HTTPS = HTTP + SSL/TLS protocol: During HTTPS data transmission, SSL/TLS is used to encrypt and decrypt data, and THEN HTTP is used to transmit encrypted data.
Symmetric encryption: the sender and receiver of a message use the same key to encrypt and decrypt the data. Symmetric encryption is characterized by fast algorithm disclosure, encryption, and decryption. Asymmetric encryption: a pair of keys, namely a public key and a private key, are used in pairs. The private key is kept by itself and cannot be disclosed. A public key is a public key that can be obtained by anyone. Encrypt with either the public or private key and decrypt with the other.
The specific process can be divided into two stages: handshake stage and data transmission stage
handshake
-
The client starts the request by sending the SSL version it supports, the encryption algorithm, and a random number (random_c).
-
Server receives request: response confirm SSL version, confirm encryption algorithm, server public key (pubkey_S), a random number (random_s)
-
The client receives the public key of the server and starts to verify: The client will generate a pre-master secret based on the previous random_C and random_s, and then use pubkey_S to encrypt it and send it to the server. At the same time, according to random_C, random_S, pre-master secret through a certain algorithm to obtain the session Key
-
The server decrypts through the private Key to obtain pre-master secret, and then obtains the session Key through certain algorithm through random_C, random_S and pre-master secret
Symmetric encryption is used in the data transmission phase, and the sessionKey generated in the previous phase is used for encryption and decryption