Cryptography is something that I found very intriguing ever since I started using the internet because secure data means a lot to me. You can protect your data in many ways, but if we are to narrow the two most important operations your system can execute – encryption and hashing will take the cake. Even though they are used for the same purpose they accomplish the task in different ways.
The main difference between encryption and hashing is the way the data is finalized. Hashing is a one-way function mapping data to a fixed length by using an algorithm with no intent of decrypting it. Encryption on the other hand is scrambling data that only a recipient with a proper key can decrypt.
However further understanding both encryption and hashing can lead to better-protected data. Their use is far bigger than it seems, and cryptography exists way longer than you may think.
What Is Encryption Used For?
Encryption is a process used to scramble text information thus preparing it for safe passage back and forth. Only those who are supposed to have access to the information can see it. This is done by using a secret code more commonly known as decrypting key.
The text, when scrambled, is called “ciphertext”. When the correct user enters the decrypting key the “ciphertext” will appear back in its original non-scrambled form.
Encryption has a few characteristics.
- Authentication of the source of the message allows for it to be traced.
- If the data somehow gets leaked tracing the source would be easy to find. This somewhat ensures predetermined accountability.
- Messages sent this way can only be viewed by the intended recipients.
The 5 Types Of Encryption
There are many types of encryption created to accomplish different goals in mind. The most common are Data Encryption Standard (DES), Triple DES, RSA, Advanced Encryption Standard (AES), and TwoFish.
- Data Encryption Standard more commonly known as DES was developed by IBM in the early 1970s. Due to being outdated and unable to keep up with newer technology DES is useless for encryption of important data.
- Triple DES, if you couldn’t guess by the name is just an enhanced DES. The “triple” in the name comes from the way it handles data. First, it encrypts, followed by decrypting, and finally ending with encrypting again.
- RSA is short for Rivest Shamir and Adleman, the surnames of its three creators. Being one of the oldest but also one of the longest-running types of encryption it is slowly being pushed out by TLS.
- Advanced Encryption Standard (AES) is used worldwide. It became the U.S. government standard back in 2002.
- TwoFish is one if not the fastest encryption algorithm. The best part about TwoFish is that it is free for anyone to use. You can see it being commonly used in hardware and software.
A decrypting key or just key is the password to unlocking the encrypted ciphertext. It is most commonly composed of numbers or letters stored in a file. When used in the algorithm a key can both decrypt and encrypt data. There are two types of keys.
Symmetric cryptography types of keys are used for both decryption and encryption of the data.
Asymmetric cryptography keys are separate keys. Also referred to as public and private keys the first is used to encrypt and the latter to decrypt data.
The 5 Common Hashing Uses
Hashing is used when you want a piece of data to remain intact. Think of it as a dish you needed ingredients to cook. Once you combine them it is nearly impossible to bring them back to their original state. Here are some common uses for hashing.
1. Store Passwords
The most common use is to safely store passwords. If the hash format is good enough your password will never be hacked.
2. Pinpointing Specific Data
When searching for a specific piece of information in a huge database hashing helps you locate it.
3. Comparing Values
Hashing could help when trying to store the same two pieces of data by comparing them. You can avoid duplicating them this way.
4. Digital Signatures
A variety of digital certificates use hashing. Among them is the Secure Sockets Layer or SSL certificate which is a security protocol between a web server and a web browser. It confirms the website’s legitimacy and allows for the encrypted connection.
5. Cryptographic Applications
Cryptographic applications include digital currencies, aforementioned computer passwords, military communications, electronic commerce, and chip-based payment cards. Hashing algorithms are used to process data when using these applications.
The 5 Types Of Hashing Algorithms
There are many types of hashing algorithms but by default, some are used more than others. The names that commonly pop when discussing types of hashing’s are MD5, SHA-1, SHA-2, NTLM, and LANMAN.
- MD5 used to be a commonly used hashing algorithm before some flaws were discovered in the form of collisions. Given the flaws, MD5 started being cast out.
- SHA-1 is the successor of SHA-0 making it the second version of the Secure Hash Algorithm series. This algorithm rapidly replaced MD5 after the aforementioned flaws.
- SHA-2 may seem to be the next version of the SHA series but in reality, it is a combination of a few algorithms. This includes SHA-224, SHA-256, SHA-384, and lastly SHA-512. SHA-2 algorithms tend to be more secure when compared to SHA-1 ones but their usage is still not as common as the SHA-1 ones. These algorithms are represented by the length of their output.
- LANMAN created by Microsoft is their solution when it comes to hashing algorithms. Old Windows systems used LANMAN for password storage. However, using DES algorithms for hashing, points out one of LANMAN’s flaws – not being secure. The problem lies with the vulnerability to brute force attacks allowing for passwords to be cracked within hours.
Microsoft no longer uses this hashing algorithm. Even though it is still there, it is turned off by default.
- NTLM is the successor to LANMAN. Its most common use is for password hashing during authentications. Later on, NTLM was improved by the creation of NTLMv2.
Can Hashing Be Decrypted?
Technically hashing cannot be decrypted. You can always try to guess but the chances of succeeding are unfeasible. However, if you try over and over with multiple inputs and if you know the input is part of a smaller set, say a person’s name or an element on the periodic table, it can be done quickly. For the most part, hashes include many random bits and it will take years upon years to crack.
Legal involvement in cryptography is nothing new, and it has been there ever since its inception. Considering it’s a matter of safety it makes perfect sense.
In the United States whenever cryptography is required, algorithms have to be approved by the FIPS (Federal Information Processing Standards) or NIST (National Institute of Standards and Technology).
Talking about legal involvement in cryptography in the United States, the NSA (National Security Agency) had its fair share. During the development of DES, the NSA influenced cipher development and policy, and later in 1993, they were involved in the Clipper Chip affair.
This scandalous occurrence had to do with a microchip which was planned as a part of the Capstone cryptography – initiative. The two main points of contention were making the algorithm (named Skipjack) weaker to better assist NSA to do their job, and inclusion of the special escrow key made to help law enforcement for activities such as wiretapping.
I hope that by now you have a better understanding and further appreciate what encryption and hashing do for you. Even though seemingly simple operation-wise, the two pillars of cryptography play an iconic role in protecting our data. I for one can’t wait for these systems to evolve further.