Hashing vs. Encryption vs. Encoding vs. Obfuscation
What We’ll Be Learning
There are lots of ways to secure or hide data in an application, and it’s an important part of cybersecurity. In fact, Sensitive Data Exposure is on OWASP’s list of the top ten most critical security risks to web applications. How can we protect information in an application?
In this article we’ll cover:
Cryptography is the science of hiding data and making it available again. In cryptography, hiding data is called encryption and unhiding it is called decryption. When data is securely exchanged, it is first encrypted by the sender, and then decrypted by the receiver using a special key.
There are two main types of encryption: symmetric and asymmetric.
- Symmetric encryption uses the same key to both encrypt and decrypt data.
- Asymmetric encryption uses two different keys to encrypt and decrypt data.
Symmetric encryption is the fastest way to encrypt data, and the most common for sending large chunks of data, however, it has one major vulnerability: if you send someone your key, then it’s in a form that any other person can read. That means your data is vulnerable to being stolen.
Asymmetric encryption differs from symmetric encryption in one way: Instead of one key, you have a key pair. A key pair is made up of a public key and a private key.
- The public key can be given to anyone and is only used to encrypt data.
- The private key is kept secret and is only used to decrypt data.
What’s the use of having two keys? Having two keys mean you are the only person who ever has access to the private key used to decrypt data, so it is impossible for someone to intercept and read your messages.
For example, if you want to receive an encrypted message from someone, you would first generate a key pair and give them the public key. Then, they would write a message and encrypt it using the public key you gave them. Finally, they would send you the message and you would decrypt it with your private key.
Asymmetric encryption is the most secure way to transmit data; however, it is slower and more complex than symmetric encryption. Therefore, it is primarily used to exchange smaller pieces of data.