All about HTTPS (part-1)

Why do we even need HTTPS protocol?

When you arrived at this post, do you see any green pad lock on your address bar of the browser just in front of dev.to? Let me tell you what is it and why is it there?

This green lock represents that the…


This content originally appeared on DEV Community and was authored by Akash Kumar Sikarwar

Why do we even need HTTPS protocol?

When you arrived at this post, do you see any green pad lock on your address bar of the browser just in front of dev.to? Let me tell you what is it and why is it there?

This green lock represents that the site is using HTTPS as its protocol and is relatively more secure than when it is not there.

We need HTTPS for mainly three reasons:

1. Privacy
Lets talk about Privacy first. Lets say we have three people Alice, Bob and Candice. Alice is trying to send messages to Bob and the message is not encrypted meaning plain text. If we don't have HTTPS an evil person like Candice who is jealous of their friendship can listen on the communication and also can capture the messages potentially for doing evil things.

privacy

Privacy means that no one can eavesdrop on your messages. The green padlock on the URL bar of our browser tells us that there is no one watching over our shoulder.

2. Integrity
Second comes Integrity. Lets suppose when Alice sends another message to Bob unencrypted saying some nice words, but before it reaches Bob Candice intercepts the message and updates it with bad words about Bob and forwards to him, ruining their friendship. This is called man-in-the-middle attack.
image

Integrity means that the message is not manipulated on the way to its destination.

3. Identification
Lets take the same example from above. Identification means that Bob can check that this message is indeed coming from Alice. A digital signature attached to a message can identify the sender. And when you are browsing the web, identification means that the site that you are visiting is indeed the one you think it is.
HTTPS, via SSL certificates, ensures you are connected exactly with the receiver you would expect. This SSL certificate is valid and has been issued by a legitimate Certificate Authority. You are good to go.
image

Now that we know the why, the next step is to understand symmetric and asymmetric encryption.


This content originally appeared on DEV Community and was authored by Akash Kumar Sikarwar


Print Share Comment Cite Upload Translate Updates
APA

Akash Kumar Sikarwar | Sciencx (2021-07-10T09:41:12+00:00) All about HTTPS (part-1). Retrieved from https://www.scien.cx/2021/07/10/all-about-https-part-1/

MLA
" » All about HTTPS (part-1)." Akash Kumar Sikarwar | Sciencx - Saturday July 10, 2021, https://www.scien.cx/2021/07/10/all-about-https-part-1/
HARVARD
Akash Kumar Sikarwar | Sciencx Saturday July 10, 2021 » All about HTTPS (part-1)., viewed ,<https://www.scien.cx/2021/07/10/all-about-https-part-1/>
VANCOUVER
Akash Kumar Sikarwar | Sciencx - » All about HTTPS (part-1). [Internet]. [Accessed ]. Available from: https://www.scien.cx/2021/07/10/all-about-https-part-1/
CHICAGO
" » All about HTTPS (part-1)." Akash Kumar Sikarwar | Sciencx - Accessed . https://www.scien.cx/2021/07/10/all-about-https-part-1/
IEEE
" » All about HTTPS (part-1)." Akash Kumar Sikarwar | Sciencx [Online]. Available: https://www.scien.cx/2021/07/10/all-about-https-part-1/. [Accessed: ]
rf:citation
» All about HTTPS (part-1) | Akash Kumar Sikarwar | Sciencx | https://www.scien.cx/2021/07/10/all-about-https-part-1/ |

Please log in to upload a file.




There are no updates yet.
Click the Upload button above to add an update.

You must be logged in to translate posts. Please log in or register.