SlideShare a Scribd company logo

Describe- in your own words- the mechanism for establishing a HTTPS co.docx

Download as DOCX, PDF
E
earleanp

Establishing an HTTPS connection involves a three-phase handshake: hello, certificate exchange, and key exchange. The client initiates contact with a hello message, followed by the server's response; then, the server proves its identity with an SSL certificate, which the client verifies. Finally, a symmetric key for encryption is securely exchanged, allowing encrypted HTTP requests and responses to be transmitted between client and server.

Education
1 of 2
Download to read offline
1
2
Describe, in your own words, the mechanism for establishing a HTTPS connection. Solution HTTPS consists of communication over HTTP (Hypertext Transfer Protocol) with an encrypted layer such as Transport Layer Security (TSL) or Secure Sockets Layer (SSL). The connection between Client and Server using HTTPS is established by a handshake process which has 3 main phases namely Hello, Certificate exchange and key exchange. a) Hello- This is the first phase where the client sends a message ClientHello which contains all the necessary information such as various cipher suites, SSL version number etc. for the server to connect to the client via SSL. Then the server responds with a ServerHello message which contains similar information for client. b) Certificate Exchange – Once the contact is established between the Server and the Client, the server has to prove its identity to the client using its SSL certificate. The SSL certificate contains various information such as name of the owner, the domain it is attached to, the certificate’s public key, certificate’s validity dates etc. The client then verifies the certificate whether it is a trusted certificate or it is verified and trusted by one of several Certificate Authorities (CAs) which client trusts. c) Key Exchange – In this phase the exchange of encryption key is happened by the client and server using a symmetric algorithm which was already agreed during the Hello phase. The client generates a random key for the symmetric algorithm. It then encrypts the key using an algorithm (which was also agreed upon during the Hello phase) and the server’s public key from the SSL certificate. Client then sends this encrypted key to the server, where it is decrypted using the server’s private key.
Once the client and server have verified each over’s identity and have secretly agreed on a key to symmetrically encrypt the data that they are about to send each other, then the HTTP requests and responses can start flowing form one party to other in the form of a plaintext message with encryption. The other party using the key decrypt is while reading.

More Related Content

PPTX
Transport Layer Security (TLS)
Arun Shukla
 
PPTX
The last picks
Nafiur Rahman Tuhin
 
PDF
presentation2-151203145018-lva1-app6891.pdf
GumanSingh10
 
PPTX
SSL
Badrul Alam bulon
 
PDF
Understanding transport-layer_security__ssl
Mainak Goswami
 
PPT
cryptography and network security thid.ppt
ubaidullah75790
 
PPT
SSL Communication and Mutual Authentication
Cleo
 
PPTX
SSL/TLS
Sirish Kumar
 
Transport Layer Security (TLS)
Arun Shukla
 
The last picks
Nafiur Rahman Tuhin
 
presentation2-151203145018-lva1-app6891.pdf
GumanSingh10
 
SSL
Badrul Alam bulon
 
Understanding transport-layer_security__ssl
Mainak Goswami
 
cryptography and network security thid.ppt
ubaidullah75790
 
SSL Communication and Mutual Authentication
Cleo
 
SSL/TLS
Sirish Kumar
 

Similar to Describe- in your own words- the mechanism for establishing a HTTPS co.docx (20)

PPTX
Https
Billa Kota Sriram
 
PPT
Web Security
Ram Dutt Shukla
 
PPT
ngrubksgj.pptdagji;jgisofjapfjagiahguhkg
jayewi2029
 
PPT
ch17.ppt
SomuPatil8
 
PDF
Details about the SSL Certificate
CheapSSLUSA
 
PPTX
SSL/TLS Introduction with Practical Examples Including Wireshark Captures
JaroslavChmurny
 
PPT
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.ppt
SonukumarRawat
 
DOCX
SSL-image
Rajat Toshniwal
 
PDF
CRYPTOGRAPHY AND NETWORK SECURITY- Transport-level Security
Jyothishmathi Institute of Technology and Science Karimnagar
 
PPT
ssl
sjyuva
 
PDF
SSL/TLS Handshake
Arpit Agarwal
 
PPT
Lecture17
Châu Thanh Chương
 
PPT
SSL
theekuchi
 
PPTX
Certificate pinning in android applications
Arash Ramez
 
PPT
Unit -- 5.ppt
DHANABALSUBRAMANIAN
 
DOCX
Explain how SSL protocol is used to ensure the confidentiality and int.docx
todd401
 
PPTX
TLS/SSL - Study of Secured Communications
Nitin Ramesh
 
PPTX
SSL TLS Protocol
Devang Badrakiya
 
PPT
2 - IP Security2 - IP Security2 - IP Security2 - IP Security
lixir25483
 
PPT
Ch17
Joe Christensen
 
Https
Billa Kota Sriram
 
Web Security
Ram Dutt Shukla
 
ngrubksgj.pptdagji;jgisofjapfjagiahguhkg
jayewi2029
 
ch17.ppt
SomuPatil8
 
Details about the SSL Certificate
CheapSSLUSA
 
SSL/TLS Introduction with Practical Examples Including Wireshark Captures
JaroslavChmurny
 
