Shulou(Shulou.com)06/01 Report--

This article is about how to use homing pigeons to explain HTTPS. I think it is very practical, so I share it with you. I hope you can get something after reading this article. Let's take a look at it.

Cryptography is a difficult subject to understand because it is full of mathematical theorems. But unless you actually develop a system of encryption algorithms, there is no need to force you to understand those esoteric mathematical theorems.

Alice, Bob and. Pigeon?

Any activity you do on the Internet (reading this article, shopping on Amazon, uploading pictures, etc.) boils down to sending and receiving information from a server.

This may be a bit abstract, so let's assume that these messages are delivered by carrier pigeons. I know this assumption is a little too casual, but believe me, that's how HTTPS works, even though it's much faster.

Let's not talk about server, client or hacker attacks, let's talk about Alice, Bob and Mallory. If this is not your first exposure to cryptography theory, you should know these names because they are often mentioned in a variety of cryptographic literature.

Primary communication

If Alice wants to send a message to Bob, she will tie the message to the leg of the carrier pigeon and send it to Bob. Bob received the message and read it. It was perfect.

But what if Mallory intercepted Alice's pigeon and tampered with the information? Bob had no way to know that Alice's message had been modified in the course of transmission.

This is how HTTP works. It looks scary, right? I will not send my bank credit certificate through HTTP, and neither should you.

A hidden password

So if Alice and Bob are very witty. They agreed to use a hidden password to write their messages. They move each letter in the message forward three digits in the order in the alphabet. For example, D → A, E → B, F → C. In this way, the message originally written as "secret message" becomes "pbzobq jbppxdb".

So now if Mallory intercepts the carrier pigeon again, she can neither make meaningful changes nor know the content of the message, because she doesn't know what the hidden password is. However, Bob can easily reverse the password and rely on rules such as A → D, B → E, C → F to decipher the content of the message. The encrypted message "pbzobq jbppxdb" will be cracked and restored to "secret message".

Got it!

This is symmetric key encryption, because if you know how to encrypt a message, you can also decrypt it.

The above password is often referred to as Caesar code. In real life, we use more exotic and complex passwords, but the principle is the same.

How do we decide the key?

Symmetric key encryption is very secure if no one but the sender and recipient knows what key is being used. In Caesar encryption, a key is the offset of how many bits need to be moved from each letter to an encrypted letter. In my previous distance, the offset I used was 3, but I could also use 4 or 12.

The problem is that if Alice and Bob don't meet before they start using homing pigeons, they don't have a safe way to establish the key. If they came to pass the key in the letter themselves, Mallory would intercept the message and find the key. This allows Mallory to read their messages and tamper with them as she wishes before or after Alice and Bob start encrypting their messages.

This is a typical example of a man-in-the-middle attack, and the only way to avoid this problem is for both sender and sender to modify their coding system together.

Pass the box through the carrier pigeon

So Alice and Bob came up with a better system. When Bob wants to send a message to Alice, he will follow these steps:

Bob sent Alice a pigeon without any message.

Alice sent the pigeon back to Bob, and the pigeon had a box with an open lock. Alice kept the key to the lock.

Bob put the letter in the box, locked it and gave the box to Alice.

Alice received the box, opened it with the key and read the message.

In this way Mallory could not tamper with the information by intercepting pigeons because she did not have the key to open the box. Alice follows the same process when she wants to send a message to Bob.

The process used by Alice and Bob is often referred to as asymmetric key encryption. It's called asymmetry because even if you encode the information (lock the box), you can't decipher the message (open the locked box).

In terminology, the box is called a public key and the key used to open the box is called a private key.

How to trust the box

If you pay a little attention, you will find that there is still a problem. When Bob received the box, how could he be sure that it came from Alice, not Mallory, who intercepted the pigeon and replaced it with a box that she had a key to open?

Alice decided to sign the box so that Bob could check the signature when he received the box to make sure it was sent by Alice.

So some of you may wonder, how could Bob recognize Alice's signature in the first place? That's a good question. Alice and Bob did have this problem, so they decided to let Ted mark the box instead of Alice.

So who's Ted? Ted is famous and a trustworthy guy. He will sign for anyone and everyone trusts that he will only sign and mark boxes for legitimate people.

If Ted can confirm that the person who asked for his autograph is Alice, he will sign Alice's box. So it was impossible for Mallory to get a box signed by Ted on behalf of Alice because Bob knew that Ted would only sign the people he had confirmed in order to see through Mallory's trick.

Ted's role is called a certification body in terminology. The browser you use to read this article is packaged with the signatures of many certification bodies.

So when you access a website for the first time, you can trust the box from that site because you trust Ted and Ted will tell you that the box is legal.

A heavy box

Now Alice and Bob have a reliable system to communicate, but they also realize that it is slower for pigeons to carry boxes than they used to carry letters.

So they decided that only when they chose to use symmetric encryption to encode the information (remember Caesar encryption? When using the method of passing the box (asymmetric encryption)

In this way, we can have the advantages of both, the reliability of asymmetric encryption and the high efficiency of symmetric encryption.

In the real world, we will not use carrier pigeons as slow means of sending messages, but using asymmetric encryption to encode information is still slower than using symmetric encryption, so we only use asymmetric encryption when exchanging coding keys.

The above is how to use carrier pigeons to explain HTTPS, the editor believes that there are some knowledge points that we may see or use in our daily work. I hope you can learn more from this article. For more details, please follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.