Skip to main content

Ccie certification cost Overview of HTTPS principles

Ccie certification cost Overview of HTTPS principles

HTTPS ( Hyper Text Transfer Protocol over Secure Socket Layer or Hypertext Transfer Protocol Secure), It is an HTTP channel that is aimed at security. It is simply a secure version of HTTP. That is, the SSL layer is added under HTTP. The security basis of HTTPS is SSL, so the details of encryption require SSL.(ccie certification cost)



Since the HTTP protocol is transmitted in plain text, there are three major risks:
1. Risk of eavesdropping: third parties can intercept and view your content
2. The danger of being tampered with: third parties can intercept and modify your content
3. The risk of being impersonated: a third party can pretend to be a communication party to communicate with you.

HTTP has the emergence of HTTPS because of the above three major security risks.

The difference between HTTPS and HTTP

The Hypertext Transfer Protocol HTTP protocol is used to transfer information between a web browser and a web server. The HTTP protocol sends content in clear text. It does not provide any way of data encryption. If an attacker intercepts a transmission message between a web browser and a web server, the information can be directly read, Therefore, the HTTP protocol is not suitable for transmitting some sensitive information, such as credit card numbers and passwords.(ccie certification cost)

In order to solve this shortcoming of the HTTP protocol, another protocol is needed: the hypertext transport security protocol HTTPS. For the security of data transmission, HTTPS adds SSL protocol based on HTTP. SSL relies on certificates to verify the identity of the server and encrypt the communication between the browser and the server.(ccie certification cost)

The difference between HTTPS and HTTP is mainly the following four points:

First, the https protocol needs to apply for a certificate at ca. Generally, there are few free certificates and you need to pay the fee.

Second, http is a hypertext transfer protocol, the information is transmitted in plaintext, and https is a secure ssl encrypted transmission protocol.

Third, http and https use completely different connection methods, and the ports used are different. The former is 80 and the latter is 443.

Fourth, the connection of http is very simple, it is stateless; HTTPS protocol is a network protocol built by SSL+HTTP protocol for encrypted transmission and identity authentication, which is more secure than http protocol.(ccie certification cost)

SSL (Secure Sockets Layer), and its successor, Transport Layer Security (TLS), is a security protocol that provides security and data integrity for network communications. TLS and SSL encrypt the network connection at the transport layer.(ccie certification cost)

Symmetric encryption: 

Symmetric encryption is also called private key encryption, where the sender and receiver of the message use the same key to encrypt and decrypt the data. Symmetric encryption is characterized by fast algorithm disclosure, encryption and decryption, and is suitable for encrypting large data volumes. Common symmetric encryption algorithms are DES, 3DES, TDEA, Blowfish, RC5 and IDEA.

The encryption process is as follows: plaintext + encryption algorithm + private key => ciphertext
The decryption process is as follows: ciphertext + decryption algorithm + private key => plaintext
The private key in the encryption process is the same key as the private key used in the decryption process, which is why encryption is called "symmetry". Since the symmetric encryption algorithm is public, once the private key is leaked, the ciphertext is easily cracked, so the disadvantage of symmetric encryption is that key security management is difficult.

Asymmetric encryption:

Asymmetric encryption is also known as public key encryption. Asymmetric encryption is more secure than symmetric encryption. Symmetrically encrypted communication parties use the same key. If one of the keys is compromised, the entire communication will be cracked. Asymmetric  encryption uses a pair of keys, the public and private keys, and the two appear in pairs. The private key is saved by itself and cannot be leaked. A public key refers to a public key that is available to anyone. Encrypt with either the public or private key and decrypt with the other.(ccie certification cost)

The ciphertext encrypted by the public key can only be decrypted by the private key. The process is as follows:
Plaintext + encryption algorithm + public key => ciphertext, ciphertext + decryption algorithm + private key => plaintext
The ciphertext encrypted by the private key can only be decrypted by the public key. The process is as follows:
Plaintext + encryption algorithm + private key => ciphertext, ciphertext + decryption algorithm + public key => plaintext
The disadvantage of asymmetric encryption is that encryption and decryption take a long time and is slow, and is only suitable for encrypting a small amount of data.

