|
I guess this would be a meditation, or maybe a question on theory, or...well, whatever, I knew that this would be the best place to come, so here it is.
What exactly is the difference between encoding and encryption. I know that, for example, Crypt::Blowfish is encryption, where as MIME::Base64 is encoding, but I don't exactly see the difference! Don't both simply replace (well, maybe not simply, but in any case) one thing for another? Or is there something that I am missing here?
The reason I ask is because lately I have been reading much more about these things (such as Neal Stephensons Cryptonomicon - awesome book) and I am really interested in cryptology and such - and of course, where better to go for the most knowledgable people on the web!
Thanks a bunch for the help!
r.
j
o
s
e
p
h
Violence is a last resort of the incompetent - Salvor Hardin, Foundation by Issac Asimov |
Re: Difference between encoding and encryption?
by dvergin (Monsignor) on Mar 22, 2001 at 09:04 UTC
|
How's this:
Encoding is changing the way data is presented
- using a public, generally-understood,
and (usually) low-overhead method
- for the purpose of allowing the data to
survive intact and easily recoverable after some sort of transfer.
Encryption is changing the way data is presented
- using a method or a key that is restricted
and (as it happens) often computationally intensive
- for the purpose of shielding the data
from some people while making it available to others.
In short, encoding is for preservation,
encryption is for obfuscation. | [reply] |
|
|
one easy distinction:
- encoding only requires an algorithm
- encryption requires an algorithm and a key
If someone tells you something is encrypted, but they won't tell you where the key comes from, they are selling you snake oil. (e.g. people who think they are encrypting something, but they store the key "hidden" inside the program that reads the data)
| [reply] |
Re: Difference between encoding and encryption?
by footpad (Abbot) on Mar 22, 2001 at 19:56 UTC
|
dvergin pretty much summed it up, however, I thought take a shot at a practical example--because I think the difference is somewhat more important that "mostly pointless." (Not trying to pick a fight, gryng, just seeing things from a different point of view.)
Encoding (perhaps inappropriately) can be thought of as a communition protocol. It tells clients or transfer agents how to interprete a datastream. When you email me a spreadsheet, for example, my email client uses the encoding to know how to interprete the attached bits into a coherent pattern, a file to be opened later.
As faerloche and arhuman reminded me recently, encoding can be used by any agent receiving that datastream. Thus, if someone intercepts that email message, they can easily open the attached spreadsheet on their own desktops.
Encyption, however, is a privacy device. Only the person with the right key can unlock the encrypted data into a viewable form. Think of it as a wrapper around your data. Encrypted data will be send as an encoded datastream, however, only the person with the right key will be able to makes sense of it.
This is an oversimplification, of course. But I think it illustrates the difference as I understand it.
Also, if you're interested in that book jorg mentioned and want to buy it online, you can give the Monastery a small kickback by clicking here. (I noticed that FatBrain lists it under a different ISBN number.)
--f
Update: I originally answered Desdinova's question by updating this node. After further thought (and reflection on a comment chipmunk made recently), I decided that it was better to reply in a separate post, since that's really a different topic than what I was originally trying to address. To-MAY-to, To-MAH-to. :)
| [reply] |
|
|
No worries -- I was just giving the definition several crypto-books will say; they claim both words as methods of hiding messages. Colliquially (or perhaps, outside of that community at least), encoding means translating, whereas encrypting means obscuring. The former for ease of communication, the latter to secure communication.
Ciao,
Gryn
| [reply] |
|
|
How do you make the links so perlmonks gets the kickback? I mention books in some of my posts and would love to link to it like that
| [reply] |
|
|
For the lurkers: If you like the Monastery and are recommending a book in your node, you may wish to provide a FatBrain link so that Vroom gets a small kickback if someone buys a book through that link. To do this:
- Locate the book's ISBN number, according to FatBrain. (Use their Search feature to find the most recent edition, as appropriate.)
- In your node type [ isbn:// ### | Link title ], where ### is the ISBN number.
- Test your link while Previewing your node. (I usually open it in a new window.)
- Submit. :)
This also works in the Chatterbox.
| [reply]
[d/l]
[select] |
|
|
|
|
|
|
|
Re: Difference between encoding and encryption?
by jorg (Friar) on Mar 22, 2001 at 15:29 UTC
|
If anyone is interested in the history of codebreaking, i can definitely recommend 'The code book' by Simon Singh (ISBN 1857028899). It is an easy to read and fascinating book on how encrypters and code breakers have battled each other through history. I found the chapters on egyptian hieroglyphs and the WW2 chapters (with the infamous enigma machine) awesome.
