Difference between Hashing and Encrypting

2019独角兽企业重金招聘Python工程师标准>>>

http://stackoverflow.com/questions/326699/difference-between-hashing-a-password-and-encrypting-it

http://thomashunter.name/blog/password-encryption-hashing-salting-explained/

http://thomashunter.name/blog/per-user-password-hashing-algorithms/

http://thomashunter.name/blog/external-salted-password-hashing/

http://crackstation.net/hashing-security.htm

Hashing is a one way function (well, a mapping). It's irreversible, you apply the secure hash algorithm and you cannot get the original string back. The most you can do is to generate what's called "a collision", that is, finding a different string that provides the same hash. Cryptographically secure hash algorithms are designed to prevent the occurrence of collisions. You can attack a secure hash by the use of a rainbow table, which you can contrarrest by applying a salt to the hash before storing it.

Encrypting is a proper (two way) function. It's reversible, you can decrypt the mangled string to get original string if you have the key.

The unsafe functionality it's referring to is that if you encrypt the passwords, your application has the key stored somewhere and an attacker who gets access to your database (and/or code) can get the original passwords by getting both the key and the encrypted text, whereas with a hash it's impossible.

People usually say that if a cracker owns your database or your code he doesn't need a password, thus the difference is moot. This is naïve, because you still have the duty to protect your users' passwords, mainly because most of them do use the same password over and over again, exposing them to a greater risk by leaking their passwords.

To be clear, get the desired security with the hash, it must be a cryptographically secure hash algorithm with the specific property that not only the hash be non-reversable BUT ALSO computationally impractical to generate ANY other string that generates the same hash.

Hashing is a one-way function, meaning that once you hash a password it is very difficult to get the original password back from the hash. Encryption is a two-way function, where it's much easier to get the original text back from the encrypted text.

Plain hashing is easily defeated using a dictionary attack, where an attacker just pre-hashes every word in a dictionary (or every combination of characters up to a certain length), then uses this new dictionary to look up hashed passwords. Using a unique random salt for each hashed password stored makes it much more difficult for an attacker to use this method. They would basically need to create a new unique dictionary for every salt value that you use, slowing down their attack terribly.

It's unsafe to store passwords using an encryption algorithm because if it's easier for the user or the administrator to get the original password back from the encrypted text, it's also easier for an attacker to do the same.

Always hash passwords.

转载于:https://my.oschina.net/u/158589/blog/83360