymmetric encryption, the authenticity of the data can be verified, because if the data was modified in transit, it would not be able to be re-encrypted with the private key. Symmetric encryption uses the same key for both encryption and decryption. This type of encryption uses less processing power and is faster, but is less secure as only one key is used.
Symmetric Encryption Algorithms:
- Advanced Encryption Standard (AES)
- Rivest Cipher (RC4)
- Data Encryption Standard (DES)
Asymmetric Encryption Algorithms:
- Elliptic Curve Digital Signature Algorithm (ECDSA)
- Rivest-Shamir-Adleman (RSA)
- Pretty Good Privacy (PGP)
- Message Digest Algorithm (MD5)
- Secure Hashing Algorithm (SHA-1, SHA-2, SHA-3)
- Cyclical Reduction Check (CRC32)
Hashing and Encryption Use Cases
Though they are similar, encryption and hashing are utilized for different purposes. One of the uses for hashing is to compare large amounts of data. Hash values are much easier to compare than large chunks of data, as they are more concise. Hashing is also used for mapping data, as finding values using hashes is quick, and good hashes do not overlap. Hashes are used in digital signatures and to create random strings to avoid duplication of data in databases too. As hashing is extremely infeasible to reverse, hashing algorithms are used on passwords. This makes the password shorter and undiscoverable by attackers.
Encryption, on the other hand, tends to be used for encrypting data that is in transit. Data being transmitted is data that needs to be read by the recipient only, thus it must be sent so that an attacker cannot read it. Encryption hides the data from anyone taking it in the middle of transit, and allows only the decryption key owner to read the data. Other times encryption would be used over hashing is for storing and retrieving data in databases, authentication methods, and other cases where data must be hidden at rest, but retrieved later.
|Definition||A two-way function that takes in plaintext data, and turns it into undecipherable ciphertext.||A one-way method of hiding sensitive data. Using a hashing algorithm, hashing turns a plaintext into a unique hash digest that cannot be reverted to the original plaintext, without considerable effort.|
|Reversible or Irreversible?||Reversible||Irreversible|
|Variable or Fixed Length Output?||Variable Length||Fixed Length|
|Types||Asymmetric and Symmetric||Hashing|
|Common Algorithms||AES, RC4, DES, RSA, ECDSA||SHA-1, SHA-2, MD5, CRC32, WHIRLPOOL|