The Keys

HTTPS needs a way to provide privacy, integrity, and identification on the web.

And that mechanism is called "encryption".

Let's talk about the two types of encryption algorithms.

Now, where did I put those keys?

Finally!

Let's start with the symmetric key algorithm.

Avocado toastsecret recipe1 toast10ml oliveoil1 avocado1Ao3/+1gc9AAg09omp02bu29=td18boXlJte4$d$w0op/e32bmq3+te323BBACQQjpo8
In this scenario, there is only one key to encrypt and decrypt a message.
Before sending a message to BrowserBird, I encrypt the message with a key.
You can think of the encryption process like putting the message in a box and locking the box with a key.
Only the person that has a copy of the key can open the box and read the message.
This guarantees that the box cannot be opened until it reaches the person with the right key.
Avocado toastsecret recipe
When Browserbird gets the box, they use their key to open it and read the message.
It's important that the key is kept private. You should not share the key in plain text, or send it with the box. Or keep it in your pocket.

Remember, anyone with the key can open the box.

Using the box is a nice visual to understand encryption, but it's really oversimplifying it.

Let's fix that!

HE770 - D/_/^^ΓΏ
In reality, anyone looking at the message without the key only sees nonsense text.
QABAAACAQDOYfE2/XicARu05UnxGEgTLXGqFXDYe1ZkfSLpaSvTP2UniuqU53edS8THYNHo1TrMOTMcLCNAm2mCKI1uXXsHM8kpPvLnciGYoXcrSOf5UDXY4iUe...
This text was generated by an encryption algorithm.
H3La

Which is a fancy way to say that the text was scrambled through a series of steps.

Avocado Toast4v0(a)o 7o45t4vA*r0(a/_t)o 7QAo4jt5et&t
It was transformed and spread out multiple times. Each time obfuscating the message further.
Avocado Toast4v0(a)o 7o45t4vA*r0(a/_t)o 7QAo4jt5et&t
To decrypt a message, we just need to apply the same steps, but in reverse order.
AvocadoToastZkfSLpaSvTP2UniuqU5...
The encryption key is mixed in with the message, so even if you know the encryption algorithm, without the key, the message is still nonsense.
vk7pwbmi+4xSYdNnXO6qPCXBt27J1L7YBqQGjzn0zq+CW9qPdlnnOWqTXPymxtVq+UYomZwlJXtAw6wxQxoBPLktjsbh/swgXZiTpOduoN1UsOH/1kfVKV33QjvUCwCzq+CW9qUnxGEgTL+3...
Here is what a key might look like.
One main issue with symmetric keys is that they are hard to share.

you have to be super careful with how you distribute the key.

This brings us to asymmetric keys.

The main difference with symmetric keys, is that you have 2 keys.

One key is public, the other one is private. They are paired and work together.

Share your public key with anyone. Send it in plain text, make stickers, tattoos. Anything you want! It's public!

I like tattoos.

Compugter is sending their public key to BrowserBird.

And now I am sending a message back to them encrypting it with their public key.

In other words, BrowserBird puts the message in a box and locks it with Compugter's public key.

I can now use my private key to read the message.

That's the main idea. Only the private key can open a box locked with the public key pair.

I use Browserbird public key to send them another message.

This is great not only for privacy, but also for identification since we know for sure that only the owner of the 2 keys can open the message.

Next, we'll be looking at how symmetric and asymmetric keys play a role when we connect to a site with SSL.

Next on HowHTTPS.works...

Hurray for encryption! What's next? Learn the secret handshake between your browser and the internet that makes your information safe and secured.

Continue reading