KoreField
Lessons/Cybersecurity and AI Security/Beginner/Security Fundamentals

Encryption, Hashing, and Data Protection

30 min Video + Text
Distinguish symmetric from asymmetric encryptionUnderstand hashing and its role in password storageExplain TLS and data-in-transit protection

AI Avatar Lesson

Video will be available when Cloudflare Stream is configured

30 min
Coming Soon

Protecting Data at Rest and in Transit

Encryption transforms readable data into ciphertext that only authorised parties can decrypt. It is the primary mechanism for protecting sensitive information — whether stored in a database or travelling across a network.

Symmetric vs Asymmetric Encryption

  • Symmetric (AES-256) — same key encrypts and decrypts; fast, used for bulk data
  • Asymmetric (RSA, ECDSA) — public key encrypts, private key decrypts; used for key exchange and signatures
  • Hybrid approach — TLS uses asymmetric crypto to exchange a symmetric session key, then encrypts data with the session key

Hashing

Hashing is a one-way function that produces a fixed-size digest from any input. Unlike encryption, hashing cannot be reversed. It is used for password storage (bcrypt, argon2), data integrity checks, and digital signatures.

Never store passwords in plain text or with reversible encryption. Always use a salted, slow hashing algorithm like bcrypt or argon2.

Key Takeaway

Encryption protects confidentiality; hashing protects integrity. Use both — encrypt data at rest and in transit, hash passwords and verify file integrity.

Review Questions

1. Why is hashing preferred over encryption for password storage?

2. What does TLS protect?

Previous LessonNext Lesson