The connection and difference between HTTPS, SSL and TLS

1 Introduction

SSL (Secure Socket Layer) is a protocol encryption layer based on HTTPS. It was originally developed by Netscape and then standardized by IETF (The Internet Engineering Task Force). RFCRequest For Comments), RFC contains a lot of Internet technology specifications!

At first, it was because HTTP used plaintext when transmitting data (although the data submitted by POST could not be seen in the body of the report, but it can still be stolen through a packet capture tool), it was insecure, in order to solve this hidden danger Netscape has launched the SSL secure socket protocol layer. SSL is a protocol layer based on HTTP and above TCP. It is based on the HTTP standard and encrypts data when TCP is transmitted, so HPPTS is the abbreviation of HTTP+SSL/TCP .

Since the introduction of HTTPS has been welcomed by many people, when SSL was updated to 3.0, IETF standardized SSL3.0 and added a few mechanisms (but almost the same as SSL3.0), and the standardized IETF was renamed TLS1 .0 (Transport Layer Security), it can be said that TLS is the new version 3.1 of SSL, and the "RFC2246-TLS encryption protocol detailed" is released at the same time. If you want a deeper understanding of the working principle of TLS, you can go to the official website of RFC : Www.rfc-editor.org, search RFC2246 to find the RFC document! ——The above is the historical background

SSL refers to the Secure Sockets Layer, in short, it is a standard technology that can ensure the security of the Internet connection, protect any sensitive data sent between the two systems, and prevent cybercriminals from reading and modifying any transmitted information , Including personal data. Two systems may refer to servers and clients (for example, browsers and shopping websites), or between two servers (for example, applications containing personally identifiable information or payroll information).

To clarify the implementation principle of the HTTPS protocol, at least the following background knowledge is required.
1. A general understanding of the meaning of several basic terms (HTTPS, SSL, TLS)
2. A general understanding of the relationship between HTTP and TCP (especially "short connection" VS "long connection")
3. A general understanding of the concept of encryption algorithms (especially The difference between "symmetric encryption and asymmetric encryption")
4. A general understanding of the purpose of CA certificates 5. Several handshake of TCP communication protocol

 

2 The meaning of basic terms (HTTPS, SSL, TLS)

TLS (Transport Layer Security) is a more secure upgraded version of SSL. Since the term SSL is more commonly used, we still refer to our security certificate as SSL. But when you buy SSL from Symantec  , what you really buy is the latest TLS certificate. There are  three encryption methods: ECC, RSA, or DSA to choose from.

TLS/SSL is an encryption channel specification.

It uses symmetric encryption, public and private key asymmetric encryption and its key exchange algorithm. The CA system encrypts and transmits trusted information

. Commonly used symmetric encryption algorithms in HTTP SSL include RC4, AES

SSL , 3DES, Camellia, etc. were developed by the former Netscape company.
There are three versions 1, 2, and 3, but now only version 3

is used. TLS is a standardized product of SSL.
There are three versions 1.0, 1.1, and 1.2. The
default is 1.0

TLS1.0 There is almost no difference from SSL3.0.

In fact, we all use TLS now, but because we are used to the term SSL in history, we
usually use SSL as the most common name .

1. SSL (Secure Sockets Layer), and its successor Transport Layer Security (Transport Layer Security, TLS) is a security protocol that provides security and data integrity for network communications . TLS and SSL encrypt network connections at the transport layer.

2. The SSL protocol is located between the TCP/IP protocol and various application layer protocols to provide security support for data communication. The SSL protocol can be divided into two layers: SSL Record Protocol: It is built on a reliable transmission protocol (such as TCP) and provides basic functions such as data encapsulation, compression, and encryption for high-level protocols. SSL Handshake Protocol (SSL Handshake Protocol): It is built on top of the SSL record protocol, and is used to authenticate the identity of the communicating parties, negotiate encryption algorithms, and exchange encryption keys before the actual data transmission starts.

3. The Secure Transport Layer (TLS) is used to provide confidentiality and data integrity between two communication applications. The protocol consists of two layers: TLS Record Protocol (TLS the Record) and TLS  Handshake Protocol (TLS Handshake).

4. The biggest advantage of TLS is that TLS is independent of application protocols. High-level protocols can be transparently distributed on the TLS protocol. However, the TLS standard does not specify how applications can add security to TLS; it leaves the decision of how to start the TLS  handshake protocol and how to interpret the exchanged certificate to the designer and implementer of the protocol.

