Part 1 - Why HTTP to HTTPS
In this article I’ll explain what is HTTP and HTTPS, their purpose and why we swtiched from HTTP to HTTPS
What is HTTP:
HTTP is a stateless application-level protocol and it requires a reliable network transport connection to exchange data between client and server.
In HTTP implementations TCP/IP connections are used using the port 80 , which considered to be unencrypted.
Request and Response:
Data is exchanged through a squence of request-response messages which are exchanged by a session layer transport connection.
All HTTP client initally tries to connect to a server establishing a connection.
The HTTP server listening on that port accepts the connection and then waits for a client’s request message. The client sends its request to the server and the server responds to the client with a HTTP response message.
A Typical HTTP request:
A Typical HTTP response:
For futher understanding the “unencrypted” part of the HTTP, I’ll give some Clips of my WebApp which is using HTTP.
In the following explanation I’ll be sniffing the traffic using Wireshark to analyse the traffic.
For my account in the Webapp, i use,
Username: giri
Password : giri
Before clicking the signin button i turned my wireshark on to sniff the traffic.
After clicking the signin button the client speaks to the server and the server responds.
Here we can see the traffic i.e our username and password in a clear text, which is a security issue.
Always remember this:
In the early days,technologies were built without security in mind.
Lets look at HTTPS:
I have done the same login here but i used HTTPS.
And you can only see some jibber jabbers in the sniffed traffic.
What is HTTPS:
Hypertext transfer protocol secure (HTTPS) is the secure version of HTTP, which is the primary protocol used to send data between a web browser and a website. HTTP is encrypted in order to increase security of data transfer.
The protocol is therefore also referred to as HTTP over TLS or HTTP over SSL.
HTTPS URLs begin with “https://” and use port 443 by default.
Network layers:
HTTP operates at the highest layer of the TCP/IP model — the application layer.
As does the TLS security protocol (operating as a lower sublayer of the same layer), which encrypts an HTTP message prior to transmission and decrypts a message upon arrival.
Strictly speaking, HTTPS is not a separate protocol, but refers to the use of ordinary HTTP over an encrypted SSL/TLS connection.
As per the above image, the SSL/TLS functions above TCP but below HTTP
Evolution of SSL/TLS:
SSL and TLS is often called interchangeably. But TLS is successor to SSL
The above pic represents the evloution of SSL to TLS over the years.
Here SSL 3.0 is the foundation for the TLS versions we use today.
Where they introduced the concept of certificate chain.
Usage over the years:
Above pic represents the usage percentage of the protocols on September 2014.
But in Novermber 2014 as we see above, there is massive difference in SSL v3.0.
This difference is caused by Poodle attack that happened in October 2014.
Above is the percentage of protocol used as of January 2022.
“The End”
In this article, I’ve shown you one of the reasons of using HTTPS to HTTP.
In the upcoming article I’ll be diving deep into the HTTPS.
I hope this article gives you an idea on analysing a network packet.
I will recommend you to try it yourself , as it will give an experience.
Finally I thank whoever reading this, for spending your valuable time on my article.
Author: Girithar Ram R
Contact: https://www.linkedin.com/in/girithar-ram-ravindran-a4341017b/s