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.ppt
SonukumarRawat
 
SSL-image
Rajat Toshniwal
 
CRYPTOGRAPHY AND NETWORK SECURITY- Transport-level Security
Jyothishmathi Institute of Technology and Science Karimnagar
 
ssl
sjyuva
 
SSL/TLS Handshake
Arpit Agarwal
 
Lecture17
Châu Thanh Chương
 
SSL
theekuchi
 
Certificate pinning in android applications
Arash Ramez
 
Unit -- 5.ppt
DHANABALSUBRAMANIAN
 
Explain how SSL protocol is used to ensure the confidentiality and int.docx
todd401
 
TLS/SSL - Study of Secured Communications
Nitin Ramesh
 
SSL TLS Protocol
Devang Badrakiya
 
2 - IP Security2 - IP Security2 - IP Security2 - IP Security
lixir25483
 
Ch17
Joe Christensen
 

More from earleanp (20)

DOCX
Create your own variant of both a hiring and a termination policy rela.docx
earleanp
 
DOCX
Determine the valuation of long-term liabilities- Donald Lennon is the.docx
earleanp
 
DOCX
Describe three of the following attack types in the Operation Security.docx
earleanp
 
DOCX
Describes the concept of ADTS and illustrates the concept with three o.docx
earleanp
 
DOCX
Describe- manage- and install Active Directory replication- federation.docx
earleanp
 
DOCX
Describe the process to start and restart apache on CENTOS command lin.docx
earleanp
 
DOCX
Describe the process of creating and exporting a schedule report for t.docx
earleanp
 
DOCX
Describe the principal technologies that have shaped contemporary tele.docx
earleanp
 
DOCX
Describe the typical duties of a security manager that are strictly ma.docx
earleanp
 
DOCX
Describe the four categories of international airports in the federal.docx
earleanp
 
DOCX
Describe the major types of VPNs and technologies- protocols- and serv.docx
earleanp
 
DOCX
Describe the different metrics that BGP can use in building a routing.docx
earleanp
 
DOCX
Describe the ethnic city and the benefit of ethnic communiti- (-I need.docx
earleanp
 
DOCX
Describe the different types of qualitative analysis and indicate whic.docx
earleanp
 
DOCX
Describe neo-evolution- What is it and what are its primary tenets- Pr.docx
earleanp
 
DOCX
Describe ip protocol security pros and cons-SolutionIP Protocol Securi.docx
earleanp
 
DOCX
Describe core competencies and their relationship to operations manage.docx
earleanp
 
DOCX
Describe in detail a man-in-the-middle attack on the Diffie-Hellman ke.docx
earleanp
 
DOCX
Describe events that led to the signing of the Homeland Security Act 2.docx
earleanp
 
DOCX
Describe an experiment that disproved the theory of classical mechanic.docx
earleanp
 
Create your own variant of both a hiring and a termination policy rela.docx
earleanp
 
Determine the valuation of long-term liabilities- Donald Lennon is the.docx
earleanp
 
Describe three of the following attack types in the Operation Security.docx
earleanp
 
Describes the concept of ADTS and illustrates the concept with three o.docx
earleanp
 
Describe- manage- and install Active Directory replication- federation.docx
earleanp
 
Describe the process to start and restart apache on CENTOS command lin.docx
earleanp
 
Describe the process of creating and exporting a schedule report for t.docx
earleanp
 
Describe the principal technologies that have shaped contemporary tele.docx
earleanp
 
Describe the typical duties of a security manager that are strictly ma.docx
earleanp
 
Describe the four categories of international airports in the federal.docx
earleanp
 
Describe the major types of VPNs and technologies- protocols- and serv.docx
earleanp
 
Describe the different metrics that BGP can use in building a routing.docx
earleanp
 
Describe the ethnic city and the benefit of ethnic communiti- (-I need.docx
earleanp
 
Describe the different types of qualitative analysis and indicate whic.docx
earleanp
 
Describe neo-evolution- What is it and what are its primary tenets- Pr.docx
earleanp
 
Describe ip protocol security pros and cons-SolutionIP Protocol Securi.docx
earleanp
 
Describe core competencies and their relationship to operations manage.docx
earleanp
 
Describe in detail a man-in-the-middle attack on the Diffie-Hellman ke.docx
earleanp
 
Describe events that led to the signing of the Homeland Security Act 2.docx
earleanp
 
Describe an experiment that disproved the theory of classical mechanic.docx
earleanp
 

Recently uploaded (20)

PPTX
Introduction-to-Literarature-and-Literary-Studies-week-Prelim-coverage.pptx
EricaRamos80
 
PDF
FourierSeries-QuestionsWithAnswers(Part-A).pdf
Raji Murugan
 
PPTX
PPT- ENG7_QUARTER1_LESSON1_WEEK1. IMAGERY -DESCRIPTIONS pptx.pptx
KMDee
 
PPTX
1st Inaugural Professorial Lecture held on 19th February 2020 (Governance and...
kawisojames10
 
