Tips: First, know that HTTPS adds features like confidentiality, integrity, authentication, and non-repudiation over HTTP
Start with confidentiality. It is the foundation of information security
Without confidentiality, TLS can be a “bottomless pit”. The most common method of achieving confidentiality is encrypt, which converts messages in a way that no one can understand, so that only those with a special ‘key’ can convert the original text again.
The “key” here is called a “key”, the message before encryption is called plain text/clear text, and the garbled code after encryption is called cipher text. The process of decrypting plain text with a key is called decrypt, which is the reverse operation of encryption. The operation process of encryption and decryption is called “encryption algorithm”.
All encryption algorithms are public and can be analyzed by anyone, and the “keys” used by the algorithms must be kept secret. So what is the key “key”?
Since HTTPS and TLS both run on computers, a “key” is a long string of numbers, but the conventional measure is “bits,” not “bytes.” For example, if the key length is 128 bytes, it is a 16-byte binary string, and if the key length is 1024 bytes, it is a 128-byte binary string.
Encryption can be divided into two categories based on how the key is used: symmetric encryption and asymmetric encryption.
Symmetric encryption
“Symmetric encryption” is well understood, which means that encryption and decryption use the same key, is “symmetric”. As long as the security of the key is ensured, the whole communication process can be said to be confidential.
For example, if you want to log in to a website, as long as you agree with it in advance to use a symmetric key, the communication process is all encrypted ciphertext, only you and the website can decrypt. Even if a hacker is able to eavesdrop, all he sees is gibberish. Without a key, the plaintext cannot be solved, thus achieving confidentiality.
There are many symmetric encryption algorithms to choose from in TLS, such as RC4, DES, 3DES, AES, and ChaCha20. However, the first three algorithms are considered insecure and are generally prohibited. Currently, only AES and ChaCha20 are commonly used.
AES stands for “Advanced Encryption Standard,” and the key length can be 128, 192 or 256. It is the replacement of DES algorithm, security strength is very high, performance is very good, and some hardware will do special optimization, so it is very popular, is the most widely used symmetric encryption algorithm.
ChaCha20 is another encryption algorithm designed by Google. The key length is fixed at 256 bits. The performance of pure software is better than AES. But it’s still a pretty good algorithm.
Encrypted packet mode
Symmetric algorithms also have the concept of “grouping mode”, which allows the algorithm to encrypt plaintext of any length with a fixed-length key, turning small secrets (i.e. keys) into large secrets (i.e. ciphertext).
At the earliest, there were several grouping modes such as ECB, CBC, CFB and OFB, but all of them have been found to have security vulnerabilities, so they are not used much now. The latest grouping scheme, called Authenticated Encryption with Associated Data (AEAD), adds authentication functionality to Encryption. GCM, CCM and Poly1305 are commonly used.
Put the above together and you get the symmetric encryption algorithm defined in the TLS cipher suite
For example, AES128-GCM, which stands for AES algorithm with 128-bit key length, uses the GCM grouping mode. Chacha20-poly1305 stands for ChaCha20 algorithm and uses the grouping pattern Poly1305.
Asymmetric encryption
Symmetric encryption may seem like perfect secrecy, but there’s a big problem: how to safely transfer the key to each other, a term called “key exchange.”
Because in symmetric encryption algorithms as long as the key can be decrypted. If the key you agreed to with a website is stolen in transit by a hacker, he can then decrypt the data he sends and receives at will, and the communication process is no longer confidential.
How to solve this problem?
You might say, “Just encrypt the key and send it,” but transferring the “key to encrypt the key” is a new problem. It’s like the chicken-and-egg recursion that goes on indefinitely. Symmetric encryption algorithm alone is absolutely unable to solve the key exchange problem.
As a result, asymmetric encryption (also known as public-key encryption algorithms) emerged.
It has two keys, a public key and a private key. The two keys are different, “asymmetric,” and the public key can be made public for anyone to use, while the private key must be kept strictly secret.
The public key and private key have a special “one-way”, although both can be used to encrypt and decrypt, but the public key encryption can only be decrypted with the private key, and vice versa, the private key encryption can only be decrypted with the public key.
Asymmetric encryption can solve the “key exchange” problem. The website keeps the private key in secret and distributes the public key arbitrarily on the Internet. You want to log in to the website as long as it is encrypted with the public key, and the ciphertext can only be decrypted by the private key holder. Hackers can’t crack the ciphertext because they don’t have a private key.
Asymmetric encryption algorithm design is much more difficult than symmetric algorithm, there are only a few in TLS, such as DH, DSA, RSA, ECC and so on.
RSA is probably the best known of these, almost synonymous with asymmetric encryption
Compared with RSA, ECC has obvious advantages in security strength and performance. A 160-bit ECC corresponds to 1024-bit RSA, while a 224-bit ECC corresponds to 2048-bit RSA. Because the key is short, so the corresponding amount of calculation, consumption of memory and bandwidth is less, encryption and decryption performance is up, for the current mobile Internet is very attractive.
Mixed encryption
Looking at this, do you think you can abandon symmetric encryption and use asymmetric encryption for confidentiality?
Unfortunately, asymmetric cryptography does not have a “key exchange” problem, but because they are based on complex mathematical puzzles, computation is slow, and even ECC is orders of magnitude worse than AES. If asymmetric encryption is used only, the security is guaranteed, but communication is as fast as tortoise, snail, and practicality becomes zero.
So, is it possible to combine symmetric encryption and asymmetric encryption, both of which learn from each other, that is, efficient encryption and decryption, and safe key exchange.
This is the hybrid encryption now used in TLS, and it’s actually quite simple:
At the beginning of communication, asymmetric algorithms such as RSA and ECDHE are used to solve the key exchange problem first.
It then uses random numbers to generate a “session key” used by the symmetric algorithm, and encrypts it with a public key. Because session keys are short, usually only 16 or 32 bytes, it doesn’t matter if they are slower.
The peer party decrypts the ciphertext with the private key and extracts the session key. In this way, the secure exchange of symmetric keys is realized, and asymmetric encryption is no longer used, but symmetric encryption is used.
In this way, hybrid encryption solves the key exchange problem of symmetric encryption algorithm, and achieves confidentiality perfectly.
However, this is only the first step, there are still integrity, identity authentication, non-repudiation and other features are not implemented, so the current communication is not absolutely secure, we will talk about it next time.