The difference between https and http
- https guarantees that the data transmitted on the network is encrypted, not plaintext. It prevents middlemen from performing packet capture and analysis.
- https can verify the identity of the server, ensure that the site visited is an official site rather than a fake site, and avoid man-in-the-middle attacks.
Therefore: The core difference between http and https is that https is a secure transmission protocol.
basic concepts
- The digital signature compresses the source string to extract the information digest, which is often used to verify whether the source string has been tampered with after transmission.
- Digital certificate contains the digital certificate
明文T
,数字签名S
two important information, which明文T
includes证书持有者
(information such as domain name, domain name owners, etc.),证书持有者的公钥
and other information. - CA certificate authority website ID card production center.
- The root certificate operating system and browser itself will pre-install some trusted certificates, which we call
根证书
. - There can also be more than one level of certification between the chain of trust certificates. A can trust B, and B can trust C, and so on. We call it
信任链
OR数字证书链
, which is a series of digital certificates, starting from the root certificate, through layers of trust , So that the holder of the end entity certificate can obtain the trust of the delegation to prove the identity.
https encryption problem
First of all, we must make it clear that by default, the encryption algorithm is known to both the hacker and the server/client, but the right to know the key is different.
Symmetric encryption
The server sends the key to the client, and both use this key for data encryption at the same time.
Client
key = 服务端通过tcp发送过来的密钥.
request_params = {...};
real_send = custom_encode(key,request_params);
send 到 服务端
Server
received_params
real_received = custom_decode(key,received_params);
Timing diagram using only symmetric encryption
As can be seen from the figure, if only symmetric encryption technology is used between the client and the server, it is always necessary to negotiate a secret key (key, such as a random string) for encryption.
During this negotiation process, hackers can intervene in interception. As long as the hacker obtains this key, the subsequent symmetric encryption will be completely invalid.
Asymmetric encryption
In public key cryptography
- The encryption key PK (public key is public key) is open to the public, and the public key issued by the server received by the client is the same.
- The decryption key (secret key is the private key or secret key) needs to be kept secret.
- Encryption algorithm E (encryption) and decryption algorithm D (decrypt) are also public.
In view of the mechanism of asymmetric encryption, we may have this idea:
- After the TCP three-way handshake is successful, the server first transmits the public key directly to the browser in plaintext
- The browser uses public key encryption before transmitting data to the server, and only the server has the private key can decrypt it. Correspondingly, the browser needs to receive the data sent to it by the server (data encrypted by the server using the private key ), and the browser can use The public key of get is decrypted when the link is established.
However, there is a problem with this process.If the public key is hijacked during transmission, there are the following security risks.
Although the hijacker can intercept the data sent by the browser to the server, the hijacker cannot use the public key to reversely parse the original data sent by the browser. However, the hijacker can decrypt the encrypted data from the server with the public key to obtain some Sensitive information, such as contact information, address, etc. In
other words, through a set of public keys and private keys, the security of transmission in a single direction can be guaranteed .
Look at the timing diagram using only asymmetric encryption
To solve this problem, there is a transition plan 通过一组公钥私钥,可以保证单个方向传输的安全性
, then we will use it 通过两组公钥私钥,可以保证两个方向传输的安全性
.
- A website server have used asymmetric encryption
公钥A
,私钥A
Browser has for asymmetric encryption公钥B
,私钥B
. - The browser initiates a request to the website server, and the server sends the public key A to the browser in plaintext.
公钥B
Send the plaintext to the corresponding browser to the server.
at this time:
- All data transmitted by the browser to the server are
公钥A
encrypted, and the server will私钥A
decrypt it after receiving it . To ensure浏览器->服务器
the security of the direction. - All data transmitted by the server to the browser is
公钥B
encrypted, and the browser私钥B
decrypts it after receiving it . To ensure服务器->浏览器
the security of the direction.
It looks rigorous, but this scheme still has a hidden danger 非对称加密解密性能比较低,当传输大文件时,会严重拖慢性能
, so https encryption does not use this scheme.
We know that symmetric encryption is fast, but there is no way to solve the problem of secure transmission of keys. Although asymmetric encryption is slow, it can guarantee the security of unidirectional transmission . We can use 对称加密 + 非对称加密
the combination method
and minimize 非对称加密解密
the number of uses, just taking into account the possible 安全性
and 高效性
the.
Take a look at this process:
- A website server have used asymmetric encryption
公钥A
,私钥A
. - The browser initiates a request to the website server, and the server sends the public key A to the browser in plaintext.
