5 Pictures to Help You Understand the Security Gap Between Http and Https

Crank Lee
Level Up Coding
Published in
4 min readFeb 25, 2024

--

Photo by Caspar Camille Rubin on Unsplash

HTTP is a transmission protocol that we have frequently used for a long time in the past. The data transmitted by the HTTP protocol is unencrypted, which means that sensitive information such as passwords, accounts, and transaction records filled in by users are all plaintext and can be leaked, stolen, or tampered with at any time, thus being exploited by hackers. Therefore, it is very unsafe to transmit private information using the HTTP protocol. But lo and behold — HTTPS appears! Our Internet history can only advance rapidly with its emergence. Now let’s take a look at this historical journey.

Disadvantages of HTTP

  • Communication using plaintext, the content may be eavesdropped
  • Without verifying the identity of the communicating party, there is a possibility of encountering impersonation
  • Unable to verify the integrity of messages, transmission may have been tampered with

How does HTTPS solve the trust issue?

Symmetric Encryption

Key Storage Issue:
The server side needs to store the key, which requires storage resources.

Create an account to read the full story.

The author made this story available to Medium members only.
If you’re new to Medium, create a new account to read this story on us.

Or, continue in mobile web

Already have an account? Sign in

--

--

No responses yet

What are your thoughts?