Encrypting vs Hashing vs Encoding - What's the Difference?

As a software developer, I often see confusion between the terms encryption, hashing, and encoding. They sound similar, and sometimes even look similar in code, but their purpose and use cases are very different.

In this blog, I’ll explain each concept with examples, use cases, and some real-world analogies to make things clearer. At the end, we’ll compare all three side by side.

Encoding

What it is:
Encoding is the process of converting data from one format into another format that can be used by different systems. It does not provide security — it’s just about representation and compatibility.

Think of it like changing languages. If you write “Hello” in English and “Hola” in Spanish, the meaning is the same, but the representation is different.

Technical example:

• Base64 encoding: Converts binary data into text characters.

• URL encoding: Converts special characters into a format that can be safely used in URLs (like spaces turning into %20).

Use cases:

• Sending binary files like images or PDFs in email (which only supports text).

• Making sure URLs don’t break when special characters are used.

Code example (Base64):

import base64

text = "Hello World"
encoded = base64.b64encode(text.encode())
decoded = base64.b64decode(encoded).decode()

print("Encoded:", encoded)  # SGVsbG8gV29ybGQ=
print("Decoded:", decoded)  # Hello World

Notice how we can encode and then decode back to the original message.

Encryption

What it is:
Encryption is about protecting data. It transforms data into unreadable text using a key. Only someone with the correct key can convert it back to the original form (decryption).

Think of it like locking your valuables in a safe. Anyone can see the safe, but only the person with the key can open it.

Technical example:

• AES (Advanced Encryption Standard)

• RSA (public/private key encryption)

Use cases:

• Protecting sensitive information like credit card numbers or passwords during transmission.

• Securing communication between web browsers and servers (HTTPS).

Code example (AES in Python using cryptography):

from cryptography.fernet import Fernet

# Generate a key
key = Fernet.generate_key()
cipher = Fernet(key)

message = "My secret data"
encrypted = cipher.encrypt(message.encode())
decrypted = cipher.decrypt(encrypted).decode()

print("Encrypted:", encrypted)
print("Decrypted:", decrypted)

Here, the encrypted message looks like gibberish, but with the key, we can decrypt it back.

Hashing

What it is:
Hashing is a one-way transformation of data into a fixed-length value, usually called a hash or digest. Unlike encryption, it cannot be reversed.

Think of it like taking a fingerprint. You can use the fingerprint to identify a person, but you can’t recreate the person from the fingerprint.

Technical example:

• SHA-256, MD5 (though MD5 is no longer secure)

Use cases:

• Storing passwords securely (instead of saving plain text passwords).

• Checking file integrity (to verify that a file has not been changed).

Code example (SHA-256 in Python):

import hashlib

password = "mypassword123"
hashed = hashlib.sha256(password.encode()).hexdigest()

print("Hashed password:", hashed)

Even if you know the hash, you cannot directly reverse it to get the original password.

Putting It All Together: A Real-World Example

Imagine you are sending a confidential letter:

• Encoding: You put the letter in a format the post office understands (like writing the address in a standard way). Anyone can read it, but the point is just compatibility.

• Encryption: You lock the letter inside a box, and only the receiver with the right key can open it.

• Hashing: You take a fingerprint of the letter before sending it. The receiver can take another fingerprint of the received letter to check if it matches, ensuring nobody tampered with it.

Comparison

Encoding is about data representation. It converts data into another format for compatibility or transfer, like Base64 or URL encoding. It’s always reversible, and it does not provide any security. Its main use is ensuring data can be safely transmitted or stored.

Encryption is about confidentiality. It transforms data into unreadable text using a key, and only someone with the correct key can decrypt it. It is reversible, but only with the right key. Encryption is widely used in secure communication (like HTTPS) and in storing sensitive information.

Hashing is about integrity and verification. It converts data into a fixed-length hash value that cannot be reversed. The goal is not to hide the data, but to uniquely represent it. Hashing is commonly used for password storage and file integrity checks.

In short: encoding makes data compatible, encryption keeps data secret, and hashing ensures data hasn’t been changed.

Conclusion

Although encoding, encryption, and hashing may look similar at first glance, they solve very different problems:

• Encoding is for representation and compatibility.

• Encryption is for keeping data safe and private.

• Hashing is for verifying data and ensuring it hasn’t been tampered with.

Understanding when to use each is essential for building secure and reliable software. As developers, we should be clear about their differences, so we don’t misuse one when we really need the other.