Application Security

Encoding vs Encryption

Welcome to Secumantra! In this post, we will try to understand the difference between encryption and encoding, which is sometimes misunderstood by many developers.

Both encoding and encryption transform the data so that it can be easily consumed by another party. Although both are doing data transformation, purpose and the approach of encoding and encryption is totally different from one another. Let us understand one by one.

Encoding

First of all, let us make it clear that encoding is not for keeping secrecy. Once this is understood, everything will be easy to understand. Encoding is the process of transforming data from one form to other for better usability and can be easily converted back knowing the encoding scheme. For example, data transmitted over the internet required a specific format and URL encoding. Examples – ASCII, base64 encoding used in json web tokens (JWT).

As such encoding uses publicly available algorithms (sometimes referred as schemes) to transform the data and encoded data can be easily transformed back into its original form. So it does not guarantee any data confidentiality as security is not the primary goal of encoding. It is actually used for better data handling with different scenarios.

Difference between encoding and encryption

Encryption

The main purpose of the encryption is to transform the data in such a manner that secrecy is maintained. Original data is scrambled using algorithms and secret keys in such a way that any unintended audience is not able to make any sense out of it. Only specific audience (having a secret key) will understand the underlying message. So encryption transforms data in such a way that guarantees confidentiality.

Encryption is generally used when sensitive data needs to be shared between two parties. It cannot be reversed easily and one needs to know the secret key to decrypt the original message.

Sometimes original data is referred as ‘plain text’ and encrypted form is referred as ‘cipher text’. Although we mainly talk here about recent algorithms and usage in modern web applications, encryption has been there from thousand years. There are mainly two types of encryption used these days, symmetric and asymmetric. We will discuss this later in a separate topic.

Summary

Encryption is for sharing confidential information and involves a secret key whereas encoding is just for better data handling using publicly known schemes.

Hope you understood the basics of encoding and encryption. Thank you for reading and we will meet again with a new topic. Stay Safe, Stay Secure!

Similar Posts