Encryption Vs Cryptographic Hash
Encryption vs Cryptographic Hash#
What is the difference between encryption and a cryptographic hash
Encryption#
Create a secret message to send to someone and they do the opposite to decrypt it. Encryption can always be reversed if you know the process or have the correct key.
Hashing#
Hashing is a process that cannot be undone. It always changes the same input into the same output. It is one way and usually creates output of a specific size. eg. 256 bits.
Cryptographic hashing adds random data, a salt, that makes the input data more different and unique.
Example Using Bcrypt#
Install bcrypt
pip install flask-bcrypt
Import
from flask_bcrypt import generate_password_hash
Generate the hash
>>> generate_password_hash('secret')
Output
b'$2b$12$w/x0Q9FnFydn/vZX26iz7eSNhJUavlm93SI.Kuv4uMATe031dKcpG'
bmeansbyte-string$2btells you it isbcrypt$12is the number of rounds- rest is the hash
If you set the rounds really high, it takes longer:
>>> generate_password_hash('secret', 15)
When a password attempt fails, it is good practise to increase the rounds so it takeslonger to check the hash.Slowing down crackers.
Checking password#
How do you heck it though…
>>> hashed_pw = generate_password_hash('secret', 12)
>>> hashed_pw
b'$2b$12$tE/SrlIDeO3Efs5lI77ZxeY3hzoAd1on2Lbx0SZnxBEARuSwBvEri'
>>> hashed_pw == generate_password_hash('secret', 12)
False
The above does not work.
Youhave to check it with check_password_hash
from flask_bcrypt import check_password_hash
then test it:
>>> check_password_hash(hashed_pw, 'secret')