Table of contents
Symmetric encryption:
In the early stages of network development, in order to protect data security and prevent hacker attacks, we invented symmetric encryption
That is, a secret key through which the client and server encrypt/decrypt data.
Ideally, as long as no one can obtain my secret key, then my data is very safe and no one can know the contents.
But because a server usually corresponds to many clients, in our application, we actually ask the client to send its secret key to the server first, and let the server confirm its purpose.
Therefore, the secret key has also become a network data that needs to be transmitted on the network. Once transmission is involved, the secret key is likely to be stolen by packet capture.
Therefore, using symmetric encryption cannot guarantee the security of our data, so as the network develops, we introduce asymmetric encryption.
asymmetric encryption
We have to remember that asymmetric encryption has three keys
There are three keys!
There are three keys!
(This is very important)
They are one for the client and two for the server. The two keys for the server are called public key and private key respectively.
In fact, this asymmetric encryption uses another layer of encryption to protect the key key1 used for decryption and encryption.
But the above is an ideal situation
The following is the actual situation
We cannot guarantee whether the public key key2 from the server really comes from the server or has been tampered with by a hacker.
So we next went into the certificate
About the certificate: It is issued by an international authoritative organization, and the private key of the organization is built into the system of each computer.