3 The concept of encryption algorithm 

　1. SSL encryption
　　SSL is a security and confidentiality protocol proposed by Netscape. It constructs a secure channel between browsers (such as Internet Explorer, Netscape Navigator) and Web servers (such as Netscape's Netscape Enterprise Server, ColdFusion Server, etc.) to conduct data Transmission, SSL runs above the TCP/IP layer and below the application layer to provide encrypted data channels for applications. It uses encryption algorithms such as RC4, MD5 and RSA, and uses a 40-bit key, which is suitable for the encryption of commercial information . At the same time, Netscape has developed the HTTPS protocol and built it into its browser. HTTPS is actually HTTP over SSL. It uses the default port 443 instead of port 80 like HTTP to communicate with TCP/IP. The HTTPS protocol uses SSL to encrypt the original data at the sender, and then decrypt it at the recipient. Encryption and decryption require the sender and recipient to exchange a common key. Therefore, the transmitted data is not easy to be hackers. Interception and decryption. However, the encryption and decryption process requires a lot of system overhead and severely reduces the performance of the machine. Related test data shows that the work efficiency of using the HTTPS protocol to transmit data is only one-tenth of that of using the HTTP protocol. If for the sake of security and confidentiality, all the web applications of a website are encrypted by SSL technology, and use HTTPS protocol for transmission, then the performance and efficiency of the website will be greatly reduced, and this is not necessary, because generally not all Data requires such a high level of security and confidentiality
　　2. TLS encryption
　　TLS: Secure
　　Transport Layer Protocol TLS: Transport Layer Security
　　The Secure Transport Layer (TLS) is used to provide confidentiality and data integrity between two communication applications. The protocol consists of two layers: TLS Record and TLS Handshake. The lower layer is the TLS record protocol, located on top of a reliable transmission protocol (such as TCP).

 

4 The difference and introduction of SSL and TLS

SSL: (Secure Socket Layer) , a protocol layer located between a reliable connection-oriented network layer protocol and an application layer protocol. SSL uses mutual authentication, digital signatures to ensure integrity, and encryption to ensure privacy, so as to achieve secure communication between the client and the server. The protocol consists of two layers: SSL record protocol and SSL handshake protocol.

TLS: (Transport Layer Security, Transport Layer Security Protocol) , used to provide confidentiality and data integrity between two applications. The protocol consists of two layers: TLS record protocol and TLS handshake protocol.

　　SSL is developed by Netscape specifically to protect Web communications. The current version is 3.0. The latest version of TLS 1.0 is a new protocol specified by IETE (Engineering Task Force). It is based on the SSL 3.0 protocol specification and is SSL The subsequent version of 3.0. The difference between the two is very small, which can be understood as SSL 3.1, which is written in RFC.

　　SSL（Secure Socket Layer）

　　Developed by Netscape to ensure the safety of data transmission on the Internet, using data encryption (Encryption) technology to ensure that data will not be intercepted during transmission on the network.

　　The current version is 3.0. It has been widely used for identity authentication and encrypted data transmission between Web browsers and servers.

　　The SSL protocol is located between the TCP/IP protocol and various application layer protocols to provide security support for data communication. The SSL protocol can be divided into two layers: SSL Record Protocol: It is built on a reliable transmission protocol (such as TCP) and provides basic functions such as data encapsulation, compression, and encryption for high-level protocols. SSL Handshake Protocol (SSL Handshake Protocol): It is built on top of the SSL record protocol, and is used to authenticate the identity of the communicating parties, negotiate encryption algorithms, and exchange encryption keys before the actual data transmission starts.

　　The services provided by the SSL protocol mainly include:

　　1) Authenticate users and servers to ensure that data is sent to the correct client and server;

　　2) Encrypt data to prevent data from being stolen in the middle;

　　3) Maintain the integrity of the data and ensure that the data will not be changed during transmission.

　　SSL protocol workflow:

　　Server authentication phase:

　　1) The client sends a start message "Hello" to the server to start a new session connection;

　　2) The server determines whether a new master key needs to be generated according to the customer's information. If necessary, the server will include the information required to generate the master key when responding to the customer's "Hello" message;

　　3) The customer service generates a master key according to the received server response information, encrypts it with the server’s public key, and sends it to the server;

　　4) The server restores the master key and returns to the client a message authenticated with the master key, so that the client can authenticate the server.

　　User authentication phase: Prior to this, the server has passed the client authentication, and this phase mainly completes the authentication of the client. The authenticated server sends a question to the client, and the client returns the (digital) signed question and its public key to provide authentication to the server.

　　TLS (Transport Layer Security Protocol): secure transport layer protocol

　　The Secure Transport Layer (TLS) is used to provide confidentiality and data integrity between two communication applications. The protocol consists of two components: TLS Record and TLS Handshake. The lower layer is the TLS record protocol, located above a reliable transport protocol (such as TCP).

　　The connection security provided by the TLS record protocol has two basic characteristics:

• Private-symmetric encryption is used for data encryption (DES, RC4, etc.). The key generated by symmetric encryption is unique to each connection, and this key is negotiated based on another protocol (such as a handshake protocol). The recording protocol can also be used without encryption.
• Reliable-information transmission includes the use of keyed MAC for information integrity check. The secure hash function (SHA, MD5, etc.) is used for MAC calculation. The recording protocol can also operate without MAC, but it can only be used in this mode, that is, another protocol is using the recording protocol to transmit and negotiate security parameters.

