SyntaxFix

[encryption] What's the difference between SHA and AES encryption?

What's the difference between SHA and AES encryption?

This question is related to encryption aes

The answer is

SHA is a hash function and AES is an encryption standard. Given an input you can use SHA to produce an output which is very unlikely to be produced from any other input. Also, some information is lost while applying the function so even if you knew how to produce an input yielding the same output, that input wouldn't likely be the same one used in the first place. On the other hand AES is meant to protect from disclosure to third parties any data sent between two parties sharing the same encryption key. This means that once you know the encryption key and the output (and the IV...) you can seamlessly get back to the original input. Please notice that SHA doesn't require anything but an input to be applied, while AES requires at least 3 thins: what you're encrypting/decrypting, an encryption key and the initialization vector (IV).

SHA and AES serve different purposes. SHA is used to generate a hash of data and AES is used to encrypt data.

Here's an example of when an SHA hash is useful to you. Say you wanted to download a DVD ISO image of some Linux distro. This is a large file and sometimes things go wrong - so you want to validate that what you downloaded is correct. What you would do is go to a trusted source (such as the offical distro download point) and they typically have the SHA hash for the ISO image available. You can now generated the comparable SHA hash (using any number of open tools) for your downloaded data. You can now compare the two hashs to make sure they match - which would validate that the image you downloaded is correct. This is especially important if you get the ISO image from an untrusted source (such as a torrent) or if you are having trouble using the ISO and want to check if the image is corrupted.

As you can see in this case the SHA has was used to validate data that was not corrupted. You have every right to see the data in the ISO.

AES, on the other hand, is used to encrypt data, or prevent people from viewing that data with knowing some secret.

AES uses a shared key which means that the same key (or a related key) is used to encrypted the data as is used to decrypt the data. For example if I encrypted an email using AES and I sent that email to you then you and I would both need to know the shared key used to encrypt and decrypt the email. This is different than algorithms that use a public key such PGP or SSL.

If you wanted to put them together you could encrypt a message using AES and then send along an SHA1 hash of the unencrypted message so that when the message was decrypted they were able to validate the data. This is a somewhat contrived example.

If you want to know more about these some Wikipedia search terms (beyond AES and SHA) you want want to try include:

Symmetric-key algorithm (for AES) Cryptographic hash function (for SHA) Public-key cryptography (for PGP and SSL)

SHA stands for Secure Hash Algorithm while AES stands for Advanced Encryption Standard. So SHA is a suite of hashing algorithms. AES on the other hand is a cipher which is used to encrypt. SHA algorithms (SHA-1, SHA-256 etc...) will take an input and produce a digest (hash), this is typically used in a digital signing process (produce a hash of some bytes and sign with a private key).

SHA is a family of "Secure Hash Algorithms" that have been developed by the National Security Agency. There is currently a competition among dozens of options for who will become SHA-3, the new hash algorithm for 2012+.

You use SHA functions to take a large document and compute a "digest" (also called "hash") of the input. It's important to realize that this is a one-way process. You can't take a digest and recover the original document.

AES, the Advanced Encryption Standard is a symmetric block algorithm. This means that it takes 16 byte blocks and encrypts them. It is "symmetric" because the key allows for both encryption and decryption.

UPDATE: Keccak was named the SHA-3 winner on October 2, 2012.

SHA doesn't require anything but an input to be applied, while AES requires at least 3 things - what you're encrypting/decrypting, an encryption key, and the initialization vector.

Source: Stackoverflow.com

Examples related to encryption

mcrypt is deprecated, what is the alternative? Remove 'b' character do in front of a string literal in Python 3 How to resolve the "EVP_DecryptFInal_ex: bad decrypt" during file decryption How to decrypt Hash Password in Laravel RSA encryption and decryption in Python How to fix Invalid AES key length? gpg decryption fails with no secret key error 7-Zip command to create and extract a password-protected ZIP file on Windows? How do I encrypt and decrypt a string in python? AES Encrypt and Decrypt

Examples related to aes

How to fix Invalid AES key length? AES Encrypt and Decrypt How to create a secure random AES key in Java? Initial bytes incorrect after Java AES/CBC decryption Example of AES using Crypto++ Java AES encryption and decryption How to do encryption using AES in Openssl C# Example of AES256 encryption using System.Security.Cryptography.Aes Image encryption/decryption using AES256 symmetric block ciphers Comparison of DES, Triple DES, AES, blowfish encryption for data

Tags

Geocode Windows-client Installaware Bigint Odata Webkit Uiviewanimationtransition Currency-formatting Pi-db Watcom Ussd Cuda.net Fixed-width Rowcount Uitextfield User-variables Formal-semantics Task-tracking Upload Dasblog Dllimport Release-mode Win32gui Temporal Wid Windows-phone Cooliris Autotools Backwards-compatibility Autoscroll Presentationml Jespa Renderscript Local-class Jquery-callback Snap-in Key-bindings Long-long Deployment-project Coordinates Multivariate-partition Snoopy Membership Fromkeys Ddd-repositories Acpi Ls Jplayer Mms-gateway Fixnum Windows-7 Treegrid Allocator .net-bcl Dataitem Uniscribe Wc Scoreninja Delete-row Keypad Sdk Moss2007-security Data-connections Consuming Code-documentation Nsmutablearray Mixed-authentication Hierarchicaldatatemplate Commit Dispatchevent Krl Passwords Vacuum Rexx Easing Unmount Character-replacement Nslocalizedstring Scilexer.dll Python-visual Reset Katta Return-path Alias L-systems Shipping Code-discovery Visual-paradigm .a Http-head Galleria Uicomponents Shortest-path Page-refresh Oracle-xe Fusebox Templates Rakudo-star Sdl-image Protection