The author of this article: Ge Guo, focusing on the field of front-end development. For more articles, please pay attention to the column “Front-end Small Things” of Zhihu.

Have you noticed that a small green lock has been added to the address bar of every well-known website?

HTTPS security flag

Yes, this is HTTPS, this is the age of HTTPS.

However, do you know HTTPS?

Simply put, HTTPS is HTTP over SSL/TLS, or secure HTTP. What is security? A secure network communication environment should solve three problems:

  1. Confidentiality of the contents of communications
  2. The authenticity of the identity of the communication parties
  3. Integrity of communication content

HTTPS was created to solve these three problems (SSL, to be exact), and here are the solutions to these three problems.

Confidentiality of the contents of communications

The confidentiality of communication content needs to be achieved through encryption. Our Internet environment is very transparent, and communications need to pass through many routes before they reach the recipient. This situation is a bit like when you have a class to the first row of small red pass paper, paper you certainly will not directly write tonight night playground see, but cleverly write the old place to see. This old place only you and Xiao Hong know, so even if Xiao Ming and Xiao Li saw the note, they do not know the old place is the library or the English corner, this is encryption, and the old place is the so-called key.

Of course, this example is not very accurate. Simply put, encryption and decryption is a function, and the key is the parameter of the function. For example, if we define a simple encryption function, f(x)=x+b, x is the input plaintext, and B is the key; The decryption function is the inverse of the encryption function, that is, g(x)=x-b. When you don’t know B, you can’t guess the real content even if you see the ciphertext, so encryption is realized. This encryption and decryption all use the same key, called symmetric encryption.

But here’s the question, how did this parameter b get negotiated?

You and Xiao Hong can make a good b value, but in the real network environment you and Xiao Hong do not have the possibility of direct communication, all communication depends on Xiao Ming xiao Li to pass the note, how to do to avoid them? This is where asymmetric encryption algorithms come in. These algorithms have a pair of keys: a public key, which everyone can access, and a private key, which the server keeps privately. In asymmetric encryption algorithms, only the private key can decrypt the content encrypted by the public key, and only the public key can decrypt the content encrypted by the private key. Therefore, when you use The public key of Xiao Hong to encrypt your paper, xiao Ming, Xiao Li and others can not read the content when they see the paper. Only Xiao Hong who has the private key can read your information.

Symmetric encryption algorithm uses the same secret key for encryption and decryption. Asymmetric encryption algorithms require two keys, a public key and a private key, for encryption and decryption. You may be curious about the principle of asymmetric encryption algorithm, but I will not expand on the algorithm here, interested students can search by themselves.

So the question is, what if Xiao Hong also wants to encrypt your response?

If Hong encrypts with her private key, everyone in the class knows the public key, and the public key unencrypts the private key, meaning everyone can decrypt Hong’s response message. Smart you must have come up with a solution: use the asymmetric encryption algorithm to encrypt a symmetric key to Hong, Hong uses her private key to read the symmetric key, and then you use the symmetric key to do the symmetric encryption, and then you can have a happy date.

Of course, HTTPS does the same thing.

The authenticity of the identity of the communication parties

It looks like communication is perfect after encryption, right? Wait a minute, how is xiao Hong’s public key announced to the world?

In the network environment, all information exchanges are carried out by slip of paper, and Xiao Hong’s public key is no exception. What if it is replaced by Xiao Ming? How do you guarantee that the red key in your hand is the real red key? See the note of the foolish man complain woman in class by all sorts of switch, recreational committee member Feng Elder sister decides to come forward. Sister Feng came up with a method, all encrypted communications to carry a card, used to prove their identity. The certificate was specially made by Sister Feng for all the single dogs in the class. The public key was placed in the certificate and returned to the sender. Besides the public key, the certificate also contained information such as student number, name, and even the height of zodiac sign. The certificate is stamped with a large identification stamp, which is unique to Sister Feng, indicating that the authenticity of the information on the certificate is guaranteed by Sister Feng. If you see this stamp, you can assume that the other party is a real single dog.

Through this information you can know whether the other party is xiaohong or ruhua, this is the certificate mechanism.

Obviously, you will doubt that the official seal of Sister Feng on the certificate is likely to be forged. It is reasonable to doubt! Therefore, the official seal on the certificate is also asymmetrically encrypted. The encryption method is just the opposite as mentioned above: encrypted with the private key of Phoenix sister, decrypted with the public key of Phoenix sister, so that the authenticity of the certificate can be verified. The official seal is the digital signature of the certificate. Specifically, it is the process of extracting the abstract with hash algorithm and encrypting the abstract. In addition, you can directly take the certificate to find Sister Feng, Sister Feng will help you verify the validity of the certificate. (Certificates have an expiration date, so even genuine certificates can expire. Be careful.)

This mechanism seems to be quite perfect, but we should be suspicious of everything to build a security mechanism, sister Feng’s guarantee is reliable.

But is Sister Feng really sister Feng??

EXM?