PPTX
Cell Structure & Organelles in detailed.
DHANASHREESIVAKUMAR
 
PDF
A systematic review of self-coping strategies used by university students to ...
CleeveMoralde1
 
PPTX
Lesson notes of climatology university.
sgladness67
 
PPTX
Pharma ospi slides which help in ospi learning
rameetkumar304
 
PDF
STATICS OF THE RIGID BODIES Hibbelers.pdf
pascualasturiaskaye4
 
PPTX
Microbial diseases, their pathogenesis and prophylaxis
DevlinaSengupta
 
PPTX
master seminar digital applications in india
ananyaray35
 
PPTX
Final Presentation General Medicine 03-08-2024.pptx
ZaheerAhmad228692
 
DOC
Soft-furnishing-By-Architect-A.F.M.Mohiuddin-Akhand.doc
ArchitectAFMMohiuddi
 
PDF
Module 4: Burden of Disease Tutorial Slides S2 2025
Jonathan Hallett
 
PDF
Abdominal Access Techniques with Prof. Dr. R K Mishra
mohitsuren827
 
PDF
O5-L3 Freight Transport Ops (International) V1.pdf
labyankof
 
PDF
Chinmaya Tiranga quiz Grand Finale.pdf
Nitin Suresh
 
PDF
Black Hat USA 2025 - Micro ICS Summit - ICS/OT Threat Landscape
Chris Sistrunk
 
PPTX
Tissue processing ( HISTOPATHOLOGICAL TECHNIQUE
mathiasmelwyn7
 
PPTX
202450812 BayCHI UCSC-SV 20250812 v17.pptx
home
 
Introduction-to-Literarature-and-Literary-Studies-week-Prelim-coverage.pptx
EricaRamos80
 
FourierSeries-QuestionsWithAnswers(Part-A).pdf
Raji Murugan
 
PPT- ENG7_QUARTER1_LESSON1_WEEK1. IMAGERY -DESCRIPTIONS pptx.pptx
KMDee
 
1st Inaugural Professorial Lecture held on 19th February 2020 (Governance and...
kawisojames10
 
Cell Structure & Organelles in detailed.
DHANASHREESIVAKUMAR
 
A systematic review of self-coping strategies used by university students to ...
CleeveMoralde1
 
Lesson notes of climatology university.
sgladness67
 
Pharma ospi slides which help in ospi learning
rameetkumar304
 
STATICS OF THE RIGID BODIES Hibbelers.pdf
pascualasturiaskaye4
 
Microbial diseases, their pathogenesis and prophylaxis
DevlinaSengupta
 
master seminar digital applications in india
ananyaray35
 
Final Presentation General Medicine 03-08-2024.pptx
ZaheerAhmad228692
 
Soft-furnishing-By-Architect-A.F.M.Mohiuddin-Akhand.doc
ArchitectAFMMohiuddi
 
Module 4: Burden of Disease Tutorial Slides S2 2025
Jonathan Hallett
 
Abdominal Access Techniques with Prof. Dr. R K Mishra
mohitsuren827
 
O5-L3 Freight Transport Ops (International) V1.pdf
labyankof
 
Chinmaya Tiranga quiz Grand Finale.pdf
Nitin Suresh
 
Black Hat USA 2025 - Micro ICS Summit - ICS/OT Threat Landscape
Chris Sistrunk
 
Tissue processing ( HISTOPATHOLOGICAL TECHNIQUE
mathiasmelwyn7
 
202450812 BayCHI UCSC-SV 20250812 v17.pptx
home
 

Describe- in your own words- the mechanism for establishing a HTTPS co.docx

  • 1. Describe, in your own words, the mechanism for establishing a HTTPS connection. Solution HTTPS consists of communication over HTTP (Hypertext Transfer Protocol) with an encrypted layer such as Transport Layer Security (TSL) or Secure Sockets Layer (SSL). The connection between Client and Server using HTTPS is established by a handshake process which has 3 main phases namely Hello, Certificate exchange and key exchange. a) Hello- This is the first phase where the client sends a message ClientHello which contains all the necessary information such as various cipher suites, SSL version number etc. for the server to connect to the client via SSL. Then the server responds with a ServerHello message which contains similar information for client. b) Certificate Exchange – Once the contact is established between the Server and the Client, the server has to prove its identity to the client using its SSL certificate. The SSL certificate contains various information such as name of the owner, the domain it is attached to, the certificate’s public key, certificate’s validity dates etc. The client then verifies the certificate whether it is a trusted certificate or it is verified and trusted by one of several Certificate Authorities (CAs) which client trusts. c) Key Exchange – In this phase the exchange of encryption key is happened by the client and server using a symmetric algorithm which was already agreed during the Hello phase. The client generates a random key for the symmetric algorithm. It then encrypts the key using an algorithm (which was also agreed upon during the Hello phase) and the server’s public key from the SSL certificate. Client then sends this encrypted key to the server, where it is decrypted using the server’s private key.
  • 2. Once the client and server have verified each over’s identity and have secretly agreed on a key to symmetrically encrypt the data that they are about to send each other, then the HTTP requests and responses can start flowing form one party to other in the form of a plaintext message with encryption. The other party using the key decrypt is while reading.