HTTP vs HTTPS

What I only know about the HTTPS is

— it encrypts data when sending between client and server.

Every time I search about HTTPS, there are always some prerequisites that they suggest to understand:

My problem is I seem like understand about those prerequisites, but I have no idea why and where is that part of the HTTPS is used it.

Right now, let forget all of them — and the prerequisites I would like you to know before looking at HTTPS is HTTP(you can find any other resource about the meaning and understand clearly, because after you understand what is http, https is almost done for you).

First of all, as standard port 80 is reserved for HTTP and 443 is reserved HTTPS.

HTTP

Two steps in order to communicate over HTTP

HTTPS

HTTPS is the http that is secure by encrypting data over communication by using Symmetric key (both client and server has the same key to encrypt and decrypt before sending the data). We may wonder how client and server can have the same key without MITM knowing that key.

The process to create that Symmetric Key is called TLS hand shack. (TLS: Transport Layer Security) — Let’s focus on the detail in the image below:

Three steps in order to communicate over HTTPS

After understanding about HTTPS. You may have some questions about it:

Summary

Comparing between HTTP vs HTTPS

WARNING: I am a lazy one — This article is not proper proof within the official evident and enough research on this topic. So I don’t recommend to use this article as reference without your own proof. Anyways it could be a perfect brainstorming and brief for you to get some idea before reading another reliability one — Please let me know if what I have listed down is not correct — Enjoy.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store