Hashing and encryption for dummies

In case you were wondering

Fedemcmac
3 min readJul 8, 2019

You googled Hashing and Encryption. And the 2,970,001st result was me. Welcome!

So what is a hash?

A hash is a bit like putting something through a blender. The milkshake looks different depending on what you put into it, but you can’t un-blend something and see what exactly it was. dale_glass on Reddit

A hash function is a function that takes an input of arbitrary length (the key) and produces a value of fixed size. Each key-value pair is a hash.

A cryptographic hash function is a hash function that is can be used for cryptography. It is a mathematical algorithm that maps data of arbitrary size to a bit string of fixed size and is a one-way function, where it won’t return the key if it’s given the correspondent value (or digest).

Ideally a cryptographic hash function:

  • is deterministic - given the same input the value is always the same
  • is quick to compute the hash value for any given message
  • doesn’t return the key if given the value (one-way)
  • doesn’t return the same value given different keys (collision)
  • a very small change to the key should change the hash value significantly so that the new hash value looks unrelated with the old one (avalanche effect)

Given these characteristics, hash values are often referred to as digital fingerprints. Hash functions have many applications in information security, such as authentication, digital signatures and message authentication codes.

Example of the avalanche effect: small changes in input = significant changes in corresponding digest, Wikipedia

What about Encryption?

The encryption of data is executed through cryptographic keys. The plain text information is encrypted (to cipher text) before it’s sent and decrypted by the receiver. Therefore, the data is safe while it’s being sent. Think of it as a lock and a key system. The lock won’t open if the wrong key is used.

Symmetric Encryption: In symmetric encryption, the key used for encryption is used for decryption as well.

Asymmetric Encryption: In asymmetric encryption there are two keys, a Public Key and a Private Key: the first used for encryption and the other for decryption.

The Public Key is stored in your web browser every time you visit an HTTPS website (Hyper Text Transfer Protocol Secure). HTTPS, is HTTP running on top of SSL (Secure Sockets Layer), which ensures this secure channel of communication using both Symmetric and Asymmetric Encryption.

When you send any data to an encrypted site, it is encrypted using the Public Key; the Private Key, on the other hand, is only with the receiver. The Private Key is used to decrypt the encrypted data. The use of two distinct keys makes the encryption process a little bit slower but more secure.

Hashing is commonly used for storing passwords in databases, checking file integrity upon receiving (comparing hashes is quicker than comparing large files), digital signatures and copyright, whereas Encryption main usage is sending data so it can’t be read whilst in transit. Both are very efficient security measures when used correctly and in the right context.

--

--