A cryptographic hash function <i>H</i> can be used for encryption though, by mimicking a one-time pad: Pick a random integer <i>k</i>, concatenate it with a secret <i>s</i>, hash the result obtaining <i>H(s•k)</i>, XOR this with the plaintext yielding the ciphertext <i>C</i> and send the pair (<i>k</i>,<i>C</i>). Pick another integer if you need to encrypt more data.<p>Decryption proceeds in the same way, <i>mutatis mutandis</i>. This is the basic idea behind one of the best currently used ciphers, ChaCha20: It builds on a hash function.<p>From a regulatory and legal perspective, this means that if you want to ban strong encryption, you must ban cryptographic hash functions.
I guess the other difference between encryption and hashing is that a hash function need not be one-to-one. Many inputs can result in the same hash, though hopefully it's hard to find collisions.<p>So a hash function is allowed to destroy information, whereas it's pretty important that an encryption algorithm doesn't!
Hashing is also not secure hashing, cryptographic hash functions are a small subset of all hash functions. I wish the author would make that clear. I've seen many abuses of cryptographic hash functions where ordinary (though perhaps specialized) hash functions would be more suitable.
You'd be surprised how many people could benefit from this type of information.<p>The only thing is add is that the definition of encryption is incomplete. It seems to focus on symmetric encryption. Asymmetric encryption doesn't require the initial encryption key to get back to the original message. Rather, it uses a key pair - one public and one private.
I don't really understand the confusion around these terms in terms of day-to-day actual work. Is this really a problem? This seems like a trivial question to me so much so that I would (and have) screwed up this question in an interview which I'll discuss here.<p>In my pedantic technical opinion (technical as in literal, not technical-interview), these are all subsets of encryption. Encryption to me is anything that scrambles the data to non-literal-plain-text in a way where you need a key to read it. These are just encryption, but the password is always just the word "password", or for a specific example, the source text.<p>In my continued opinion, can't hashes be "found out" in theory if you had unlimited computing time + unlimited attempts at brute force hashing every string?<p>Encoding is just encrypting the text into a non-literal-plain-text format by using (an extremely weak, known password) to translate into another (computer-readable) language. I don't really have anything to add from the source to this one.<p>Why is my distinction about the definition of encryption important to me?<p>In my opinion, we shouldn't limit our mind to ONLY knowing encryption as a method containing some math formula someone came up with to scramble you data based on an input password. There are a magnitude of ways to encrypt your actions in a more broad sense.<p>For example, what if you identify yourself by handing in a series of paintings to somebody (an authenticator) who physically determines your entry? He can determine if you pass by having knowledge that the order of the paintings and the artist's initials correspond to their position in the alphabet to decrypt your ID number. (Some other tricks could be used to prevent random turn in or duplicates, such as only using a specific style of art, but I'm skipping that for this example.) Is that not an encryption method that accepts a user input and encrypts it with a black box formula to output some code?
Hashing is basically very, <i>very</i> lossy compression, while encryption is more like a jigsaw puzzle with a billion billion pieces and you hide the map of the original picture.
> <i>"Even if you know the algorithm and any secret keys involved, there is no way to un-hash a string. It’s an entirely destructive operation."</i><p>Hashing is similar to compressing a massive photo into a small thumbnail, it makes it easier and quicker to browse through photos, but you cannot recover the detailed resolution from the thumbnail.
If we think about it in good faith, there are some cases where hash is used for PROTECTION. Like in a password storing of hash(salt+password). So while technically correct, in the day to day language we do use hash as an encryption alternative sometimes.