PHP webdeveloper and frontend developer

Difference between hashing and encryption

Category : PHP, Apache · by Feb 18th, 2009

Nowadays no one is trustworthy anymore on the internet. You wouldn‘t want all your private data to be made public when you buy something online now, would you. This calls for security measures. That‘s where encryption and hashing come into play. Both hashing and encryption use an algorithm to transform insecure plaintext information into a secure enciphered format. Both methods use a key to encrypt the data. With hashing the plaintext is the key itself. With encryption the key allows you to decrypt the encrypted data.

There are two types of encryption:

Symmetric encryption: both parties use the same key. The key is used to encrypt the message and to decrypt it. 3DES, Blowfish and AES are commonly used algorithms for this.

asymmetric encryption: This method doesn‘t require both sides to know the same key. A third party(CA = certificate authority) now meddles in to manage the ‘public’ key. The other key is a private one.


Also know as ‘one-way encryption’, is the process off applying an algorithm to a chunk of data, which generates a unique value. It‘s impossible to decrypt the hashed value to its original form. So hashing is useless for transmitting data securely because you can‘t use the data afterwards. It is useful for verifying information like passwords, sessions and so on. The disadvantage of using a hashed password is recovering it is impossible. So when a users loses his password, a new one has to be made or generated and sent to this user. Most famous hashing algorithms are MD5, Sha-1, CRC32 and DSA.MD5 and Sha-1 can easily be implemented in php applications. PHP has built-in functions for applying hashing to data. To hash something using sha-1 you can use the sha1() function.


Leave a Reply

Your email address will not be published. Required fields are marked *