So, Sister Feng itself should also be guaranteed by the certificate, sister Feng’s certificate issued by the head teacher, and the head teacher’s certificate issued by the principal…… This chain goes all the way to the most authoritative institutions, which in HTTPS are called root cas. Roots are unquestionable authorities who bring their own salt and prove themselves to be themselves. In HTTPS certificate system, the root certificate comes with the operating system/browser, and we can trust the certificate certified by these institutions, thus deriving the level of Sister Feng layer by layer.

In addition, since the certificate is actually very easy to make, 10 yuan a copy of subway, whether harvard or Stanford, all 10 yuan! So some companies will do their own certificates, do not go to the root CA organization, such as the famous 12306. You can also make your own certificate and put it on the Internet for users to download and import into the browser, but because you don’t have sister Feng’s influence, no one will believe you. Of course, some people don’t even believe sister Feng…

Integrity of communication content

Secret also added, feng sister’s official seal is also covered, is this mechanism perfect?

NoNoNo, think of xiao Ming who has a crush on you. He must be upset when he sees you passing a note to Xiao Hong. Although he can’t understand it, he can still change the cipher text. Originally you are to offer xiao Hong midnight playground to see, the results of Xiao Ming deleted the first half of the ciphertext, decryption after just become “see the playground”, and then xiao Hong immediately ran to the playground after class, and you ran back to the dormitory to take a good bath… Then, then Xiao Hong ran away with Xiao Ming

This tampering with the communication content of the scene I believe we have a deep experience, we visit some sites for no reason on the operator’s advertising, which is the operator to add!! Therefore, the integrity of the content also needs to be guaranteed, which is relatively simple: extract the content abstract with hash algorithm, and then encrypt the content to generate digital signature, verify the digital signature can judge the integrity of the communication content.

The above is a simplified version of HTTPS technology, an HTTP communication flow is as follows:

HTTPS initialization process

General steps:

  1. The Client sends a Client Hello packet to start SSL communication. The packet contains the SSL version, list of available algorithms, and key length.
  2. If the Server supports SSL communication, it responds with Server Hello packets, which also contain the SSL version and the encryption algorithm, that is, the negotiation encryption and decryption algorithm.
  3. The server then sends the Certificate message, that is, the Certificate to the client.
  4. The Client sends the Client Key Exchange message, encrypts the pre-master secret random password string using the certificate public Key in 3, and uses the password for symmetric encryption for subsequent communication.
  5. After successful decryption using the private key, the server returns a response indicating that the SSL communication environment is set up.
  6. Then there is the regular HTTP C/S communication.

As described above, digest and signature algorithms are used in both step 3 and Step 6 to ensure that the passed certificate and communication content is not tampered with. From this process, we can see that the core of HTTPS is encryption, especially asymmetric encryption algorithm is used many times to transmit key information.

Understanding encryption, recognizing the transparency of the web, and being skeptical of everything makes it easy to understand HTTPS.

conclusion

Recently, in a systematic review of HTTP related things, this article first introduced the basic principle of HTTPS, uneducated, the article has improper place, but also hope to be corrected! Practical applications and static server configurations will be introduced later

The appendix

How can HTTPS avoid man-in-the-middle hijacking?

If someone hijacks your DNS server and directs wwe.icbc.com to his illegal site, or if a proxy server directs you to his illegal site, this is a manin the middle attack. If there is no HTTPS, then the attack just happens. So how does HTTPS avoid this kind of attack?

The answer is through certification.

  1. When you apply for a certificate, CA will control the domain name you want to apply for, so you can not use Lao Wang’s website next door to apply for a certificate. Even if you hacked his site, as long as Lao Wang to apply for a certificate can be found.

  2. If a forged certificate is not issued by an authoritative CA, the browser will alert the user that the certificate is invalid. Of course, users can still do things like grab train tickets.

  3. If you take the certificate of the real site and replace it with the same domain name but with the public key, the browser will find that the digital signature of the certificate does not match and will alert the police.

  4. If the middleman uses www.icbc.com’s real certificate directly, he can receive the client’s message but cannot decrypt it, so he cannot respond to the client’s request. The attack is invalid!

Digital signature of the certificate

I didn’t know much about hash algorithms and digital signatures before, but I found that the principle is actually quite simple. Hashing algorithm can convert a large amount of data into a fixed length summary, and the summary is corresponding to the input, the input changes after the summary will also change. Therefore, hashing algorithm is applied to the data to get the abstract, and the comparison of the abstract can judge whether the data has been tampered. The certificate uses the private key to encrypt the abstract, and then the client can decrypt the abstract with the public key, and compare the abstract calculated by the hash algorithm to determine whether the certificate has been tampered. On the other hand, because the public and private keys are paired, although the tampered certificate can get the abstract, but cannot encrypt the signature, so the combination of the abstract and encryption can ensure the authenticity of the certificate. The private key is the private key of the certificate issuing authority, that is, the CA in the CA chain encrypts the user server certificate. The upper-level CA encrypts the lower-level CA certificate to form a trust ring.

The author of this article: Ge Guo, focusing on the field of front-end development. For more articles, please pay attention to the column “Front-end Small Things” of Zhihu.