preface
HTTPS is known to be more secure than HTTP because it is encrypted. But how exactly does HTTPS encrypt against all kinds of hijacking and tampering in communication? How does it stand on the user’s point of view to ensure that the page users visit is safe, stand on the site’s point of view will also ensure that the site will not be malicious attacks. I want to comb through this article. The analysis will focus on the following two points:
- Encryption method
- Encryption security reflected in specific application scenarios
Encryption method
There are two encryption algorithms: symmetric encryption and asymmetric encryption
- Symmetric encryption: encryption and decryption key is the same, such as 123456 to encrypt with 123456 to decrypt. The passwords are also transmitted over the network in the form of data, so that if 123456 were compromised and the middleman intercepted the request, the encryption would be breached.
- Asymmetric encryption: The key is divided into a public key and a private key. The public key is public and everyone can claim it, and the private key is secret and only one person knows it. In most cases, public keys encrypt the content itself so that no one else can see it. The function of the private key is to prove whether the source of the content is credible. The public key and the private key are paired, and the public key encryption is decrypted with the private key, and vice versa. Next, we analyze the encryption process layer by layer.
Level 1
User A wants to send an email to user B. User B encrypts the email with user B’s public key and then decrypts the email with user B’s private key. So even if the email is intercepted by a middleman, the middleman without B’s private key will get a bunch of gibberish, meaningless.
However, the problem with such communication is that B receives a variety of mail every day and cannot distinguish the source of the mail. If A hacker impersonates the identity of A and sends an email encrypted with THE public key of B (as mentioned above, the public key can be claimed by all), the email obtained after B decrypts is not the real appeal of A. In order to distinguish the source of the mail, A and B communicate in another way:
To ensure that the email received by USER B is sent by user A, user A encrypts the email with the private key of USER A and sends the email. When user B receives the email, user A decrypts it with the public key of user A. In this way, due to the uniqueness of A’s private key, only A can process the email. But this is obviously inappropriate, because of the public key of A, any middleman who hijacked the mail can know the contents of the mail.
Obviously, this kind of unilateral public or private key encryption is going to be vulnerable no matter what, so they introduced digital signatures for the advanced version of encryption transmission, that is, Level 2.
Level 2 (Digital Signature)
Since there are vulnerabilities in public key and private key transmission, use the public key and private key together. User A encrypts the email with the private key of USER A and the public key of user B, and then sends the email after two-layer encryption. User B decrypts the email using the private key of USER B and the public key of user A. In this way, the middleman has neither B’s private key to decrypt the message nor A’s private key to impersonate A’s identity. This transfer process is obviously more rigorous than Level 1. But there’s a downside:
Encrypting the file itself may be A time-consuming process. For example, if the email is large enough, encrypting the entire file with private key A and decrypting the file after getting it is undoubtedly A huge cost. In fact, the encryption of A private key is only to prove whether the source of information is credible, so it is unnecessary to encrypt all the content. So A first hashes the entire article to get A hash value. The hash value is encrypted with the A private key and appended to the end of the message. This is what we call a digital signature. Then all the contents are encrypted with B public key and sent.
Procedure after B receives the email: First, use B’s private key to decrypt the email and obtain the email content and A’s digital signature. Then use public key A to decrypt the digital signature to obtain hash value 1. Finally, B hashes the contents of the message to obtain a hash value of 2. Compare the hash value 2 to the hash value 1 of the digital signature. If the hash value is the same, the file content has not been tampered with, which is nearly perfect without losing performance.
But even so, there are loopholes. If middleman C wants to do something bad, he can go to B’s computer and secretly replace A’s public key with his own public key (which is, after all, public and available to everyone). Next, generate your own digital signature. All layers pass when “B” receives it. Finally, C can still pretend to be A to deceive B.
This feeling is not a little collapse, hold on, the last step is about to succeed. Now we have the whole encryption, the transmission is linked. The only problem is that public key A is easy to replace. How to protect A public key, that is, we are going to talk about digital certificate.
Level 3 (Digital Certificate)
To protect the public key of A and thus the security of transmission, A first asks for the Certificate Authority (CA) to authenticate the public key of A. The certificate center uses its own private key, encrypts A’s public key and some related information, and generates A “digital certificate”. Then the email sent by A to B will add the digital certificate in addition to the digital signature.
After receiving the certificate, B uses CA to obtain the public key decryption and verify the digital certificate. After obtaining the public key of A, the decryption procedure is the same as Level 2.
So the A public key has an extra layer of encryption. You can’t play with the A public key unless you get the CA’s private key. The CA’s private key is now a security hole. What if the middleman now has access to the CA’s private key.
He can’t get it! CA is a very authoritative social organization, can default its private key is not leaked, if one day the CA private key leaked should be disastrous consequences. At this point, it’s really perfect.
Encryption security reflected in specific application scenarios
Generally smooth the encryption process, but in the user visit our website when facing a large number of requests, specific is how to verify whether these requests contain malicious requests. How can users avoid visiting malicious sites
I am not clear about it. I will update it in time.