But this is not all: the book also contained a £10000 crypto competition. He left 10 messages, in increasing difficulty of encryption (without revealing which encryption was used), at the back of the book, to be cracked by those who had the courage AND the knowledge. It took about a year before one group of Swedish enthousiasts had uncovered all 10 messages, the last one being an RSA encrypted string they attacked in true SETI style. You can read their story here.
Jorg | [reply] |
Re: Difference between encoding and encryption?
by gryng (Hermit) on Mar 22, 2001 at 09:33 UTC
|
According to the text books, the difference is subtle and mostly pointless. Encoding works on word boundaries (or some similiar high-level chunk), Encrypting works on character boundaries (or some low-level chunk).
Basically you encode if you are taking the data's structure into account (such as translating code words from one to another, or translating alpha-numeric text into alpha-numeric text). You encrypt if you aren't taking the data's structure into account (such as translating bits into bits, or translating alpha-numeric text into alpha-numeric text).
Yeah, I just repeated myself. That's to illustrated the ambivilic nature of the definitions. So basically don't really worry about it. Hope that helps :) .
Ciao,
Gryn | [reply] |
Re: Difference between encoding and encryption?
by enoch (Chaplain) on Mar 22, 2001 at 21:01 UTC
|
Encoding something is (like was said before) changing the
way information or data is presented; though, it is not meant
to hide the meaning of the data. For example, in a URL, a
space is encoded as '%20'. That encoding is not meant to
protect or "make private" the data; rather, it is meant to
"encode" the data in that it can be understood by the recipient.
Encrypting information and/or data is a process that
obfuscates the data. In an encrypted URL (if such a thing
were to exist), the first space would be an 'a' and the
second space would be a '3' and the third space would be a
'-', etc., etc. (assuming a more powerful encryption
algorithm than char substitution). An encrypted piece of data is not meant
to facilitate communication, per se. Rather, it is
meant to guarantee certain attributes of the data like
the fact that it will only be read by privileged
individuals.
So, in a nutshell, encoding is just a way two or more systems
designate as a way of communication (via character
substitutions, or XML tags, or whatever). Encryption is a
method to completely obscure the data.
In a real world example, http communication over SSL is an
example of both. First, the client encodes the data in such
a way that the server will understand it (URL tags and such).
Then, the client encrypts the data so that no eaves droppers
will know the meaning of the data. Once the encrypted,
encoded information is received by the server; the server
decrypts it and passes the encoded data (the data that can
be understood) to whichever process (httpd).
I hope that helps a little.
Jeremy | [reply] |
Re: Difference between encoding and encryption?
by Anonymous Monk on Mar 23, 2001 at 05:17 UTC
|
The difference between encoding and encrypting can best
be explained in terms of mathematical functions...
When you encode a piece of data, d, you are applying a
function, f, that is reversible by another function, g. Or,
in other words, g(f(d)) = d... All the decoding requires
is an algorithm.
When encrypting data (I'm going to simplify things) you have
a function that takes several parameters and spits out
encrypted data. In order to decrypt the data, you must also
posess the other data to apply the correct function. | [reply] |
Re: Difference between encoding and encryption?
by dmckee (Scribe) on Mar 25, 2001 at 19:54 UTC
|
You might want to also be aware of the difference between something that is in CODE and in CIPHER... It's a very similar destinction. Code usually refers to a one-to-one relationship between the plaintext and the encoded text: for example, in Morse, a dot is ALWAYS an e, in hex, deadbeef is always 3735928559, in a URL %21 always means a bang (!) and in Caesar type encoding, for the keyword NIGHT an A will always mean F. In cipher, there is no such correspondance.
Dave
Eight years involved with the nuclear industry have taught me that when nothing can possible go wrong and every avenue has been covered, then is the time to buy a house on the next continent. Terry Pratchett | [reply] |
Re: Difference between encoding and encryption?
by gregor42 (Parson) on Mar 26, 2001 at 22:09 UTC
|
Here's the primary difference, which is largely functional:
While it is true that all you are essentially doing is exchanging one set of symbols for another, there is a function involved which makes all the difference.
When you encode something the function is directly reversible, such that:
data * func = data`
data` * func = data
Of course, that's an oversimplification, but you get the idea. You use the same index chart for translating both ways.
encryption involves 2 functions:
data * func(yourPublicKey, myPrivateKey) = data`
BUT
data` * func(yourPublicKey, myPrivateKey) != data
Which is the point:
data` * func(yourPrivateKey, myPublicKey) = data
Wait! This isn't a Parachute, this is a Backpack!
| [reply] |
|
|
| [reply] |
|
|
actually how the RSA-OAEP work??? i still can't find on the web 1??
especially the OAEP the encode method.. really hard to understand... any 1 can help me?
| [reply] |
|
|
