https principle
- (*-*)浩Original
- 2019-11-15 11:44:087546browse
HTTPS (full name: Hyper Text Transfer Protocol over SecureSocket Layer) is an HTTP channel aimed at security. Based on HTTP, it ensures the security of the transmission process through transmission encryption and identity authentication.
HTTPS adds an SSL layer to the foundation of HTTP. The security foundation of HTTPS is SSL, so the details of encryption require SSL. HTTPS has a different default port than HTTP and an encryption/authentication layer (between HTTP and TCP). (Recommended learning: web front-end video tutorial)
This system provides authentication and encrypted communication methods. It is now widely used for security-sensitive communications on the World Wide Web, such as transaction payments.
HTTPS principle
① The client sends the list of algorithms it supports and a random number used to generate the key to the server;
② The server selects an encryption algorithm from the algorithm list and sends it and a certificate containing the server's public key to the client; The certificate also contains the information used for authentication The server identification of the destination, the server also provides a random number used to generate the key;
③ The client verifies the server's certificate (for verification certificates, please refer to the digital signature), and extracts the server's Public key; then, generate a random password string called pre_master_secret, encrypt it using the server's public key (refer to asymmetric encryption/decryption), and send the encrypted information to the server;
④ The client and server independently calculate the encryption and MAC keys based on pre_master_secret and the random values of the client and server (refer to the DH key exchange algorithm);
⑤ The client will all The MAC value of the handshake message is sent to the server;
⑥ The server sends the MAC value of all handshake messages to the client.
The above is the detailed content of https principle. For more information, please follow other related articles on the PHP Chinese website!