HTTPS Communication Data Encryption

This section describes the HTTPS communication data encryption process - Browser generates an encryption key, encrypts it using server public key and sends it to the server; Browser encrypts data with the encryption key; Server encrypts return data with the same encryption key.

As mentioned earlier, communication encryption is also an important process to ensure the security of the HTTPS communication. The following diagram from snapblox.com shows how HTTPS communication encryption is done at a high level:
HTTPS Communication Data Encryption

As you can see from the diagram, after it is done with the Web server authentication process (Step 1 and 2 in the diagram), the browser starts the communication encryption process with these activities:

Generating and delivering an encryption key (Step 3 in the diagram):

Sending and receiving encrypted data (Step 4 in the diagram):

The goal of HTTPS communication encryption is to build a protection on data exchanged between the browser and the server. The protected data will travel through many other systems between your browser and the server. But no other system can see the content of the data because the data is encrypted.

Can you full trust the HTTPS communication encryption? Yes, you can, if following assumptions are true:

Last update: 2011.

Table of Contents

 About This Book

 Introduction of PKI (Public Key Infrastructure)

Introduction of HTTPS (Hypertext Transfer Protocol Secure)

 What Is HTTPS (Hypertext Transfer Protocol Secure)?

 HTTPS Server Authentication Process

HTTPS Communication Data Encryption

 Using HTTPS with IE (Internet Explorer) 10

 Using HTTPS with Chrome 40

 Using HTTPS with Firefox 35

 Perl Scripts Communicating with HTTPS Servers

 PHP Scripts Communicating with HTTPS Servers

 Java Programs Communicating with HTTPS Servers

 Certificate Stores and Certificate Console

 .NET Programs Communicating with HTTPS Servers

 CAcert.org - Root CA Offering Free Certificates

 PKI CA Administration - Issuing Certificates

 Digital Signature - Microsoft Word 2007

 Digital Signature - OpenOffice.org 3

 S/MIME and Email Security

 PKI (Public Key Infrastructure) Terminology

 Outdated Tutorials

 References

 PDF Printing Version