In this primitive way of communication, all information is in plain text, which is very insecure. For lovers in love, whispering is the exclusive memory of two people, and this is never to let a third party monitor or peep.
Originally, byte High used a protocol called HTTP1.0, a specification created by upperclassmen in 1996.
Although this set of rules can meet the daily needs of lovers on campus, it has a very obvious disadvantage. Because HTTP is stateless, it takes a lot of time to re-establish TCP connection for transferring each piece of paper, which also tests the patience of students. A ten-minute class break often starts without passing several pieces of paper, which is very inefficient.
Half a year later, in 1997, the seniors finally had enough of this torment and perfected HTTP1.0.
First, HTTP1.1 designs a persistent Connection that keeps TCP connections open during a single communication, thus providing a stable channel for multiple slips of paper to be passed. In addition, in this TCP channel, seniors can send multiple notes to senior students, instead of sending and receiving only one note as before. What’s even more exciting is that once you could only write words on a piece of paper, now you can attach photos, videos and so on, which is a great boon for couples.
For more than a decade, students have been making do with this method of communication. Then, in 2015, an upperclassman at Byte High School decided to innovate and push the protocol forward, and in order to make it more pleasant and efficient for students to pass notes, he released Http2.
In the new version, he implemented “multitasking,” in which two people can simultaneously send notes to each other in real time, rather than one-to-one correspondence. For example, the senior now receives two notes. One says, “What did you have for lunch?” “And” Where are you going this weekend? She wants to make detailed plans for her weekend but doesn’t want to keep her date waiting, so she can respond with a quick second note: “I’d like to go to the cinema this weekend and then we can swipe bystream together.” Then completely reply to the first piece of paper – “lunch dining hall, yuck dead.” Then she can take her time thinking about which movie she wants to see this weekend, which bookstore she’ll go to after the movie, and send a full response to the second note. At the same time, HTTP2 defines all information formats as binary, which can be easily decoded in the future for sending directly to more advanced applications.
Byte Middle School used to be a virtuous high school, but in recent years, the number of bad boys in the school has gradually increased. They sometimes steal notes, tamper with them and send them again, causing conflicts between lovers; In some cases, couples’ conversations are monitored and reported to the dean of students or posted anonymously at the school gate. In others, valuable information on the notes is used to make millions of dollars. For a time, the campus frets, everything is so nervous. Students no longer dare to use HTTP to send notes.
Since HTTP is a plaintext transmission, this is really easy for delinquent youths (middlemen) to intercept, so how can you effectively encrypt messages?
Generally speaking, there are two types of encryption, symmetric encryption and asymmetric encryption. First, a brief introduction to the two encryption methods:
- Symmetric encryption: also known as single-key encryption, encryption and decryption use the same key. High speed and use less CPU resources.
- Asymmetric encryption: Use a pair of keys: public and private. The private key and public key have a one-to-many relationship. The public key is used for signature, and the private key is used for authentication. The private key must be stored locally and cannot be leaked. The public key can be transmitted and distributed over the Internet at will.
Now, huang and Brown, the enviable campus couple, are going to create and experiment with a new way of passing notes to benefit everyone and crack down on school delinquents.
First, here’s what they thought:
It looks like it could work, but the truth is, too young kids just intercept the KEY, send a fake KEY, and all subsequent messages are monitored.
The core of the problem is that it is not secure to transmit the key directly, and the key needs to be encrypted. Our goal is that even if an intermediary intercepts the key, it cannot decrypt it.
So how do you encrypt the key?
If symmetric encryption is used to encrypt the key, the key is still insecure during transmission and the key needs to be encrypted again. This would add up indefinitely and would still end up being unsafe and clearly irrational.
If asymmetric encryption is used, the server first generates a pair of public and private keys and sends the public key. After receiving the public KEY, the peer party uses symmetric encryption to generate a KEY, uses the public KEY to encrypt the KEY, and sends the KEY. After receiving the data encrypted with the public KEY, the server decrypts the data using the private KEY to obtain the KEY. At this point, the two parties can use the KEY to encrypt the data and begin communicating securely. (Even if the middleman intercepts the data encrypted by the public KEY, it cannot decrypt the KEY because there is no private KEY (the private KEY is held only by the server that issued the public KEY, not used for transmission).)
Imagine the diagram as follows:
It looks like it works, but it’s still too simple. If brown (server) in the transmission of the public key to yellow (client), the public key is intercepted, black (middleman) themselves generate a pair of public and private keys, and will forge the public key to Yellow, so that it is completely monitored.
At this point, this situation occurs: the client uses KEY1, the server uses a middleman forged KEY2, and the middleman owns KEY1, KEY2. So middlemen can tamper with data indefinitely.
Huang and Brown fell into a deep thought. Although the new scheme solved the problem of the key being intercepted, it produced new difficulties. Now the problem domain is narrowed down to: how to encrypt and transmit the public key safely?
If you just re-encrypt the public key symmetrically or asymmetrically, you’re bound to have a chicken-and-egg problem.
What should I do? At this point, an authority is needed to take charge. So the students decided to elect the highly respected president of the Student Union Xiao Ji (CA) to undertake this task.
Season is to operate like this: first of all, every student in the admission, will receive the public key ISSUED by the student union A, and this public key A is absolutely trusted. Later, which students fall in love, need A bunch of little notes, is to the student union XiaoJi apply for the certificate, certificate will be used in public key to encrypt B for you, then you will be lost to your object to your public key encryption B and send, because he/she has received at the start of the year issued by the CA’s public key. A, as long as using the public key to decrypt the data, A if can solve, You can retrieve your public key B.
The process is as follows:
At this time, there is another problem, because the delinquent teenagers are also students in the school. As can be seen in Figure 1, the delinquent teenagers are also issued with CA public keys, and the delinquent teenagers can also apply for the certificate from the delinquent teenagers. If delinquent teenagers intercept the certificate sent by the server and change it to their own, isn’t it unsafe again? The diagram below:
You can see that there are two possible problems:
- The certificate is intercepted by an intermediary and tampered with the CA public key
- Middlemen fake their own certificates to be sent by the source server
But these two problems do not actually appear, Ji has long considered this problem, in the design of the certificate at the beginning of the solution. It introduces the concept of “digital signature”.
At this point, we have solved the middleman problem completely, and delinquents can no longer take advantage of the gaps in the transmission.
HTTP over Secure Socket Layer (HTTPS) is used to ensure transmission security.
Small black unwilling, want to find a new solution, season told him that there may be the answer you want in the programming world, you can pay attention to the “byte stream” this public number, the students inside are all talents, and good to hear.
So Hei and his middleman friends began to study hard, byte high school to restore the old atmosphere of virtue and thick learning.