5 Pictures to Help You Understand the Security Gap Between Http and Https
HTTP is a transmission protocol that we have frequently used for a long time in the past. The data transmitted by the HTTP protocol is unencrypted, which means that sensitive information such as passwords, accounts, and transaction records filled in by users are all plaintext and can be leaked, stolen, or tampered with at any time, thus being exploited by hackers. Therefore, it is very unsafe to transmit private information using the HTTP protocol. But lo and behold — HTTPS appears! Our Internet history can only advance rapidly with its emergence. Now let’s take a look at this historical journey.
Disadvantages of HTTP
- Communication using plaintext, the content may be eavesdropped
- Without verifying the identity of the communicating party, there is a possibility of encountering impersonation
- Unable to verify the integrity of messages, transmission may have been tampered with
How does HTTPS solve the trust issue?
Symmetric Encryption
Key Storage Issue:
The server side needs to store the key, which requires storage resources.