Abstract: This article attempts to restore the design process of HTTPS step by step to understand why HTTPS will end up like this. But this does not represent the real design process of HTTPS. While reading this article, you can try to let go of your existing understanding of HTTPS in favor of the "revert" process.
Let's not talk about HTTP and HTTPS first. Let's start with a chat software. We want to realize that A can send a hello message to B:
> Even if the hello message packet sent by A to B is intercepted by the middleman, the content of the message cannot be known
How to be truly safe?
This question, many people immediately think of various encryption algorithms, what is symmetric encryption, asymmetric encryption, DES, RSA, XX, crackling~
And I would say that encryption algorithms are just solutions , the first thing we have to do is understand our problem domain - what is security?
My personal understanding is:
The content of the communication between A and B, and only A and B have the ability to see the true content of the communication
Well, the problem domain has been defined (of course there is more than one definition in reality). For the solution, it is easy to think of encrypting the message.
Off topic, but is there only one way? I don't think so. Maybe in the future, there will be a substance that breaks the communication assumptions of the current world and realizes secrecy in the true sense.
For a simple communication model like A and B, it's easy to make a choice:
This is the symmetric encryption algorithm , where the key S in the graph plays both the role of encryption and decryption. Specific details are beyond the scope of this article.
As long as this key S is not disclosed to third parties, and the key S is sufficiently secure, we have solved the problem domain we defined at the beginning. Because there are only A and B in the world who know how to encrypt and decrypt the messages between them.
However, in the WWW environment, the communication model of our web server is not so simple:
If the server side uses the same symmetric encryption algorithm for all client communication, it is tantamount to no encryption. then what should we do? Is it possible to use a symmetric encryption algorithm without disclosing the key? Ask the reader to think for 21 seconds.