this post was submitted on 04 Dec 2023
463 points (97.7% liked)
Technology
59669 readers
3078 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
So why don't we use these functions for regular encryption? Or do we?
They’re one way functions. Encryption requires decryption, so you cannot lose information.
Hash functions are meant to lose information. They cannot be reversed. What they’re good at is verification; do you have the right password? Do you have a proof that this is your message and not someone else’s?
We already use hash functions where they make sense, but the parent is not entirely right; not all hashes and signatures are equals. Some are very quantum susceptible. Those will likely be broken real soon (think years, not decades). Some are quantum resistant.
Thanks for the explanation!
Hashing is "one way" and produces a fixed length output. It's useful for things like knowing if data has been modified or in the case of passwords, it's a way to store a value that lets you check a password is correct without storing the password itself.
You cannot "reverse" a hash by design.
Encryption is reversible, you need to be able to get the original data back.
We do use both together in various ways, wtf encrypt data to protect it and then hash the data to make sure it hasn't been modified. They go hand in hand.
Thanks for the explanation!