Monday, February 19, 2018

How https works?




https://tiptopsecurity.com/how-does-https-work-ssl-tls-explained/
https://www.nginx.com/blog/nginx-https-101-ssl-basics-getting-started/
https://www.hi-linux.com/posts/21572.html
https://zhuanlan.zhihu.com/p/25587986
https://www.jianshu.com/p/51cc23843756
https://github.com/youngwind/blog/issues/108
https://www.jianshu.com/p/81ed6c02012a






How HTTPS Works


Here’s how it works in more detail:


  1. Your browser reaches out to the website server and requests a connection.
  2. The server sends you its public key. It keeps its private key a secret.
  3. Your browser generates a third key called a session key.
  4. The session key is encrypted by your computer using the public key you got from the server
  5. The encrypted session key is then shared with the server.
  6. The server decrypts the session key that it received from you using the secret private key. Now both ends have the session key that your computer generated.
  7. The public key encryption is terminated and replaced with symmetric encryption.
  8. Now you are in a session with the server using only symmetric encryption, and that’s how it remains until you leave the website.
At the end both client and server share the symmetric key.


 How PKI Works
Symmetric encryption image















-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

java special for collection size, array size, and string size

Size: For Collections (eg: Map, List, etc ): usually it use collection.size(), eg         Map<Character, Integer> map ...