Comparisons
Decision-focused breakdowns to help you choose the right format, method, or approach.
Symmetric vs asymmetric encryption—how they differ and how modern systems use both together.
Understand the difference between Base64 encoding and URL encoding, when to use each, and common mistakes developers make.
Understand the difference between SHA-256 hashing and HMAC-SHA256, when to use each, and how they relate to integrity and authentication.
Symmetric uses one shared key; asymmetric uses a public/private key pair. Learn how each works, when to use AES vs RSA, and why modern systems use both.
MD5 is fast but cryptographically broken. SHA-256 is the current standard. Compare output size, collision resistance, speed, and when to use each.
Compare bcrypt, Argon2id, and PBKDF2 for secure password storage. Understand work factors, memory hardness, GPU resistance, FIPS compliance, and which to use today.
AES-GCM provides authenticated encryption (AEAD) and is mandated by TLS 1.3. AES-CBC provides confidentiality only and is vulnerable to padding oracle attacks. Compare modes, security risks, and use cases.
ECC achieves equivalent security to RSA with dramatically smaller keys — a 256-bit ECC key matches a 3072-bit RSA key. Compare performance, signature size, key sizes, and when to use each in TLS, JWT, and SSH.
API keys are simple and easy to revoke; JWTs are stateless and carry embedded claims. Compare their trade-offs and learn which to use for your use case.