- A browser generates a random symmetric encryption
密钥X
, encrypted with the public key A to the server. Note: !!! for symmetric encryption key is generated by the browser , because from浏览器
the服务端
data in this direction is safe . - After the server gets it,
私钥A
decrypt it to get it密钥X
. 浏览器
,服务端
Owned at the same time密钥X
and cannot be obtained by a third party密钥X
. After that, all data of both parties are encrypted and decrypted with the key X.
Do you want to sigh for perfection? https
Basically, this scheme is adopted.
The cracking of the key encryption mechanism is logically possible, but it is impossible at the current computing speed, so we call it-computationally safe.
If quantum computers do appear in the future, then these algorithms will It's time to reshuffle. As a programmer, we must firmly believe that there is no absolutely safe system in the world.
Mastering the stick, but aiming for the yard
Nothing in the world is perfect. The above 对称加密 + 非对称加密
combination is arranged.
By using the above combination, the interceptor does not get the browser generated 密钥X
. However, the middleman 密钥X
can arrange you without getting it.
(Because the signal is transmitted in the hardware, the information we transmit can be used by other hosts. Intercept, just like we send a letter to a postman, will the content of the letter reveal the quality of sending hope to the postman.)
- It has a website for asymmetric encryption
公钥A
,私钥A
. - The browser requests the server, and the server sends the
公钥A
plaintext to the browser. - The middleman hijacks the public key A, saves it, and replaces the public key A in the data packet with its own forgery
公钥B
(of course, it also forged the公钥B
corresponding one私钥B
, so just do a complete set). - The browser randomly generates one for symmetric encryption
密钥X
, encrypts it with公钥B
(the browser does not know that the public key is replaced) and sends it to the server. The middleman continues to hijack the request,私钥B
decrypt it密钥X
, and then公钥A
encrypt it and send it to the server. - After the server gets it,
私钥A
decrypt it to get it密钥X
.
In this way, in the case that neither side will find the abnormality, the middleman gets it 密钥B
. This is as disgusting as the ice cream in the refrigerator has been licked.
The root cause of this phenomenon is that the browser cannot confirm that it has received it. the public key is from official or from a third party .
Measures cause of the problem is to solve the problem: 客户端需要具有辨认自己请求的服务器是否为官方服务器,而不是第三方伪造的服务器的能力
.
Contact our real life, how can we prove 我是我
it? This requires an ID card issued by an authoritative public security residence to prove that it 你
is 真的你
.
A public trust agency is needed on the Internet to issue one to the website 身份证
. The next deduction: How to prove that the public key received by the browser must be the public key of the website?
Browser verification process:
- The server
CA机构
applies for a certificate and storesCA机构
the made for the website数字证书
on the website server. - After establishing a TCP connection, the browser sent from the server to get the certificate, the certificate include:
明文T
,数字签名S
in two parts (.明文T
Contains服务器公钥
other important information) - Use the public key of the CA organization to
S
decrypt itS’
(because it is an organization trusted by the browser, the browser comes with the public key of the CA organization, and the operating system will also pre-install some trusted root certificates). - Use the
hash
algorithm used when the CA organization produces the certificate明文T
tohash
get the information summaryT’
. - If the comparison
S’
is equalT’
, it means that the certificate is credible, the browser has directly established a connection with the official, and no third party makes the difference.
Replay the scenario of a man-in-the-middle attack:
- Suppose that the middleman has tampered with the original text of the certificate. Since he does not have the private key of the CA, he cannot get the encrypted signature at this time.
- The middleman dropped the certificate as a whole, because the certificate contains website information, including domain name operations, which is equivalent to the above tampered certificate, and operations are prohibited.
Several common questions are clear:
- question.1 Is the asymmetric public key in the certificate content different for the certificate issued by the server to different client browsers?
- answer: all the same
In fact, this is not absolutely safe. You must maintain the security of the entire link if you want to ensure the security of the system, but if you want to infiltrate the system, you only need to find a loophole.
such as:
The certificate returned by the server can be tuned, but the client must trust the tuned certificate. This is the principle of Charles grabbing https requests.
hash encryption
Hash can be used to extract information digest. Based on the hash value and the source file, we can verify whether the file we downloaded is the same as the source file.
-
eg.1 When we download the operating system image on the centos official website, the official website generally provides one
源码包 + md5的哈希值
. After
we download the source code, use md5 to extract the source code package, and then compare it with the abstract provided by g to verify us Whether the downloaded installation package has been tampered with. -
eg.2 When uploading files, we can perform md5 extraction and abstraction of the files, and only need to save one file with the same abstract to reduce the waste of space. (The same principle is also used in the network disk).
Original link
cnblogs https://www.cnblogs.com/Leo_wl/p/13047692.html
Know https://zhuanlan.zhihu.com/p/43789231