HTTP handshake with HTTPS those things

Turn from: http and https handshake of those things

Today I summed up what is the HTTP three handshake, the process of https handshake, and why HTTPS is secure.

Premise

When it comes to these two handshakes, there is something that needs to be explained in advance.

What is the difference between HTTP and TCP?

TPC/IP protocol is a Transport layer protocol, which mainly solves how data is transmitted in the network, and HTTP is the application layer protocol, which mainly solves how to wrap the data. The web uses the HTTP protocol as an application-layer protocol to encapsulate HTTP text information and then send it to the network using TCP/IP as the Transport layer protocol.

The following diagram attempts to show the location of different TCP/IP and other protocols in the initial OSI (Open System interconnect) Model:

PS: Forms from online materials

What is a CA certificate?

CA (Certificate authority) is a third-party authority responsible for the management and issuance of certificates, which is trusted and recognized by all industries and the public.

A CA certificate, which is a certificate issued by a CA, can be used to verify that a Web site is trustworthy (for HTTPS), to verify that a file is trustworthy (tampering), and so on, or to use a certificate to prove that another certificate is authentic and that the top-level certificate is called a root certificate. In addition to the root certificate (which proves itself reliable), other certificates rely on a certificate of the previous level to prove themselves.

HTTP three-time handshake

HTTP (hypertext Transfer Protocol) Hypertext Transfer Protocol is one of the most widely used network protocols on the Internet. Because the information is transmitted in plaintext, it is considered unsafe. The three-time handshake about HTTP, in fact, is to use three TCP handshake confirmation to establish an HTTP connection.

As shown in, SYN (synchronous) is the handshake signal used by TCP/IP to establish a connection, Sequence number (serial numbers), acknowledge number (confirmation numbers), three arrows pointing to represent three handshake, three handshake completed, The client and the server begin to transfer data.

PS: Images from online materials

First handshake: The client sends a SYN packet (SYN=J) to the server and enters the Syn_send state, waiting for the server to confirm;

Second handshake: The server receives the SYN packet, it must confirm the customer's SYN (ACK=J+1), and also send itself a SYN packet (syn=k), that is, the Syn+ack packet, when the server enters the SYN_RECV state;

Third handshake: The client receives the server's Syn+ack packet, sends the acknowledgment packet ack (ACK=K+1) to the server, the packet is sent, the client and the server enter the established state, and the handshake is completed three times.

HTTPS handshake process

HTTPS joins the SSL protocol based on HTTP, which relies on certificates to verify the identity of the server and encrypt communication between the browser and the server. Specifically how to encrypt, decrypt, verify, and see, the following is called a handshake.

PS: Picture The following description is excerpted from: http://zhuqil.cnblogs.com

1. Client initiates HTTPS request

2. Configuration of the server side

Servers that use the HTTPS protocol must have a digital certificate, either their own production or CA certificates. The difference is that the certificate you issued requires client authentication to continue access, while using the CA certificate does not pop up the prompt page. This set of certificates is actually a pair of public and private keys. The public key is encrypted for others, and the private key is used for decryption.

3. Transferring certificates

This certificate is actually the public key, but contains a lot of information, such as the certificate Authority, expiration time and so on.

4. Client Resolution Certificate

This part of the work is done with the client's TLS, first verify that the public key is valid, such as the authority, expiration time, etc., if an exception is found, a warning box pops up to indicate a problem with the certificate. If there is no problem with the certificate, then an immediate value is generated and the random value is encrypted with the certificate.

5. Transmitting encrypted information

This part transmits the random value that is encrypted with the certificate, the purpose is to let the server to get this random value, the client and the service side of the communication can be encrypted by this random value to decrypt.

6. Service Segment Decryption Information

After the server is decrypted with the private key, a random value (private key) is obtained from the client, and then the content is symmetric encrypted by this value. The so-called symmetric encryption is that the information and the private key through an algorithm mixed together, so that unless the private key is known, or can not get the content, and just the client and the server know the private key, so long as the encryption algorithm is sturdy enough, the private key is complex enough, the data is safe enough.

7. Transfer of encrypted information

This part of the information is the service segment with the private key encrypted after the information, can be restored on the client.

8. Client Decryption Information

The client uses the previously generated private key to decrypt the information passed by the service segment and obtains the decrypted content.

PS: The whole handshake process third parties, even if they hear the data, are helpless.

Summarize

Why is HTTPS safe?

In the fourth step of the HTTPS handshake, if the site's certificate is untrusted, a confirmation screen appears confirming the authenticity of the site. In addition, the sixth and eight steps, using the client private key encryption and decryption, to ensure the security of data transmission.

The difference between HTTPS and HTTP

1. The HTTPS protocol requires a certificate or a home-made certificate to be requested by the CA.

2. HTTP information is transmitted in plaintext, and HTTPS is SSL encryption with security.

3. HTTP is a direct data transfer with TCP, and HTTPS is a layer of SSL (OSI presentation layer), with a different port, the former is 80 (requires domestic record), the latter is 443.

4. The HTTP connection is simple and stateless; The HTTPS protocol is a network protocol built by the SSL+HTTP protocol for encrypted transmission and authentication, which is more secure than the HTTP protocol.

Appendix

HTTPS is generally used for encryption and hashing algorithms as follows:

Asymmetric Encryption algorithm: RSA,DSA/DSS

Symmetric encryption algorithm: Aes,rc4,3des

Hash algorithm: md5,sha1,sha256

HTTP handshake with HTTPS those things