我的两句台词……面试官一般想要以下答案。

哈希是一种方法。您不能将数据/字符串从哈希代码转换。

加密是两种方式-如果你有密钥，你可以再次解密加密的字符串。

你已经得到了一些很好的答案，但我猜你可以这样看: 加密: 如果你有正确的密钥，加密必须是可以解密的。

例子: 就像你发电子邮件一样。 您可能不希望世界上每个人都知道您正在给接收电子邮件的人写什么，但接收电子邮件的人可能希望能够阅读它。

散列: 哈希的工作原理类似于加密，但它不应该能够反转它。

例子: 就像你把钥匙插进一扇锁着的门里(就是那种你关门时就会锁上的门)。你不需要关心锁的具体工作原理，只要在你使用钥匙时它能自己解锁就行了。如果出现问题，你可能无法修复它，不如换一个新锁。(就像每次登录都会忘记密码一样，至少我一直都这样做，这是使用哈希的常见领域)。

．.． 我猜在这种情况下，你可以把彩虹算法称为锁匠。

希望事情好转=)

Use hashes when you only need to go one way. For example, for passwords in a system, you use hashing because you will only ever verify that the value a user entered, after hashing, matches the value in your repository. With encryption, you can go two ways. hashing algorithms and encryption algorithms are just mathematical algorithms. So in that respect they are not different -- its all just mathematical formulas. Semantics wise, though, there is the very big distinction between hashing (one-way) and encryption(two-way). Why are hashes irreversible? Because they are designed to be that way, because sometimes you want a one-way operation.

我的两句台词……面试官一般想要以下答案。

哈希是一种方法。您不能将数据/字符串从哈希代码转换。

加密是两种方式-如果你有密钥，你可以再次解密加密的字符串。

Cryptography deals with numbers and strings. Basically every digital thing in the entire universe are numbers. When I say numbers, its 0 & 1. You know what they are, binary. The images you see on screen, the music that you listen through your earphone, everything are binaries. But our ears and eyes will not understand binaries right? Only brain could understand that, and even if it could understand binaries, it can’t enjoy binaries. So we convert the binaries to human understandable formats such as mp3,jpg,etc. Let’s term the process as Encoding. It’s two way process and can be easily decoded back to its original form.

哈希

哈希是另一种加密技术，数据一旦转换为其他形式就永远无法恢复。用门外汉的话说，没有所谓去哈希的过程。有许多哈希函数来完成这项工作，如sha-512, md5等。

如果原始值不能恢复，那么我们在哪里使用它?密码!当你为你的手机或电脑设置密码时，你的密码哈希会被创建并存储在一个安全的地方。当您下次尝试登录时，输入的字符串再次使用相同的算法(哈希函数)进行散列，输出与存储的值匹配。如果相同，则登录。否则你就会被赶出去。

Credits: wikimedia By applying hash to the password, we can ensure that an attacker will never get our password even if he steal the stored password file. The attacker will have the hash of the password. He can probably find a list of most commonly used passwords and apply sha-512 to each of it and compare it with the value in his hand. It is called the dictionary attack. But how long would he do this? If your password is random enough, do you think this method of cracking would work? All the passwords in the databases of Facebook, Google and Amazon are hashed, or at least they are supposed to be hashed.

然后是加密

加密介于哈希和编码之间。编码是一个双向过程，不应该用来提供安全性。加密也是一个双向过程，但是当且仅当知道加密密钥时才能检索原始数据。如果您不知道加密是如何工作的，不要担心，我们将在这里讨论基础知识。这就足以理解SSL的基础知识了。因此，有两种类型的加密，即对称加密和非对称加密。

对称密钥加密

I am trying to keep things as simple as I could. So, let’s understand the symmetric encryption by means of a shift algorithm. This algorithm is used to encrypt alphabets by shifting the letters to either left or right. Let’s take a string CRYPTO and consider a number +3. Then, the encrypted format of CRYPTO will be FUBSWR. That means each letter is shifted to right by 3 places. Here, the word CRYPTO is called Plaintext, the output FUBSWR is called the Ciphertext, the value +3 is called the Encryption key (symmetric key) and the whole process is a cipher. This is one of the oldest and basic symmetric key encryption algorithm and its first usage was reported during the time of Julius Caesar. So, it was named after him and it is the famous Caesar Cipher. Anyone who knows the encryption key and can apply the reverse of Caesar’s algorithm and retrieve the original Plaintext. Hence it is called a Symmetric Encryption.

非对称密钥加密

We know that, in Symmetric encryption same key is used for both encryption and decryption. Once that key is stolen, all the data is gone. That’s a huge risk and we need more complex technique. In 1976, Whitfield Diffie and Martin Hellman first published the concept of Asymmetric encryption and the algorithm was known as Diffie–Hellman key exchange. Then in 1978, Ron Rivest, Adi Shamir and Leonard Adleman of MIT published the RSA algorithm. These can be considered as the foundation of Asymmetric cryptography.

As compared to Symmetric encryption, in Asymmetric encryption, there will be two keys instead of one. One is called the Public key, and the other one is the Private key. Theoretically, during initiation we can generate the Public-Private key pair to our machine. Private key should be kept in a safe place and it should never be shared with anyone. Public key, as the name indicates, can be shared with anyone who wish to send encrypted text to you. Now, those who have your public key can encrypt the secret data with it. If the key pair were generated using RSA algorithm, then they should use the same algorithm while encrypting the data. Usually the algorithm will be specified in the public key. The encrypted data can only be decrypted with the private key which is owned by you.

来源:SSL/TLS for dummies第1部分:加密套件，哈希，加密| WST (https://www.wst.space/ssl-part1-ciphersuite-hashing-encryption/)

哈希函数可以看作是烤一条面包。你从输入(面粉、水、酵母等)开始，在应用哈希函数(混合+烘焙)后，你最终会得到一个输出:一条面包。

另一种方法是非常困难的——你不能真正地把面包分成面粉、水和酵母——其中一些在烘焙过程中丢失了，你永远无法确切地说出某条面包使用了多少水、面粉或酵母，因为这些信息被哈希函数(又名烤箱)破坏了。

从理论上讲，许多不同的输入变体将生产相同的面包(例如，2杯水和1茶匙酵母生产的面包与2.1杯水和0.9茶匙酵母生产的面包完全相同)，但给定其中一个面包，你无法确切地说出哪种输入组合生产了它。

另一方面，加密可以被看作是一个保险箱。不管你放进去什么，只要你有一开始锁进去的钥匙，它就会出来。这是一个对称运算。给定一个键和一些输入，就会得到一个特定的输出。给定这个输出和相同的键，您将得到原始的输入。这是一个1:1的映射。