Like Us on Facebook

How does HTTPS work

Hello guys!! Once again welcome to UandBlog.com. In our last post of HTTPS, we have discussed what is HTTPS and why it is so important to use. In this post we are going to discuss how does HTTPS work?? We already knew HTTPS stands for “Hypertext Transfer Protocol Secure”.

HTTPS = HTTP + S “S” is the SSL which is Secure Sockets Layer. But how does it work actually on web or internet. How does it secure your information and send it to the web server. Yes in this post you are going to understand this. So lets start…

what is https
 

How does HTTPS work?

Let’s assume you are going to login into your Gmail address. For login, you need a username and password. Which you do not want to share with anyone.  For access your Gmail account you have to sent your username and password to the Gmail server so the Gmail server can authenticate of your account. But the data you have entered that goes to the internet via some parts of the internet provider you use.So when you entered your username and password it goes from your network to the Gmail server via may goes other network too.

within other network

So it may possible for a person in such a companies, who has proper access to the network to be able to see the data might sent over the internet. Your data may not only your Gmail username and password, it may be your credit or debit card number, may be your pin number or may be your bank account information like sensitive things. So your data may fall into wrong hand.


http

This condition may happens in HTTP protocol. Thats why you need HTTPS protocol. “S” is nothing but a SSL which is Secure Sockets Layer. Which means your data securely goes to the web server.  Before knowing SSL you must know cryptography which is behind SSL.
 

What is Cryptography?

Cryptography is the basically hiding the information. Suppose your name is “john” using cryptograption algorithm we get a new string, very different from the original may be “GH7^^h%$#f”. This process of transformation we called encryption. In short encryption means sender and receiver allow a same code for their character string. Using a public key data encryption and private key data decryption happen. Public key, actually encrypt the data of the user and and send it to the server. Private key is used for decryption of the user data and the Private key does not share with anyone.

Public and Private Keys

So when browser encrypted the data and sent to the server then only server decrypted that data using private key, so no one can get the original data.

So when a user type HTTPS on the web address bar then first browser does make a connection with web server. And send a handshake message to the web server. In this message browser tells highest SSL version of the browser, compression type and some random type number which is used to key generation process.  And then server also sent back a message to the browser which contain is the web server support the browser format or not with same information.


Message sent both side

If server confirm the previous message true, then the server sent a digitally signature message to the browser. 

server sent digital signature

This message is for two reasons one is that server sent a public key to the browser, which is use for the data encryption. Now both browser and server ready to communicate. Second reason is that browser will knows the identity of the server. Now you can also see the proper website and you (browser side) also ready to communicate with your website. You are also confirm that the data you will be enter that will go to the right server.

Using this procedure HTTPS protocol securely sent data to the web server. Thats why no can steal any sensitive data of the user.
 

Posted By UandBlog

UandBlog is a Global Leading source of Finance, Health, Lifestyle, Technology, Gaming and Programing and other information, it is a fastest growing blog for all , for latest post or information like us on facebook , follow on Twitter, Google+ and Pinterest.

Comments ( 0 )

    Leave a comment..

    Click to login.