Computer network stratification

Differences between TCP and UDP

TCP/IP has two representative transport layer protocols, namely TCP and UDP

UDP characteristics

  1. Connectionless (no connection required before sending a request)
  2. Unicast, multicast, broadcast functions
  3. UDP is packet oriented
  4. Unreliability.
  5. The header cost is low and it is very efficient in transmitting data packets

Characteristics of TCP

  1. Facing the connection (three handshakes, three waves)
  2. Supports only unicast transmission (not multicast and broadcast)
  3. Word oriented stream
  4. Reliable transport
  5. Provide congestion control
  6. TCP provides full duplex communication

contrast

conclusion

  • TCP provides connection-oriented reliable services to the upper layer, while UDP provides connectionless unreliable services to the upper layer.
  • Although UDP is not as accurate as TCP transmission, it can also be used in many places where real-time requirements are high
  • TCP can be used if the data accuracy is high and the speed is relatively slow

Differences between HTTP and HTTPS

HTTP features

  1. Stateless, each request will be closed after the end, each request is independent, its execution and results with the previous request and after the request is not directly related, it will not be directly affected by the previous request response, will not directly affect the back of the request response
  2. Plaintext transmission (unencrypted packets), why not encrypt communication is a disadvantage, this is because according to the working mechanism of TCP/IP protocol family, communication content can be accessed on all communication lines.
  3. The identity of the communicating party is not verified, so it is possible to encounter camouflage.
  4. The integrity of the message could not be proved.

HTTPS characteristics

  1. Trust host issues. A server that uses HTTPS must apply for a certificate from a CA (a digital certificate Authority in the position of a trusted third party for both the client and the server) that proves the type of use of the server. This certificate is signed by the CA so that the client knows that the server is secure.
  2. Using the HTTPS protocol, all communication between the server and client is encrypted.

Simply put: HTTP + authentication + encryption + integrity protection = HTTPS

Differences between HTTP1.1 and 2.0

1. Multiplexing

HTTP2.0 uses multiplexing techniques to process multiple requests concurrently for the same connection, and the number of concurrent requests is orders of magnitude larger than HTTP1.1. HTTP1.1 can also establish several more TCP connections to support handling more concurrent requests, but creating TCP connections is inherently expensive.

2. Header data compression

In HTTP1.1, HTTP request and response are composed of three parts: a status line, a request/response header, and a message body. In general, the body of the message is either gzip compressed or itself transmitted as a compressed binary, but the status line and header are not compressed at all and are transmitted as plain text. As Web functions become more and more complex, more and more requests are generated on each page, resulting in more and more traffic consumed in the header. Especially, it is a waste to transfer UserAgent, Cookie and other contents that do not change frequently every time. HTTP1.1 does not support header compression. HTTP2.0 uses the HPACK algorithm to compress header data, so that the data volume is smaller, faster transmission over the network.

3. Server push

Server push is a mechanism for sending data before the client requests it. Web pages use many resources: HTML, style sheets, scripts, images, and so on. Each of these resources must be explicitly requested in HTTP1.1. It’s a slow process. The browser starts by getting the HTML and then incrementally gets more resources as it parses and evaluates the page. Because the server must wait for the browser to make every request, the network is often idle and underused. To improve latency, HTTP2.0 introduced Server push, which allows the server to push resources to the browser before the browser explicitly requests them, preventing the client from creating a connection again and sending a request to the server for retrieval. This allows clients to load these resources directly from the local server rather than over the network.

The difference between HTTP1.0 and HTTP1.1

1. Persistent Connection

HTTP1.1 supports pipeline processing of long connections and requests. Multiple HTTP requests and responses can be sent over a TCP connection, reducing the cost and delay of establishing and closing a connection. Keep-alive is enabled by default in HTTP1.1. HTTP1.0 requires the keep-alive parameter to tell the server to establish a long connection.

