The terms encoding encryption and hashing are often misused and interchanged. It is essential to know the differences between them and why and when each should be used. Companies had suffered security breaches caused by using the wrong data transformation methods and were heavily criticized when they misused these terms in press releases. For customers, this may be seen as an indication they are not knowledgeable and may potentially be careless with user data. A classic example was the breach suffered by Adobe.
Hashing vs Encryption
Hashing and encryption are not the same. Hashing calculates a fixed-length mathematical data summary where the input data is any size. Unlike encoding, hashing can’t be reversed, i.e. it is not possible to convert hashed data back to the original data.
Hashing is most often used to verify data’s integrity and is also known as a checksum. When two identical pieces of raw data are hashed with the same hash function, they will have the same hash value. If two different parts of data are used, the hash values resulting from this will be unique and different.
One example is if John wants to send Peter a file and then wants to verify that Peter has received the same file and that the transferring process did not result in any changes. John will email the file to Peter together with a hash value. After Peter has received the file, he can verify the file has not changed by doing the same hash function John did and checking that the files have the same hash value.
Sha 512 Hashing Algorithms
SHA512 is an example of a secure hashing algorithm, although there are many other common hashing algorithms.
Apart from verifying data integrity, using a hash algorithm is also the recommended technique used for data transformation in the authentication processes used by applications and computer systems. It is common to never store passwords as plaintext data but only store the “salted password” hash code. A salt is a random string that only the authentication process system knows, and it is appended to a password. Doing it in such a way means that if two users use the same password, the stored hashes will still be different.
When a password is entered in a web application, the application sends the password to a webserver. The web server will then append the salt to the password and perform a hash operation on the password with its salt and compare the resulting hash with the hash on file for the user. If the hash matches the user, the user is given access. In a breach or malicious insider, hashing algorithms eliminate the possibility of original passwords being retrieved. Salting ensures that attackers can’t determine which users use the same password.
The encoding uses a scheme to change data into a different format. Encoding is reversible, and data that has been encoded to a new structure can be decoded to the original format. The encoding uses typically a publicly available schema that can be reversed easily. Encoding data generally is used to ensure the usability and integrity of data and is often used when data in its current format can’t be transferred between applications or systems.
Encoding is never used to secure or protect data because it can be reversed easily.
Base64 is an example of an encoding scheme.
Asymmetric Encryption and Symmetric Encryption Algorithms
The data encryption process is done securely encode sensitive data with an encryption key. Only users with a password or decryption key can decrypt the data to show the original, thus ensuring data confidentiality. Two primary encryption keys are commonly used – a public key and symmetric or private keys.
Public-key encryption, also known as asymmetric encryption, uses one key to encrypt data, while a different key is used to decrypt it.
With private key encryption or symmetric encryption, the same key, such as a password, is used to encrypt and decrypt data, i.e. the same secret key is used to perform both actions of data encryption.
An encryption algorithm is employed when data has to be protected against those without the correct decryption public key or private key. When data is transmitted to a website over HTTPS, a public key encryption algorithm is used for encrypting data.
Although both asymmetric encryption and symmetric encryption involves encoding data, the two terms are not interchangeable, just like hashing and encryption are different. Encoding data is only used for data that is not encoded securely, while encryption is always used when referring to encrypted data that has been encoded securely.
AES 256 is one type of many encryption algorithms that are commonly used.
● Hashing algorithms:
This data summary is one way and can’t be reversed. Security hashing algorithms are used to validate data integrity by ensuring two pieces of data have the same hash values.
Used to preserve data usability, this transformation of data format is reversible.
● Encryption process:
Secure encoding of data using an encryption public key or private key and a data encryption standard to protect data confidentiality. Encrypted data can’t be accessed without a public or private key.