Cryptography vs Encryption

Often mixed up: cryptography != encryption

Cryptography is a field of practice surrounding secure communications. Encryption on the other hand is a two way mathematical operation that makes information unusable; producing a ciphertext. It’s primary objective is to ensure the privacy of the information.

Encryption is simply one part of the puzzle belonging to the field of cryptography. Cryptography also involves the security of…

  • User authentication: Verifying the origin of information to ensure someone is who they say they are
  • Information integrity: Verifying that the information has not be tampered with after it is sent from the original sender
  • Nonrepudiation: Verifying that a sender has sent a message in a manner where they cannot defy or falsify later

These other fields involve many other mathematical operatives that are used to secure certain aspects of information which are not necessarily encryption such as hashing. Hashing is a one way deterministic function that generates a highly-probably-unique text output — often used to verify information integrity. Hashes are one way as there is no ‘decrypt’ as opposed to encryption where a plaintext can be retrieved from a ciphertext given its cipher and key (depending on whether it is symmetric or asymmetric).

NOTE: When I meant “highly-unique output”, different inputs of hash functions can provide the same output: H(A) = X1, H(B)= X2, X1==X2—These occurrences are HIGHLY unlikely and are known as collisions. SHA-1 & MD5 hash collisions are known to be reproducible and thus been declared as defunct.

Leave a Reply