Hashing is different from encryption in that once the data is encoded, it cannot be decoded. The nature of the algorithms makes reversal mathematically impossible; however, brute forcing all possible variants of the source material and hashing it until a match is found is a technique that can yield results, as is the case with password brute forcing. Unlike encryption, for most algorithms, the output is always of a fixed length.

Hashing is useful when storing things that do not need to be read back, but would like to have the capability of checking validity. Passwords are the primary example. Instead of storing the clear text, the hashed version is stored. Then, when someone types in their password, the same hashing algorithm is applied and compared with what is located in the database, which looks for a match. Hash functions can also be used to test whether information, programs, or other data has been tampered with.

« Back to Glossary Index

Security news and stories right to your inbox!