　　The TLS record protocol is used to encapsulate various high-level protocols. As one of the encapsulation protocols, the handshake protocol allows the server and the client to authenticate each other and negotiate encryption algorithms and encryption keys before the application protocol transmits and receives the first data byte. The connection security provided by the TLS handshake protocol has three basic attributes:

• Asymmetric or public key cryptography can be used to authenticate the identity of the peer. This authentication is optional, but at least one node party is required.
• The negotiation of the shared decryption key is secure. Negotiated encryption is difficult to obtain for thieves. In addition, an authenticated connection cannot be encrypted, even an attacker entering the middle of the connection cannot.
• The negotiation is reliable. Without the detection of the members of the communicating party, no attacker can modify the communication negotiation.

　　The biggest advantage of TLS is that TLS is independent of application protocols. High-level protocols can be transparently distributed on the TLS protocol. However, the TLS standard does not specify how applications can add security to TLS; how it initiates the TLS handshake protocol and how to interpret the exchanged certificate is left to the designer and implementer of the protocol.

　　Agreement structure

　　The TLS protocol includes two protocol groups-TLS Record Protocol and TLS Handshake Protocol.

　　The relationship between TLS and SSL: parallel relationship

　　The latest version of TLS (Transport Layer Security) is a new protocol formulated by IETF (Internet Engineering Task Force). It is based on the SSL 3.0 protocol specification and is a follow-up to SSL 3.0 version. There are significant differences between TLS and SSL 3.0, mainly because they support different encryption algorithms, so TLS and SSL 3.0 cannot interoperate.

　4.1 The difference between TLS and SSL

　　1) Version number: The TLS record format is the same as the SSL record format, but the value of the version number is different. The version number used by TLS version 1.0 is SSLv3.1.

　　2) Message authentication code: The MAC algorithm and MAC calculation range of SSLv3.0 and TLS are different. TLS uses the HMAC algorithm defined by RFC-2104. SSLv3.0 uses a similar algorithm. The difference between the two is that in SSLv3.0, the connection operation is used between the padding byte and the key, while the XOR operation used by the HMAC algorithm. But the degree of security of the two is the same.

　　3) Pseudo-random function: TLS uses a pseudo-random function called PRF to expand the key into a data block, which is a more secure way.

　　4) Alarm code: TLS supports almost all SSLv3.0 alarm codes, and TLS also defines many alarm codes, such as decryption_failed, record overflow (record_overflow), unknown CA (unknown_ca), access_denied Wait.

　　5) Cipher text family and client certificate: There are a few differences between SSLv3.0 and TLS, that is, TLS does not support Fortezza key exchange, encryption algorithms and client certificates.

　　6) certificate_verify and finished messages: SSLv3.0 and TLS use certificate_verify and finished messages to calculate MD5 and SHA-1 hash codes, the input of the calculation is slightly different, but the security is equivalent.

　　7) Encryption calculation: TLS and SSLv3.0 use different methods to calculate the master secret.

　　8) Padding: The padding bytes that need to be added before user data encryption. In SSL, the data length after padding reaches the minimum integer multiple of the ciphertext fast length. In TLS, the length of the data after padding can be any integer multiple of the length of the ciphertext block (but the maximum padding length is 255 bytes). This method can prevent attacks based on the analysis of the packet length.

 

　4.2 The main enhancements of TLS

　　The main goal of TLS is to make SSL more secure, and to make the specification of the protocol more precise and complete. TLS provides the following additions based on SSL v3.0:

　　1) A more secure MAC algorithm

　　2) Tighter alert

　　3) A clearer definition of the "gray area" specification

 

　4.3 TLS improves security

　　1) Use the key hash method for message authentication: TLS uses the "key hash method of message authentication code" (HMAC), when the record is transmitted on an open network (such as the Internet), the code ensures that the record will not be change. SSLv3.0 also provides keyed message authentication, but HMAC is more secure than SSLv3.0 using (message authentication code) MAC function.

　　2) Enhanced pseudo-random function (PRF): PRF generates key data. In TLS, HMAC defines PRF. PRF uses two hashing algorithms to ensure its security. If any algorithm is exposed, as long as the second algorithm is not exposed, the data is still safe.

　　3) Improved completed message verification: Both TLS and SSLv3.0 provide completed messages to both endpoints, and the messages exchanged by the message verification have not been changed. However, TLS bases this completed message on the PRF and HMAC values, which is also more secure than SSLv3.0.

　　4) Consistent certificate handling: Unlike SSLv3.0, TLS attempts to specify the types of certificates that must be exchanged between TLS.

　　5) Specific alert messages: TLS provides more specific and additional alerts to indicate problems detected by any conversation endpoint. TLS also records when certain alerts should be sent.

 

[More details]

1. Talk about HTTPS and SSL/TLS protocol | Programmer-programmer, programming language, software development, programming technology http://www.techug.com/post/https-ssl-tls.html

2. Detailed SSL/TLS http://www.mamicode.com/info-detail-1846390.html (recommended reading)