Turn from: 50910999SSL
1. Secure Socket LAYER,SSL protocol is a protocol that securely exchanges information between a Web browser and a Web server.
2. Three features of the SSL protocol
? Confidentiality: After the session key is defined in the handshake protocol, all messages are encrypted.
? Authentication: Optional client authentication, and mandatory server-side authentication.
? Integrity: Messages that are delivered include message integrity checks (using MAC).
3. Location of SSL
HTTPS
1. HTTPS SSL-based HTTP protocol.
2. HTTPS uses a different port than HTTP (an encryption, authentication layer (between HTTP and TCP).
3. Provides authentication and encryption communication methods, which are widely used for security-sensitive communication on the Internet.
Interactive process
The client has several steps to communicate with the Web server using HTTPS.
1) The client requests an SSL connection and sends a set of cryptographic rules that it supports to the Web site.
2) The website chooses a set of encryption algorithm and hash algorithm, and sends its identity information back to the browser in the form of a certificate. The certificate contains the website address, the encrypted public key, and the certificate authority and other information
3) After obtaining the website certificate, the browser will do the following tasks:
? Verifying the legality of a certificate
? If the certificate is trusted, the browser generates a string of random number passwords and encrypts them with the public key provided in the certificate.
? Use a well-agreed hash to calculate the handshake message,
? Encrypts the message using the generated random number, and finally sends all previously generated information to the Web site.
4) After the website receives the data from the browser to do the following actions:
? Use your private key to decrypt the information and remove the password
? Use the password to decrypt the handshake message from the browser and verify that the hash is consistent with the browser.
? Encrypt a handshake message with a password and send it to the browser
5) The browser decrypts and calculates the hash of the handshake message, if it is consistent with the hash of the server, at which point the handshake ends.
6) Encrypt and transmit the transmitted data using the random password and symmetric encryption algorithm.
4. The secret and hash algorithms are as follows:
1) Asymmetric encryption algorithm: RSA,DSA/DSS, used to encrypt the generated password during the handshake.
2) symmetric encryption algorithm: Aes,rc4,3des, which is used to encrypt the data that is actually transmitted.
3) hash algorithm: md5,sha1,sha256, verify the integrity of the data.
5. The difference between HTTP and https:
1) The HTTPS protocol requires the application of a certificate.
2) HTTP is a Hypertext Transfer Protocol, plaintext transmission, HTTPS is using a secure SSL encryption transport protocol.
3) HTTP port 80,;https port 443.
4) HTTP connection simple stateless, HTTPS by the SSL+HTTP protocol components can be encrypted transmission, authentication network protocol.
HTTPS protocol, SSL protocol and full interactive process