HTTPS

HTTPS (Hypertext Transfer Protocol Secure), the secure update of HTTP, uses an authentication process to encrypt the connection between web browsers (or clients) and servers. This process overlays Transport Layer Security (TLS), or what used to be SSL, onto HTTP.

How does HTTPS work?

TLS uses symmetric cryptography to transfer data between a browser and a website. This involves a handshake process that verifies the server’s digital certificate, which provides evidence it can provide a reliable public key. A certificate authority verifies that the server is trustworthy by signing their digital certificate. Once the server has been authenticated, it generates a random session key that encrypts the data transfer between server and browser for the duration of the connection, or session.

HTTPS can also include mutual authentication, where the client or user is required to verify their identity as well. This is important when accessing business accounts or files that should only be viewed by specific users. HTTPS has become so important that some browsers, notably Google Chrome, notify users directly if a browser only uses HTTP. Even so, not all websites (even ones that would benefit from extra security) have adopted HTTPS. The protocol is gaining popularity, even among websites that don’t process transactions or sensitive information.

What is forward secrecy?

Forward secrecy is a feature of HTTPS that further increases security. In the past, an encryption key would be used for multiple browser sessions. If a hacker finally managed to crack the encryption key, which though difficult is possible, they’d have access to all of the web sessions or transactions that used that key. But forward secrecy ensures that every session has its own key. Perfect forward secrecy generates a new encryption key for every new online transaction, even if that’s only a page refresh or a new message within an app.

Jenna Phipps
Jenna Phipps is a contributor for websites such as Webopedia.com and Enterprise Storage Forum. She writes about information technology security, networking, and data storage. Jenna lives in Nashville, TN.

Top Articles

List of Windows Operating System Versions & History [In Order]

The Windows operating system (Windows OS) refers to a family of operating systems developed by Microsoft Corporation. We look at the history of Windows...

How to Create a Website Shortcut on Your Desktop

Website Shortcut on Your Desktop reviewed by Web Webster   This Webopedia guide will show you how to create a website shortcut on your desktop using...

What are the Five Generations of Computers? (1st to 5th)

Reviewed by Web Webster Learn about each of the 5 generations of computers and major technology developments that have led to the computing devices that...

Hotmail [Outlook] Email Accounts

Launched in 1996, Hotmail was one of the first public webmail services that could be accessed from any web browser. At its peak in...

Merkle Tree

Merkle trees—or hash trees—are cryptographic algorithms allowing for the efficient validation...

Nimble CRM

Nimble CRM is a social CRM (customer relationship management) with sales and marketing...

What is Insightly CRM?

Insightly CRM is customer relationship management (CRM) software that focuses on an intuitive,...