The distinctions between encryption, hashing, and encoding are frequently misunderstood. They are all very distinct, despite how similar they may appear.
As mentioned in a previous post, cryptography focuses on providing confidentiality, integrity, and authenticity. Encryption and hashing will achieve such goals. “Doesn’t that make them the same thing? And, why are you talking about encoding here?” you might be wondering. Let’s talk a little bit about the difference between all of these terms.
Encryption
Encryption is the main application of cryptography. With encryption, the sender transforms (encrypts) the message into another format in such a way that only specific individual(s) can reverse (decrypt) the transformation. The original message is denoted as plaintext, and the encrypted message is called ciphertext. Besides the message, the encryption algorithm uses a secret value key, which is kept secret.
There are two types of encryption:
- Symmetric Encryption: It uses the same key to encrypt and to decrypt. Examples of symmetric encryption algorithms are: AES, Blowfish, and TwoFish.
- Asymmetric Encryption: It uses two different keys, a public key for encryption and a private key for decryption. The public key can be in the clear, e.g., anyone can encrypt any message using the pubic key. The private key, on the other hand, only the receiver has it and must be kept secret. e same key to encrypt and to decrypt. Examples of asymmetric encryption algorithms are: RSA and ECC.
Hashing
Hashing serves the purpose of ensuring integrity. Let’s say that you want to send a message to your co-worker Bob that says: “Congratulations on your promotion”. However, another co-worker intercepts the message and modifies it to “You don’t deserve the promotion.” Even if the message that you send to Bob is encrypted, somebody can intercept it and modify the contents. That is why we need data integrity.
A Hash function takes any input message and turns it into a fixed-length string. It has the following properties:
- The same input always produces the same result.
- It is a one-way function, it is not possible to obtain the input given an output.
- Any change to a particular input should result in a significant change in the hash.
Hashing is combined with authentication to offer solid proof that a communication has not been tampered with and that is coming from the actual sender. This is done by hashing a given input and signing it with the sender’s private key. Some hash algorithms are: SHA-2, Keccak (or SHA-3), and BLAKE2.
Encoding
The purpose of encoding is not to offer any aspect of the CIA triad, but rather to ensure that the message or data can be properly consumed by numerous systems. Encoding does not use any key. The data is decoded using the same algorithm that was used to encode it. Examples of such algorithms include: ASCII, UNICODE, and BASE64