A Deep Cybersecurity View of Hashing, Encryption, and Encoding

Encoding merely alters data format without providing security, used for compatibility. Hashing creates a unique, fixed-size message digest for one-way protection and integrity checks. Hashing algorithms like SHA2 and SHA3 are strong, while MD5 and SHA1 are weak, and salting prevents rainbow table attacks. Key Derivation Functions like PBKDF2 and Argon2 are designed to slow down password hashing, making brute-force attacks harder. Encryption, both symmetric (like AES) and asymmetric (like RSA and ECC), secures data by making it unreadable without a key. Cipher modes, such as AES-GCM, add integrity and authenticity to block encryption. TLS establishes secure connections using a combination of encryption, hashing, and certificates during a handshake. PKI provides the framework for trusting digital certificates, managed by Certificate Authorities and enforced by trust chains. Authentication protocols and identity systems like Kerberos, OAuth2, and OpenID Connect manage user access and identity. Threat modeling terms like STRIDE and DREAD help analyze potential security risks and attack vectors. Vulnerability metrics such as CVE and CVSS standardize the reporting and severity of security weaknesses. Infrastructure and access control concepts like IAM and ACLs govern who can access what resources. Disaster recovery terms like RTO and RPO define acceptable downtime and data loss. Ultimately, these various technologies and concepts work in conjunction to secure digital information and systems.