SSL / TLS encryption example
With SSL / TLS, the connection is always https for security reasons. All the information exchanged would pass in clear.
Imagine that you want to connect to your bank, you will type the address of your bank in https on your browser:
- You will send a secure connection request to your bank
- Your bank will then send you its certificate with its public key
- Your browser verifies the signature of the certificate and its validity. You should know that the browser already has a certain number of CA public keys in its database
- Then the browser will take the public key of the CA that has certified the certificate of the bank.
- He will decipher the signature of the certificate, if he succeeds. This means that the certificate is trusted because only the CA has its private key
- If everything is OK, the client and the server negotiate together to agree on an encryption algorithm and a common secret key that they will use for this exchange session, known only to 2 as in cryptography symmetrical
- It is with this key that you will encrypt and decrypt your exchanges with your bank and therefore communicate securely