The basic premise of encrypting data is to scramble it in some way as to render it unreadable by anyone other than its intended recipient. Encryption works by scrambling the message with the use of an encryption “key,” which a reader can then use to unscramble the message and read its contents. Theoretically, as long as the key is safe the message will remain private. Anyone with the key can reverse the process, however, which requires specific encryption techniques to minimize the chances of such an occurrence.
The Advanced Encryption Standard (AES) was created by the National Institute for Standards in Technology in order to facilitate a general and strong encryption method for use in government communications. This also benefits other institutions, such as banks or medical establishments, that also deal with sensitive data. The primary goal of the AES is to create an encryption method that is irreversible without the key, and that uses keys that are unbreakable through guessing or brute-force attacks. This means that unless someone has a key, or figures out how to break the encryption method itself, AES represents a safe and secure way to hide data from unwanted third parties.
A hash function is similar to an encryption algorithm in that it is meant to scramble data in some way. However, the similarities end here. Rather than hiding a data message, a hash function performs transformations on the message to produce a value, often smaller in length than the original message. This value is totally unique to the message: no two sets of data can produce the same value from a solid cryptographic hash function. Furthermore, the process is irreversible. Hash functions do not use encryption keys, and values from hash functions can not be decrypted to get the original value.
The Secure Hash Standard, also from the NIST, outlines a standard algorithm for a hash function. This function does not encrypt a message but, according to NIST standards, creates a “digest” of the message, or hash value. This digest can be used for verification of the messages contents. The sender can run the message through an SHA function, attach the digest to the message and send it. The receiver can then run the message through the same SHA function and compare the digest values. If they are different, the message has been damaged or tampered with. The SHA standard algorithm can be coupled with AES encryption to provide authentication as well as encryption for sensitive messages.