When we handle sensitive and private data in the development, normally we would use encryption, hashing or salting to process the data in case of leaking. This post talks about the differences and similarities between these three methods.

Encryption

Encryption is the process to use an encryption algorithm to encrypt the data. After processing, only those people who have the key can decrypt the data and get the original raw data.

Some popular encryption algorithm are AES (Advanced Encryption Standard) and RSA (The Rivest-Shamir-Adleman)).

After encryption, the data is secure and able to be decrypted with the key.

Hashing

Hashing is a one-way calculation with a specific cryptographic pattern. The hashing method takes some part of data to convert into a predetermined length of the output, and the output is called Hash.

Some popular hashing functions are MD5 and SHA(Secure Hash Algorithms).

After hashing, the data output is NOT convertible to the original raw data, and the output also represents the raw data even it’s not readable. The hash value is for comparison purposes, only the original data is exactly the same so that the output of two hash could be the same.

Salting

Salting is pre-work for hashing. It happens sometimes while processing the password. Because people may use 123456 or abcdef as their password, if we process those passwords directly using hashing, hackers will easily read them out since those passwords are very common.

What we commonly do is to add a salt into the password phase to make it more complicated. For example, the salt is te@mx12, and we can put it in the middle of password as 123te@mx12456 or abcte@mx12def. This processing producer is called salting.

After salting, we can process those salted data with hashing method to improve the security level.


This is the end of post