Passwords, sensitive data, and personal files – all things we want to keep safe from snoopers and cybercriminals. To do so, you might rely on encryption or hashing, but what’s the difference between the two?
Though encryption and hashing both serve the same general purpose and both use algorithms to shore up your privacy, they’re fundamentally different processes. In this blog, we’ll take a look at what exactly each method is, how they work, and which one is better when it comes to staying safe on the net.
What is encryption?
Encryption is the process of scrambling data so that only the recipient with the proper corresponding key can unscramble it. This makes encryption a two-way function, because when you encrypt something, you’ll usually want to decrypt it later.
When you encrypt data, you’re using an algorithm known as a cipher to procedurally encrypt and decrypt. You might know this cipher better as an encryption key.
Before your data has been encrypted, it’s plaintext, and after it’s been decrypted it’s ciphertext. You’ll be able to convert ciphertext back into readable plaintext so long as you have the correct encryption key – and if you don’t, you’ll have a lump of unreadable text on your hands. In terms of security, this is great news, seeing as hackers won’t be able to access any encrypted data without the corresponding key.
A common form of encryption is AES, which utilizes a 256-bit symmetric cipher. With AES, and as mentioned earlier, a single key is necessary to decrypt and read the data. Check out our what is AES-256 encryption guide for more information about this.
What is hashing?
Hashing makes use of hash values, and these are created by an algorithm that maps data to a fixed length. Unlike encryption, however, hashing is a one-way function, as it's incredibly difficult and computationally demanding to unhash data.
With hashing, you can’t use a key to decode the hashed data. This essentially means that the hashed data itself does not contain any information required to de-hash it, and it’s not possible to unscramble output to figure out input even with the corresponding algorithm.
Hashing comes in handy as a means of authenticating data and making sure it hasn’t been adjusted or altered in transit.
Encrypted passwords also make use of hashing, because even if a hacker had a hashing algorithm, they wouldn’t be able to figure out the hashed password.
So, when somebody inputs their password and username in a site, and when that data travels to the authentication server, the server will look up the corresponding message digest that matches the user ID. Then, the algorithm will be used to hash the password, and if the message digest is identical to the one the server has on record, the user’s details will be verified.
Check out our what is hashing guide for more information.
What is salting?
Salting is often used in conjunction with password hashing. If a hacker is determined to get their hands on your data, they can employ something called a brute-force attack, where they try every hash or key until they stumble across the right one. This is incredibly clumsy and time-consuming, however, so to speed up the process a hacker might employ a rainbow table.
Rainbow tables are pre-computed tables, consisting of reversed hashes, used to crack a hashed password.
And here’s where salting comes into the picture! By inserting a unique value onto the end of a password, you create a new hash value, and one that won’t match up with anything on the rainbow table. The new value is the "salt”, and salting is a simple, smart way of deterring attackers.
If the hacker is really, really determined, they could add values to passwords themselves in an attempt to find the one that matches yours – but this is easier said than done, as they’ll still need to figure out the actual password itself before worrying if it’s salted. This would take an incredibly long time and frustrate even the most zen of cybercriminals – thus, a salted hash is a much more secure hash.
So, you might be wondering which is better – encryption or hashing? The truth is that they both have an important part to play when it comes to keeping your data secure and in the right hands. Encryption is ideal if you have a secure message you want to share with others, provided you’ve shared a key with them, and hashing is your best bet for keeping passwords safe, being far harder to crack.