Drawbacks of HTTP:

Browser -> Proxy Server -> Link -> Server

Eavesdropping and tampering may occur during this process:

Eavesdropping passwords and other sensitive information tampering: insert ads redirected to other sites (JS and Head)

Traceroute www.baidu.comCopy the code
Using HTTPS is the trend of The Times:
  • At present, the global Internet is migrating from HTTP to HTTPS
  • Chrome and Firefox will warn sites that do not use HTTPS encryption that they are not secure
  • Apple requires all APP communications to be encrypted using HTTPS
  • The applets force the server to use HTTPS requests
Features:
  • Confidentiality (anti-leak)
  • Integrity (tamper-proof)
  • Authenticity (anti-counterfeiting)

Symmetry Asymmetry refers to whether the encryption and decryption keys are the same. Encryption and decryption use the same key, we call it a symmetric key. “Symmetry” here does not refer to the encryption and decryption process

HTTP + SSL = HTTPS

SSL Certificate Classification
  • Entry level DVSSL certifies that the domain name is valid (has not been tampered with) with no threshold
  • Enterprise OVSSL Enterprise qualification Personal qualification
  • The enhanced EVSSL browser gives the green address bar to show the company name
DES symmetric encryption

A —–> ——> B

A uses the public key to encrypt the message to B using A common encryption algorithm

B Uses the same secret key and the corresponding decryption algorithm to decrypt data

disadvantages

Unable to verify whether message A sent after key loss

Asymmetric encryption

Generate a pair of secret keys. The public key is responsible for encryption and the private key is responsible for decryption. If the private key cannot be decrypted, the public key is invalid.

Disadvantages: Computational complexity has an impact on performance (1000 times in extreme cases) and is commonly used for validation

Common algorithms RSA(Large prime number), Elgamal, Knapsack algorithm, Rabin, D-H, ECC(Elliptic curve encryption algorithm)

Principle of RSA

Numbers that are divisible only by 1 and themselves are called primes, such as 13, and there are infinitely many primes. It is simple to get the product of two huge prime numbers, but there is no effective way to deduce these two huge prime numbers from the product. This irreversible one-way mathematical relationship is recognized as a difficult problem of prime factorization in the international mathematics circle.

R, S and A cleverly use this hypothesis to design the basic principle of RSA public key encryption algorithm:

1, let the computer randomly generate two large prime numbers P and q, get the product n;

2. Generate key e conditionally using P and Q;

3. Through a series of calculations, the solution key D, which is prime to n, is obtained and placed in a place known only by the operating system;

4. The operating system will publish N and E together as public keys, keep the private key D in secret, and discard the initial prime numbers P and Q in secret.

The international community of mathematics and cryptography has shown that trying to infer plain text from a public key and ciphertext — or trying to infer a private key from a public key — is as difficult as factoring the product of two huge prime numbers. This is why Eve cannot decrypt Alice’s ciphertext and the public key can be published online.

Don’t worry about how big a “huge prime number” has to be to be safe: with today’s predictable computing power, it would take hundreds of thousands of years to factor the product of two 250-digit prime numbers in decimal; And the probability of running out of prime numbers or two computers accidentally using the same prime number is small enough to be ignored.