HTTPS如何提供安全性？ [英] How does HTTPS provide security?

问题描述

我想知道如何实现HTTPS。数据是加密的还是路径是加密的（通过哪些数据传递）。如果有人向我提供实施细节，我将感激不尽。

I want to know how HTTPS is implemented. Whether the data is encrypted or path is encrypted (through which data is passed). I will be thankful if someone provides me implementation details.

推荐答案

很简单，HTTPS使用安全套接字层来加密传输的数据客户端和服务器之间。 SSL使用RSA算法 http://en.wikipedia.org/wiki/RSA ，不对称加密技术。算法如何工作的确切细节是复杂的，但基本上它利用了这样一个事实，即将两个大质数相乘很容易，将结果分解回成分素数是非常非常困难的。所有SSL / RSA加密的工作原理如下：

Very simply, HTTPS uses Secure Socket Layer to encrypt data that is transferred between client and server. SSL uses the RSA algorithm http://en.wikipedia.org/wiki/RSA, an asymmetric encryption technology. The precise details of how the algorithm works is complex, but basically it leverages the fact that whilst multiplying two large prime numbers together is easy, factoring the result back into the constituent primes is very, very hard. How all SSL/RSA encryption works is:

服务器生成两个大的素数，并将它们相乘。这被称为公钥。该密钥可供任何希望将数据安全地传输到服务器的客户端使用。客户端使用此公钥来加密它希望发送的数据。现在因为这是一个非对称算法，公钥不能用于解密传输的数据，只加密它。为了解密，您需要原始素数，并且只有服务器具有这些（私钥）。收到加密数据后，服务器使用其私钥解密传输。

The server generates two large prime numbers, and multiplies them together. This is called the "public key". This key is made available to any client which wishes to transmit data securely to the server. The client uses this "public key" to encrypt data it wishes to send. Now because this is an asymmetric algorithm, the public key cannot be used to decrypt the transmitted data, only encrypt it. In order to decrypt, you need the original prime numbers, and only the server has these (the "private key"). On receiving the encrypted data, the server uses its private key to decrypt the transmission.

如果您浏览网页，浏览器会向服务器提供公钥。服务器使用此密钥加密要发送到浏览器的数据，然后浏览器使用其私钥进行解密。

In the case of you browsing the web, your browser gives the server its public key. The server uses this key to encrypt data to be sent to your browser, which then uses its private key to decrypt.

所以是通过HTTP传输到服务器/从服务器传输的所有数据加密 - 加密好。典型的SSL实现使用128或256位数字作为其键。要打破这一点，您需要真正大量的计算资源。

So yes all data transmitted to/from server over HTTPs is encrypted - and encrypted well. Typical SSL implementations use 128 or 256 digits for their keys. To break this you need a truly vast amount of computing resources.

据我所知，对服务器资产的请求未加密 - 请使用httpfox https://addons.mozilla.org/en-US/firefox/addon/6647/ 或Wireshark http://www.wireshark.org/ 或确认的事情。

As far as I am aware the request for a server asset is not encrypted - use httpfox https://addons.mozilla.org/en-US/firefox/addon/6647/ or Wireshark http://www.wireshark.org/ or something to confirm.

这篇关于HTTPS如何提供安全性？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！