Skip to content

Encryption Vs Cryptographic Hash

Encryption vs Cryptographic Hash#

What is the difference between encryption and a cryptographic hash


Create a secret message to send to someone and they do the opposite to decrypt it. Encryption can always be reversed if you know the process or have the correct key.


Hashing is a process that cannot be undone. It always changes the same input into the same output. It is one way and usually creates output of a specific size. eg. 256 bits.

Cryptographic hashing adds random data, a salt, that makes the input data more different and unique.

Example Using Bcrypt#

Install bcrypt

pip install flask-bcrypt


from flask_bcrypt import generate_password_hash

Generate the hash

>>> generate_password_hash('secret')


  • bmeans byte-string
  • $2b tells you it is bcrypt
  • $12 is the number of rounds
  • rest is the hash

If you set the rounds really high, it takes longer:

>>> generate_password_hash('secret', 15)

When a password attempt fails, it is good practise to increase the rounds so it takeslonger to check the hash.Slowing down crackers.

Checking password#

How do you heck it though…

>>> hashed_pw = generate_password_hash('secret', 12)
>>> hashed_pw
>>> hashed_pw == generate_password_hash('secret', 12)

The above does not work. Youhave to check it with check_password_hash

from flask_bcrypt import check_password_hash

then test it:

>>> check_password_hash(hashed_pw, 'secret')