Category Archives: Security

Encoding vs Encription vs Hashing: Explained in One Word

This could be often confusing so to remember I tried to use one word and a short explanation without getting into any technical details here.


1. Encoding = Translate

It’s goal is to converts data so it can be understood by another system. Security is not it’s concern.
ex. ASCII, Unicode


2. Encryption = Transform

It’s goal is to change the data into a different format so it’s Super Secure and will require a key to unlock. Security is it’s main concern.
ex. DES, 3DES, AES


3. Hashing = un-Touched

It’s goal is to check the data and make sure there was no modification of any kind during the transfer and the data is intact. Integrity is it’s main concern.
ex. MD5, SHA


Just remember the Triple T, Translate, Transform, un-Touched.

I tried to find a word that I can replace un-Touched which starts with T but wasn’t able to find. If anyone can come up with something better please leave a comment and I will replace it.

Authentication vs Authorization

I use to always find these two words confusing. Never use to understand the difference between both and actually both sounded like same with similar meaning. Actually they are not.

Authentication (AuthC) is the process of identifying the authenticity of a user. Is he really the same person he claims to be or he is hiding behind a mask of someone else.

Example: If you have ever been to a convention center (Ex. RSA, Cisco Live etc.) you will first go to the front desk were they will ask you for your name and company ID and also will request you to accompany with a Driver’s License. Now they are trying to Authenticate whether the company badge and the Driver’s License belongs to the same person.

AuthoriZation (AuthZ) is the process of assigning permission or restrictions, in other words what level of access to secure assets or location.

Example: Once your ID is checked at the front desk of the convention center and you are authenticated, a badge (tag) is given to you which might say Guest, Exhibitor or Owner etc. Based on what Authorization or access level you are granted, you can access certain levels and rooms in the convention center.

I hope this clarifies.