Hacking For Beginners – Manthan Desai
2010
43. What is Secure Sockets Layers (SSL)?
Secure Sockets Layer (SSL) is the most widely used between the webclient and the web server. Most of us are familiar protocol in theirlogin pages. When we see this, we may wonder what’s the difference between http and https . In simple words HTTPprotocol is used for standard communication between the Web server and the client. HTTPS is used for a SECUREcommunication.
What exactly is Secure Communication?
Suppose there exists two communication parties A (client) and
Working of HTTP
When A sends a message to B , the message is sent as a plain text unencrypted manner. This is acceptable in normalsituations where the messages exchanged are not confidential. But imagine a situation where A sends a PASSWORD to B .In this case, the password is also sent as a plain text. This has a serious security problem because, if an intruder (hacker)can gain unauthorized access to the ongoing communication between A and B , he can see the PASSWORDS since theyremain unencrypted. This scenario is using the following figure.
Now lets see the working of HTTPS
When A sends a PASSWORD (say " mypass ") to B , the message is sent in an encrypted format. The encrypted message isdecrypted on B ’s side. So even if the Hacker gains an unauthorized access to the ongoing communic ationbetween A and B he gets only the encrypted password (" xz54p6kd ") and not the original password. This is shown below.
www.hackingtech.co.tv
Page 216