2. Save bandwidth

There are some bandwidth wastages in HTTP1.0, such as the client only needs part of an object, the server sends the whole object, and does not support breakpoint continuation. HTTP1.1 supports sending only header information (without any body information). If the server thinks the client has permission to request the server, it will return 100. If 401 is returned, the client saves bandwidth by not sending the body request.

3. The HOST domain

HTTP1.0 assumes that each server is bound to a unique IP address. Therefore, the URL in the request message does not pass a hostname. HTTP1.0 does not have a host field. With the development of virtual hosting technology, there can be multiple virtual hosts (multi-homed Web Servers) on a physical server, and they share the same IP address. HTTP1.1 both Request and response messages support the host field, and an error (400 Bad Request) will be reported if there is no host field in the Request message.

4. Cache processing

HTTP1.0 mainly used if-Modified-since and Expires in the header as the cache criteria. HTTP1.1 introduces more cache control policies such as Entity Tag, If-unmodified-since, if-match, if-none-match, etc.

5. Error notification management

Add 24 error status response codes in HTTP1.1. For example, 409 (Conflict) indicates that the requested resource is in Conflict with the current state of the resource. 410 (Gone) Indicates that a resource on the server is permanently deleted.

Difference between POST and GET

  • Get is used to get data, and POST is used to submit data
  • The GET argument is limited in length (by url length, depending on the browser and server, up to 2048 bytes), while the POST argument is unlimited.
  • The data of the GET request is appended to the URL, starting with “? “Split url and transfer data, multiple parameters are concatenated with ampersand, whereas A POST request puts the requested data in the HTTP request body.
  • Get is in plaintext, post is in the body of the request, but the developer can see it through the packet capture tool, and it is also in plaintext.
  • Get requests are saved in the browser history and possibly in the Logs of the Web server

First of all, get and POST are both TCP links in nature, but due to HTTP protocol and browser or server restrictions, they are different in application process, but there is a major difference between them: Get sends a packet during the request, sending the header and data together, while POST generates two packets. The server sends the header first, and returns 100. The server returns 200 after sending data

Symmetric and asymmetric encryption

Symmetric encryption

Symmetric encryption: encryption and decryption using the same password or the same logical encryption method.

This is also known as a symmetric key, but symmetry and asymmetry refer to whether the encryption and decryption keys are the same.

Asymmetric encryption

Asymmetric encryption uses a pair of secret keys, called a public key and a private key, also known as an asymmetric secret key. Asymmetric keys can be used for both encryption and authentication. In fact, symmetric encryption as long as the length of the encrypted password is long enough, the encrypted data is generally secure without access to the password itself. But there is a problem in the practical application of network data such as encryption, because use the same secret key encryption and decryption, so the server and the client is necessarily to the exchange of the secret key, and it is because of the asymmetric secret key with a secret key exchange this process may be an intermediary to steal the secret key, once the symmetrical secret key stolen, and by analyzing the encryption algorithm, The transmitted data is then transparent to the middleman. So the fatal drawback of symmetric encryption is that it cannot guarantee the security of the secret key. Key: use one secret key in the secret key pair to encrypt, the encrypted data can only be decrypted through the other secret key. In HTTPS encryption, symmetric encryption is used to encrypt the transmitted data itself, and asymmetric encryption is used to encrypt symmetric secret keys. The whole process is as follows: The server creates a pair of asymmetric secret keys and sends the public key to the client. The client also determines the symmetric encryption algorithm and the symmetric secret key used for data transmission, and then encrypts the symmetric secret key using the public key given by the server. After receiving the symmetric encryption algorithm and key from the client, the server and client use the symmetric encryption algorithm and key for data transmission. Without the private key stored on the server side, you cannot decipher the symmetric secret key encrypted with the public key, even if the contents of the public key on the server side are known to the middleman. A public key is a public key that can be accessed at will, and decryption requires a private key. Asymmetric encryption or public key encryption can ensure encryption security because the private key is not public, attackers can not crack without the private key.