Network Protocol Related Interview Questions - TLS vs SSL Handshake

Others 2022-04-22 15:00:08 views: 0

What is HTTPS?

HTTPS is not a separate protocol, but a regular HTTP protocol that works over an encrypted connection (SSL/TLS). Encrypted by adding TLS (Transport Layer Security) between TCP and HTTP.

 

SSL/TLS protocol:

The SSL protocol is a secure transmission protocol, and TLS is an upgraded version of SSL v3.0. 

Https overall architecture diagram:

 

Https transmission speed:

  • Slow communication: Compared with the http protocol, the communication is slower, and Bijing has an additional layer of processing.
  • SSL must be encrypted:

TLS/SSL handshake:

  • Principles of cryptography:
    ①. Symmetric encryption: The key used to encrypt data is the same as the key used to decrypt data.
    ②. Asymmetric encryption [this is the encryption method adopted by SSL] : a. Private key: one party keeps it; b. Public key: both parties share it.
  • Digital certificate:
    1. A digital certificate is a string of numbers that mark the identity information of all parties in the Internet communication, and it is also a file .
    ②, why do you need a digital certificate? From the requester's point of view: how does it know that the public key it gets must be sent from the target host it wants? And if it has been tampered with by a third party, then a digital key issued by an authoritative third-party organization is needed, and only it can solve the security problem of digital certificates.
    3. The issuance process of digital certificates: first, the user will generate a key, and then hand over the public key and personal private key to the certification center. After the certification center verifies the identity, it will send our confirmation information to our users. Then the certification center will give us a digital certificate, which contains our personal information and its public key information.
  • The whole process of SSL and TLS handshake:

Summarize:

https is actually adding SSL/TLS between the TCP layer and the http layer to escort the security of the upper layer. It mainly uses symmetric encryption, asymmetric encryption and other technologies to encrypt the data transmission between the client and the server, and finally guarantees the entire communication. security.

Guess you like

Origin http://43.154.161.224:23101/article/api/json?id=325094365&siteId=291194637
Recommended
Ranking
Solve the problem that the Chinese display of the drawing using python matplotlib under the Linux system is displayed as a box
[Conference Call for Papers] The 5th International Conference on Civil Engineering, Environmental Resources and Energy Materials (CCESEM 2023)
4-yl Fast Fourier Transform
DataGirdView interlaced display color
[Docker implements test deployment CI/CD----Dingding alarm after the build is successful (7)]
[Asp.net core series] 6 the complete structure of a project in actual combat
The new version of OpenCenterV3 management background
Why can box plots detect outliers and what is the principle?
[Switch] jumbo frame Introduction
C++对象移动(3)——移动构造函数
Daily
More
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)
2024-04-26(22)

Code World

© 2018 codetd.com