1
00:00:00,610 --> 00:00:09,400
Now Https consists of communication over Http within a connection encrypted by TLS.

2
00:00:09,430 --> 00:00:15,610
Transport layer security or its predecessor SSL, the secure sockets layer.

3
00:00:16,450 --> 00:00:22,960
The main motivation for Https is authentication of the visited website and protection of the privacy

4
00:00:22,960 --> 00:00:25,270
and integrity of the exchange data.

5
00:00:25,720 --> 00:00:31,390
So let's see how a typical encrypted connection between the server and the client is established.

6
00:00:31,980 --> 00:00:37,680
The client sends the information that the server needs to communicate with the client using SSL.

7
00:00:38,530 --> 00:00:44,140
This information contains the client's SSL version, numbers, cipher settings, and session specific

8
00:00:44,140 --> 00:00:44,710
data.

9
00:00:45,640 --> 00:00:51,160
The server then sends the information that the client needs to communicate with the server over SSL.

10
00:00:51,830 --> 00:00:54,680
The server also sends its own certificate.

11
00:00:55,910 --> 00:01:00,230
The client uses the information sent by the server to authenticate the server.

12
00:01:01,020 --> 00:01:08,490
So using all data generated in the handshake thus far, the client creates the pre master secret for

13
00:01:08,490 --> 00:01:15,780
the session, encrypts it with the server's public key, and then sends the encrypted pre master secret

14
00:01:15,780 --> 00:01:16,740
to the server.

15
00:01:17,460 --> 00:01:22,530
The server uses its private key to decrypt the master secret.

16
00:01:23,410 --> 00:01:28,960
And both the client and the server perform a series of steps to generate the master secret.

17
00:01:30,140 --> 00:01:37,250
Then they use the master secret to generate the session keys which are symmetric keys used to encrypt

18
00:01:37,250 --> 00:01:42,590
and decrypt information exchanged during the SSL session and to verify its integrity.

19
00:01:43,760 --> 00:01:49,340
The client sends a separate message indicating that the client portion of the handshake is finished.

20
00:01:49,970 --> 00:01:56,120
And the server sends a separate message indicating that the server portion of the handshake is finished.