Encoding is Not Encryption
It's unfortunate that the words encryption and encoding tend to get used as synonyms. In cryptography they mean two different things.
In short:- Encryption = encipherment = make secret
- Encoding = to convert format, not necessarily securely
Encryption
encryption: 1.The process of changing plaintext into ciphertext using a cryptographic algorithm and key. [1]2. The (reversible) transformation of data by a cryptographic algorithm to produce ciphertext, i.e. to hide the data. [2]
The words encryption and encipherment mean exactly the same thing.
After encryption, the resulting ciphertext should be indistinguishable from random data and it should be virtually impossible to work out the original plaintext without knowing the key (the exact meaning of "impossible" depending on the cryptographic algorithm used and the length of the key).
We generally need to do some encoding of the data both before and after encryption.
Encoding
encode: 1. To convert data by the use of a code. [3]2. To format (electronic data) according to a standard format. [4]
Encoding covers many different processes, including:
- We store textual data encoded in various formats: ASCII, DBCS, EBCDIC, Unicode.
- We encode ciphertext and other binary data that cannot be printed (that's the stuff with all the funny characters in it) using various formats: base64, hexadecimal, uuencode, binhex.
- We encode our plaintext in a specific format before we encrypt it. We might convert text stored in Unicode into bytes in a certain order and then add padding.
- Before using RSA public key encryption or signing, we use an encoding technique on our message (effectively padding plus some control bytes) to make sure the algorithm works properly and to protect against certain known attacks.
- We store X.509 certificates in DER-encoded format and in PEM format.
- Compressing the data is also referred to as 'encoding', which it is.
Don't get confused
To the uninitiated, the result of an encoding operation may make the data look unreadable. Even representing ordinary text in base64 or hexadecimal format can make it harder to read and appear to be stored in a 'secret' format. Most people who work in computing can probably recognise hexadecimal encoding of ordinary text. Base64 is much harder. Compressing ordinary text makes it unrecognisable. For example:
hex("Hello, world!")=48656C6C6F2C20776F726C6421 base64("Hello, world!")=SGVsbG8sIHdvcmxkIQ==Some text before and after compression using the ZLIB algorithm:
000000 68 65 6c 6c 6f 2c 20 68 65 6c 6c 6f 2c 20 68 65 hello, hello, he 000010 6c 6c 6f 2e 20 54 68 69 73 20 69 73 20 61 20 27 llo. This is a ' 000020 68 65 6c 6c 6f 20 77 6f 72 6c 64 27 20 6d 65 73 hello world' mes 000030 73 61 67 65 20 66 6f 72 20 74 68 65 20 77 6f 72 sage for the wor 000040 6c 64 2c 20 72 65 70 65 61 74 2c 20 66 6f 72 20 ld, repeat, for 000050 74 68 65 20 77 6f 72 6c 64 2e the world.
000000 78 9c cb 48 cd c9 c9 d7 51 c8 40 a2 f4 14 42 32 x..H....Q.@...B2 000010 32 8b 15 80 28 51 41 1d 2c a2 50 9e 5f 94 93 a2 2...(QA.,.P._... 000020 ae 90 9b 5a 5c 9c 98 9e aa 90 96 5f a4 50 92 91 ...Z\......_.P.. 000030 0a 11 d6 51 28 4a 2d 48 4d 2c d1 41 15 d6 03 00 ...Q(J-HM,.A.... 000040 86 d1 1f 4e ...N
The difference is that there is no security involved. The encoding techniques are not secret. Anyone can carry out the decoding operation. They are not hard to recognize. Be careful.
Further reading
Cryptography with International Character SetsCross-Platform Encryption
Using Compression with CryptoSys
References
- NIST Special Publication 800-57 DRAFT (April, 2005)
- ISO/IEC 10116 (2nd edition): 1997
- ATIS Telecom Glossary 2000, T1.523-2001
- The American Heritage® Dictionary of the English Language, Fourth Edition
Contact us
To contact us or comment on this page, please send us a message.
This page last updated 29 April 2024.