The main algorithms used in asymmetric encryption are: RSA, Elgamal, Rabin, D-
H, ECC (elliptic curve encryption algorithm).

SSL protocol work process

Server authentication phase:

1) The client sends a start message "Hello" to the server to start a new session connection;
2) The server determines whether it is necessary to generate a new master key according to the information of the client, and if necessary, the server will include the information required to generate the master key in response to the "Hello" information of the client;
3) The client generates a master key according to the received server response information, and encrypts it with the server's public key and transmits it to the server;
4) The server restores the master key and returns to the client a message authenticated by the master key to allow the client to authenticate the server.
User authentication phase

Prior to this, the server has passed the customer certification, and this stage mainly completes the certification of the customer. The authenticated server sends a question to the customer, and the customer will
Returns the signed question and its public key to provide authentication to the server.

Publisher:IE LAB
publish Website: http://ielab.network 
WhatsApp: +8617782638871
Skype:live:ielab.anna

Ccie certification cost Overview of HTTPS principles

Comments

Post a Comment

Popular posts from this blog

Cisco ccie exam Linux overview and history

      Cisco ccie exam Linux overview and history Simply put, the Linux operating system is a clone of the UNIX operating system, which was born on October 5, 1991 (the first time it was officially announced). It's the same as Microsoft's Windows, apple's MAC OS and android on mobile phones. Cisco ccie exam.Compared to ordinary people, Linux system may be relatively unfamiliar, and most of them are probably familiar with Windows system. Since the graphical interface of Windows is simpler and easier to use, Windows occupies more markets, and Linux systems are mainly command-line operations, which are more demanding for professionalism.Cisco ccie exam Linux systems are stable, secure, and have strong concurrency, so they are widely used in the server field. The professional servers are almost all Linux systems. Linux is open source, free, everyone can see the source code of Linux, you can use Linux for free. And the Linux kernel is short and lean, and some can only be a ...
Post a Comment
Read more

Cisco ccie exam You must know about SD-WAN... (1)

Cisco ccie exam You must know about SD-WAN... (1) 1. What is SD-WAN? "SD-WAN is a service formed by applying SDN technology to a wide area network scenario. Cisco ccie exam.This service is used to connect a wide range of enterprise networks, including enterprise branches and data centers."Although in many consulting reports or vendor solutions, SD-WAN is often limited to the networking scenarios where enterprise branch offices are interconnected.However, based on the definition of SD-WAN, the application scenarios of SD-WAN can be summarized into three categories: enterprise interconnection, data center interconnection and cloud interconnection scenarios. The enterprise interconnection SD-EN (SDN based Enterprise Network) focuses on the WAN connection on the user side, providing an efficient SDN-based solution for the connection between the enterprise headquarters and branch offices across the WAN.SD-DCI (SDN based Data Center Interconnection) refers to an SDN-based solutio...
Post a Comment
Read more

ccie lab dumps R&S - -How far is IPv6

ccie lab dumps R&S---How far is IPv6 First, understand IPV6 When using the mobile app, I found that there is a small line "Supported IPv6" at the bottom of the welcome page. According to global IPv6 statistics released by Google, by the end of November 2018, the global IPv6 penetration rate has exceeded 25.04%, while China's IPv6 penetration rate is only 2.93%.ccie lab dumps.In 2019, both operators and Internet companies have begun to popularize IPv6 on a large scale. So what is IPv6? When it comes to IPv6, you can't help but mention the IPv4 protocol you are using now. "The father of the Internet" Wendun Joseph created the Internet communication protocol "IPv4" in 1977, allowing global computers to connect to each other. An IP address is a series of numbers assigned to each computer, website, or other networked device, and each IP address is unique.ccie lab dumps. Since the IP address length specified in IPv4 is 32 bits, the rapid development ...
Post a Comment
Read more