Hashing vs encryption — What exactly do these terms mean?
Encryption is used to scramble or decrypt a document or a file such that confidential information cannot be tampered with or compromised by unauthorized users. To discourage someone from altering the content of a file or corrupting it and passing it off as the original file, Hashing is helpful in checking the real value of a file. Both of them sound very similar. So, what’s the difference between encoding and hashing? In a nutshell, encryption relies more on data security, while data integrity is tackled by hashing.
We do not substitute encryption for hashing, or vice versa, because they are distinct principles applied in separate scenarios to accomplish distinct objectives. For any scenario needs the implementation of both functions, most security researchers are urged to adopt the model of encrypt-then-hash. While technically better, it’s still more difficult to do.
What is Encryption: Hashing versus Encryption?
Encryption is the mechanism in which plaintext communication gets scrambled into apparently gibberish information that is completely nonsensical if obtained by a malicious person on the network. To encrypt the initial message into cipher text, a mathematical algorithm is implemented that can only be decoded by its intended receiver.
Remember, for instance, that Todd unexpectedly discovered some wealth and inherited valuables from his great grandmother. He likes to position these things in a security deposit box that is stored in a secured bank vault. Anyone looking at the vault would not immediately figure out its contents. The vault and the box inside it can be unlocked and its objects reached only if Todd shares the key.
One example of an encryption cipher or algorithm is ROT13. It essentially moves each letter 13 places away in the alphabet as a variation of the Caesar cipher.
Though a weak encryption algorithm, the above illustration shows the basic fact that encrypted information is reversible.
Let’s take the following example: Alice sends Bob an email, and she encrypts it such that the data is unable to make sense of someone eavesdropping on the network (such as a man-in-the-middle attacker). However, if Bob, on the receiving end, could not decode and read the letter, it would be a pointless exercise.
Alice uses Bob’s public key and her private key to encrypt her message to facilitate this method. Now, using his private key and Alice’s public key, only Bob can decode the message. A third person, Eve, who listens over the wire, doesn’t have a private key for Bob. She does not decode the code, however, and is left with a stream of garbled data.
Types of Encryption:
There are two primary encryption categories:
Asymmetric Encryption-Two distinct keys are used in this encryption process. One key is encrypted (public key), while the other key is decrypted (private key). This encryption forms the basis of the Public Key Infrastructure (PKI), which is the SSL/TLS confidence model.
Symmetric Encryption-The same key is used for both encrypting and decrypting a message in this type of encryption. It’s a faster form of encryption that takes less computing power to compute, so there’s only one key involved.
The secret key is exchanged using asymmetric encryption in the SSL/TLS handshake process. The browser and server connect after the key has been shared using the symmetric session key that is passed through.
Asymmetric encryption is known to be safer and more stable due to its one-way nature.
Some Popular Algorithms for Encryption
Let’s take a look at some of the most popular algorithms for encryption:
- Advanced Encryption Protocol (AES)-AES is a highly effective symmetric block cipher trusted by various organisations as a standard. As the only realistic effective assaults against it have leveraged side-channel attacks, AES has proved to be efficient.
- Triple DES-Designed to replace the original Data Encryption Format (DES), three individual keys of 56 bits each are used by triple DES. In terms of security, although a substantial improvement over DES, it is now considered a legacy encryption algorithm.
- RSA – Named after its creators Rivest-Shamir-Adleman, RSA is a public key encryption algorithm that was developed in 1977 and is still in use today. In RSA, a message can be encrypted by both the public and the private keys, while the opposite key from the one used in encryption is used to decode it.
Encryption vs Hashing: What is Hashing?
Hashing is the method of using a mathematical function to transform an input of variable length to a fixed size sequence of numbers and letters.
Let us look at an oversimplified instance to help understand the concept of hashing. Suppose Todd wanted to prepare his daughter’s cake for her birthday. He assembles the ingredients (sugar, milk, flour, baking powder, etc.) and he has the perfect birthday cake ready until it is fully baked. However, Todd can not return the cake back to an arrangement of its individual ingredients, nor can he distinguish from two such cakes the exact quantity of each part. So, we have the input (the products used) and we use the hash function (in this case, it’s the method of mixing and baking) to get a specific digest message (the cake).
What are some key traits of hashing?
- It is important to make each hash value or output unique.
Hashing speed is a vector, too. To generate a hash value, a hash function should be relatively fast. - A hash feature needs to be secure. Even a small modification to the input file can yield a hash value that is somewhat different.
- In the sense that the same input needs to generate the very same hash, it is immutable.
- It is permanent, i.e. from its hash value it is not possible to arrive at the original input file.
Some Common Hashing Algorithms
Any of the most popular hashing algorithms in use today are the following:
- MD4 and MD5 — MD4 was created in 1990 by Ronal Rivest. Using this algorithm, however, results in a number of security problems. MD5 was developed as its successor; MD5 is still considered to suffer from bugs though its protection is marginally enhanced. Salts are usually applied to protect hashes of passwords (as a preventive measure against brute force attacks). Salting is a necessity when using weak hashing functions such as MD5, which thereby means that the salt stays uncompromised.
- SHA (Security Hashing Algorithm) — There are three different SHA algorithms: SHA-0, SHA-1, and SHA-2. With SHA-1 being discontinued, in most SSL/TLS cipher suites, SHA-2 is included. The recommendation for security-critical software is SHA-256 or above.
- Tiger-This is a 192-bit hashing function developed by Ross Anderson and Eli Biham in 1996 that is faster and stronger. Tiger doesn’t suffer from the established MD5 and SHA-0/SHA-1 weaknesses. The message is padded in the Tiger2 version with a hexadecimal value of 0x80 instead of 0x01 as in Tiger. Otherwise, the two versions are similar.
Hashing vs Encryption
The table below lists the differences between hashing and encryption:
| Encryption | Hashing |
|---|---|
| Encryption is a two-way function where information is scrambled using an encryption key and unscrambled later using a decryption key. | Hashing is a one-way function where a unique message digest is generated from an input file or a string of text. No keys are used. |
| The message is encoded in a way that only authorized parties can access it. It’s used to prevent unauthorized users from reading data from a file by rendering it into an unreadable form. | Hashing is the process of using hash functions on data to map it to a fixed size output. It’s similar to a checksum and is used for verifying file integrity. Hashing is useful where you want to compare an entered value with a stored value without needing to read the original content of the file. |
| The resultant encrypted string is of a variable length. | The resultant hashed string is of a fixed length. |
| The original message can always be retrieved by using the appropriate decryption key. | Output can’t be reverted to the original message. The best hashing algorithms are designed in a way that makes it virtually impossible to retrieve the original string from the hash value. |
| There are two primary types of encryption: Symmetric key encryption (or private key encryption) andAsymmetric key encryption (or public key encryption) Examples of encryption algorithms: RSA, AES, DES, etc. | Examples of hashing algorithms: SHA-1, SHA-2, MD5, Tiger, etc. |
| Purpose of encryption is to transmit data securely (i.e., protect data confidentiality) | The objective of using hashing is to verify data (i.e., protect data integrity) |