HTTPS and TLS Security
HTTPS = HTTP + TLS
HTTPS is not a separate protocol; it is simply standard HTTP traffic wrapped in a TLS (Transport Layer Security) encryption layer. It provides three core security guarantees:
| Security Goal | Threat | TLS Solution |
|---|---|---|
| Confidentiality | Eavesdropping | Symmetric Encryption (e.g., AES) |
| Integrity | Tampering | Message Authentication Codes (HMAC/GCM) |
| Authentication | Impersonation | Digital Certificates + Asymmetric Encryption |
Hybrid Encryption Architecture
TLS uses a hybrid approach to balance security and performance:
- Asymmetric Encryption (RSA / ECDHE): Used only during the handshake to securely exchange a secret key.
- Symmetric Encryption (AES / ChaCha20): Used to encrypt the actual data once the secret key is shared. This is significantly faster and uses less CPU.
The TLS 1.2 Handshake (Simplification)
Client Server
│ │
│ ① Client Hello │
│ (Supported TLS versions, Ciphers, Random A) │
│ ────────────────────────────────────────────▶ │
│ │
│ ② Server Hello (Selected Cipher, Random B) │
│ ③ Certificate (Identity Proof) │
│ ④ Server Key Exchange (DH Parameters) │
│ ⑤ Server Hello Done │
│ ◀──────────────────────────────────────────── │
│ │
│ Validate Certificate (via CA Chain) │
│ ⑥ Client Key Exchange (DH Parameters) │
│ ⑦ Change Cipher Spec (Switching to Encrypted)│
│ ⑧ Finished (Verify Handshake) │
│ ────────────────────────────────────────────▶ │
│ │
│ ⑨ Change Cipher Spec │
│ ⑩ Finished │
│ ◀──────────────────────────────────────────── │
Digital Certificates and The Trust Chain
How do you know that google.com is actually Google? Through CA (Certificate Authorities).
- Generation: The server generates a Public/Private key pair. It sends the Public key to a CA.
- Signing: The CA verifies the server's identity and issues a certificate. The certificate contains the server's public key and is digitally signed with the CA's private key.
- Verification: Your browser contains the public keys of all trusted Root CAs. It uses these to verify the signature on the server's certificate. If the math checks out, the browser trusts the public key inside.
TLS 1.3: Faster and Safer
TLS 1.3 was a major overhaul that focused on speed and modern security:
- 1-RTT Handshake: Established connections in one round trip instead of two.
- Perfect Forward Secrecy: Removed support for static RSA key exchange. Every session now must use DH-style ephemeral keys, meaning if a server's long-term private key is stolen, past recorded traffic still cannot be decrypted.
- Removed Weak Ciphers: Eliminated support for old, broken algorithms like MD5, SHA-1, and RC4.
Implementation Insights
SNI (Server Name Indication)
Because the TLS handshake happens before the HTTP request, the server doesn't know which domain the client wants if multiple sites share one IP (Virtual Hosting). SNI fixes this by including the target hostname in the cleartext Client Hello packet, allowing the server to pick the correct certificate to present.
HSTS (HTTP Strict Transport Security)
Even with HTTPS available, a user might type http:// or be redirected by an attacker (SSL Stripping). HSTS is a header that tells the browser: "For the next year, never connect to me via HTTP. Always upgrade to HTTPS automatically before even hitting the network."