2

I am using Veracrypt and there are encryption and hash algorithms

Can anyone explain simply what do each algorithm does?

Encryption algorithms encrypt your data/file, Hash algorithm hashes your password so it creates a key of some sorts and then when you want to open that said file and you input your password and from that password, it uses that key to verify its correct one and the opens the file.

schroeder
  • 123,438
  • 55
  • 284
  • 319
mtmoblan
  • 21
  • 1
  • possible duplicate: https://security.stackexchange.com/questions/170273/veracrypt-which-encryption-algorithm-hash-algorithm-to-use and https://security.stackexchange.com/questions/180013/encryption-and-hash-in-veracrypt – schroeder Jan 24 '19 at 09:04
  • The encryption description is pretty straighforward (making unreadable some information unless a decryption key is provided). Sometimes is a bit tricky understanding hashing (making a resume of the information, because it is a resume it could not be decyphered). For passwords the safest storage is hashing, and to make it even safer the hash should be used with salt (to avoid dictionary bruteforce). – bradbury9 Jan 25 '19 at 09:33

2 Answers2

3

Encryption describes a method to encrypt and decrypt data. In other words, you can get the original data back, if you know the key.
Encryption can further be divided into symmetric encryption and asymmetric encryption. With symmetric encryption, the same key is used for both encryption and decryption. With asymmetric encryption, two separate keys are used (public and private keys), one for encryption and the other for decryption.

Hashing describes a method to compute some output, based on your data. In contrast to encryption, the output from a hashing algorithm cannot be transformed back into the input. However, since the same input always results in the same output and there is no (feasible) method to predict the outcome of a cryptographic hashing algorithm, you can use a hash to, for example, create a key from a password (although it is quite a bit more complicated that that, with many pitfalls).

Jacco
  • 7,402
  • 4
  • 32
  • 53
  • Not sure if ontopic, but you could add info about salt – bradbury9 Jan 25 '19 at 09:36
  • Salt is not on topic for this question. You can [read more about salt](https://stackoverflow.com/questions/1645161/salt-generation-and-open-source-software/1645190#1645190) in other answers. – Jacco Jan 28 '19 at 10:51
-2

hashing is basically a non reversible way to encode something. (encode not encrypt)

For example it allows an application to store passwords in a database without the owner of the database be able to know the passwords even if he can access the hash data table.

It also allows the application to validate you in a very fast way as you only need to put the password in the application so the app can do the computation of the hash and generate a result that then is subtracted or compared with the one that is in the database table.

If it is zero then all is good if it is different then you have not inserted the correct password.

No decryption key is required to be inserted somewhere to get access to the contents making it more safe and fast.

for Encryption you require a decryption key to be inserted or stored somewhere in the system, the computation required for encryption and decryption of the data is also higher using more resources and it has to happen each time the data is accessed or updated.

In the example of the password table above if the passwords are encrypted then anyone who has the key could decrypt and revert the original password and that should not be acceptable.

Hugo
  • 1,701
  • 11
  • 12
  • Password hashes need to be **slow**, not fast, typically ~100ms. This is usually accomplished via iteration. Fast password hashes are not secure against brute force attacks using frequent password lists. – zaph Jan 24 '19 at 13:06
  • This has nothing to do with how veracrypt works. – AndrolGenhald Jan 24 '19 at 14:49
  • @zaph, hashing is normally faster than encryption that is what I wanted to flag and not the speed of the execution on hashing... – Hugo Jan 25 '19 at 09:11
  • @AndrolGenhald I was not referring to Veracrypt as I have no idea how it works. My answer was to the differences of the hash and encryption as it seemed the question the user was doing. – Hugo Jan 25 '19 at 09:14