The basics of encryption algorithms are fairly easy to understand.
An input or plaintext is taken along with a key and processed by the algorithm.
The output is encrypted and known as the ciphertext.
A critical part of an encryption algorithm though is that you’re free to reverse the process.
Some types of encryption algorithms require the same key to be used to both encrypt and decrypt data.
Others require a pair of keys, one to encrypt, and another to decrypt.
The concept of a hashing algorithm is related but has a few critical differences.
The most important difference is the fact that a hashing algorithm is a one-way function.
Note: The output of a hash function is known as a hash digest, not a ciphertext.
The term hash digest is also commonly shortened to hash though the use of that can lack clarity sometimes.
The combination of these two features makes hashing algorithms useful in cryptography.
A common use is with passwords.
The process isnt quite that simple though.
Data breaches are relatively common, its quite likely that youve already been affected by one.
Customer data is one of the big targets in a data breach.
Lists of usernames and passwords can be traded and sold.
Theres no reverse function to decrypt the hashes and see the original passwords.
Instead, they must have a go at crack the hash.
There are two issues when it comes to the strength of a hash.
The strength of the hashing function itself and the strength of the password that was hashed.
Brute force attacks can be slow as there are a huge number of possible passwords to try.
Unfortunately, people tend to be quite predictable when coming up with passwords.
This means that educated guesses can be made, using lists of commonly used passwords.
This is why it is important to use strong passwords.
Conclusion
A hashing algorithm is a one-way function.
It always produces the same output if provided with the same input.
Hash functions cant be reversed.
Theres no way to tell what input was used to generate any given output without just guessing.
A cryptographic hash function is cryptographically secure and suitable for uses that need that sort of security.
A common use case is to hash passwords.
Other use cases include hashing files as an integrity verification.
